Trojan p2p-downloader
Dernière réponse : dans Sécurité
Bonjour,
Malwarebytes' Anti-Malware me trouve ce virus : trojan p2p-downloader.
Il me le trouve dans ce répertoire : c:\temp\avast5\unp266221666.tmp.
Je n’utilise aucun logiciel de téléchargement et je n’arrive pas à identifier ce trojan grâce à google.
Pouvez vous me dire c’est quoi ce trojan et ce que je risque.
Y a t'il un anti- trojan gratuit plus éfficace?
Merci.
Malwarebytes' Anti-Malware me trouve ce virus : trojan p2p-downloader.
Il me le trouve dans ce répertoire : c:\temp\avast5\unp266221666.tmp.
Je n’utilise aucun logiciel de téléchargement et je n’arrive pas à identifier ce trojan grâce à google.
Pouvez vous me dire c’est quoi ce trojan et ce que je risque.
Y a t'il un anti- trojan gratuit plus éfficace?
Merci.
Autres pages sur : trojan p2p downloader
Lassé par la pub ? Créez un compte
Bonjour
keuvain65 merci d'arrêter de flooder cette section ou c'est la sanction.![:o]( ":o")
+++++++++++++
nouwas
1
poste ton rapport Malwarebytes' Anti-Malware
Aide : Comment utiliser MBAM.
2
Télécharge![]()
DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
keuvain65 merci d'arrêter de flooder cette section ou c'est la sanction.
+++++++++++++
nouwas
1
poste ton rapport Malwarebytes' Anti-Malware
Aide :
2
Télécharge
DDS et sauvegarde-le sur ton bureau.
Bonsoir,
Ci- joint le rapport DDS. txt:
DDS (Ver_11-03-05.01) - NTFSx86
Run by GASDOUR at 19:31:22,28 on 23/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1072 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\GASDOUR\Mes documents\Téléchargements\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.fr/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.fr/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: H - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: {3049c3e9-b461-4bc5-8870-4c09146192ca} - RealPlayer Download and Record Plugin for Internet Explorer
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Foxit Toolbar
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {147D6308-0614-4112-89B1-31402F9B82C4} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EPSON SX110 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifbe.exe /fu "c:\windows\temp\E_S221.tmp" /EF "HKCU"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [!AVG Anti-Spyware] "c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe" /minimized
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [Anti Trojan Elite] c:\program files\anti trojan elite\TJEnder.exe :NO
dRunOnce: [Config] %systemroot%\system32\run.cmd
dRunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
uPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1)
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-explorer: NoWelcomeScreen = 1 (0x1)
dPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1)
dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: NoWelcomeScreen = 1 (0x1)
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_0_5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
SEH: CShellExecuteHookImpl Object: {57b86673-276a-48b2-bae7-c6dbb3020eb8} - c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\gasdour\applic~1\mozilla\firefox\profiles\ievownb1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - qtl
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 4444
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 4444
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4444
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 4444
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4444
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\gasdour\application data\mozilla\firefox\profiles\ievownb1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\gasdour\application data\mozilla\firefox\profiles\ievownb1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Dictionnaire français «Classique»: fr-FR@dictionaries.addons.mozilla.org - %profile%\extensions\fr-FR@dictionaries.addons.mozilla.org
FF - Ext: Dictionnaire français «Réforme 1990»: fr@dictionaries.addons.mozilla.org - %profile%\extensions\fr@dictionaries.addons.mozilla.org
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - %profile%\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\mozilla firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 99561572;99561572 Boot Guard Driver;c:\windows\system32\drivers\99561572.sys [2010-11-16 37392]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
R1 99561571;99561571;c:\windows\system32\drivers\99561571.sys [2010-11-16 128016]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-22 294608]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;c:\program files\grisoft\avg anti-spyware 7.5\guard.sys [2007-5-30 11000]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver;c:\windows\system32\drivers\AvgAsCln.sys [2011-3-8 10872]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-9-23 475736]
R1 setup_9.0.0.722_13.11.2010_20-13drv;setup_9.0.0.722_13.11.2010_20-13drv;c:\windows\system32\drivers\9956157.sys [2010-11-16 315408]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\fichiers communs\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-22 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-22 40384]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard;c:\program files\grisoft\avg anti-spyware 7.5\guard.exe [2007-5-30 312880]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-7-9 54760]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
R3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [2008-3-26 6369]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\superadblocker.com\super ad blocker\sabkutil.sys --> c:\program files\superadblocker.com\super ad blocker\SABKUTIL.sys [?]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\anti trojan elite\atepmon.sys --> c:\program files\anti trojan elite\ATEPMon.sys [?]
S2 AVP;Kaspersky Anti-Virus Service; [x]
S2 gupdate1c98e13c8f6bdca;Service Google Update (gupdate1c98e13c8f6bdca);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
S3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\drivers\hdvidv.sys --> c:\windows\system32\drivers\HDvidv.sys [?]
S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys --> c:\windows\system32\drivers\camfilt2.sys [?]
S3 DOSMEMIO;MEMIO;\??\d:\memio.sys --> d:\MEMIO.SYS [?]
S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\drivers\epusbsto.sys [2001-9-10 17976]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-12-29 100480]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-1-24 310640]
S3 ovt530;Webcam Classic;c:\windows\system32\drivers\ov530vid.sys --> c:\windows\system32\drivers\ov530vid.sys [?]
.
=============== File Associations ===============
.
regfile=regedit.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-03-22 22:17:30 -------- d-----w- c:\program files\Anti Trojan Elite
2011-03-22 22:02:10 -------- d-----w- c:\docume~1\gasdour\locals~1\applic~1\PackageAware
2011-03-21 11:50:26 86528 ----a-w- c:\windows\system32\E_FLBFBE.DLL
2011-03-21 11:50:26 78848 ----a-w- c:\windows\system32\E_FD4BFBE.DLL
2011-03-21 11:46:27 155648 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iuser.dll
2011-03-21 11:46:26 57344 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\ctor.dll
2011-03-21 11:46:26 5632 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-03-21 11:46:26 237568 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iscript.dll
2011-03-21 11:46:25 696320 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-03-21 11:46:24 163972 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-03-21 11:46:22 282756 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\setup.dll
2011-03-21 11:44:44 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2011-03-21 11:42:24 80024 ----a-w- c:\windows\system32\PICSDK.dll
2011-03-21 11:42:24 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2011-03-21 11:42:24 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2011-03-21 11:42:24 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2011-03-21 11:42:24 108704 ----a-w- c:\windows\system32\PICEntry.dll
2011-03-17 13:57:20 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-03-17 13:57:17 93696 ----a-w- c:\windows\system32\E_FLBGCE.DLL
2011-03-17 13:57:17 63488 ----a-w- c:\windows\system32\E_FD4BGCE.DLL
2011-03-17 13:51:15 -------- d-----w- c:\program files\Epson Software
2011-03-17 13:49:46 -------- d-----w- c:\docume~1\gasdour\locals~1\applic~1\ABBYY
2011-03-17 13:44:48 -------- d-----w- c:\program files\fichiers communs\ABBYY
2011-03-17 13:44:48 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2011-03-17 13:44:48 -------- d-----w- c:\docume~1\alluse~1\applic~1\ABBYY
2011-03-17 13:43:25 457611 ----a-w- c:\windows\system32\ensppui.dll
2011-03-17 13:43:25 251392 ----a-w- c:\windows\system32\enspres.dll
2011-03-17 13:43:24 474892 ----a-w- c:\windows\system32\ensppmon.dll
2011-03-17 13:43:24 474892 ----a-w- c:\windows\system32\enppmon.dll
2011-03-17 13:43:24 457611 ----a-w- c:\windows\system32\enppui.dll
2011-03-17 13:43:24 251392 ----a-w- c:\windows\system32\enpres.dll
2011-03-17 13:42:55 -------- d-----w- c:\program files\fichiers communs\EPSON
2011-03-17 13:41:44 -------- d-----w- c:\program files\EpsonNet
2011-03-17 13:38:44 -------- d-----w- c:\docume~1\alluse~1\applic~1\EPSON
2011-03-17 13:38:15 15872 ----a-w- c:\windows\system32\escdev.dll
2011-03-17 13:38:15 128392 ----a-w- c:\windows\system32\esdevapp.exe
2011-03-17 13:38:14 342016 ----a-w- c:\windows\system32\eswiaud.dll
2011-03-14 07:39:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-03-09 16:11:27 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-09 16:11:27 790528 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-09 16:11:27 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-09 16:11:27 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-09 16:11:27 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-09 16:11:26 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-09 16:11:23 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-08 20:51:00 -------- d-----w- c:\docume~1\gasdour\applic~1\Grisoft
2011-03-08 20:51:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Grisoft
2011-03-08 20:50:43 10872 ----a-w- c:\windows\system32\drivers\AvgAsCln.sys
2011-03-07 11:49:56 1581056 ----a-w- c:\windows\system32\mplvw7.dll
2011-03-07 11:49:48 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2011-02-24 10:52:53 -------- d-----w- c:\docume~1\alluse~1\applic~1\iFgCePl06504
2011-02-24 10:51:25 -------- d-----w- c:\docume~1\gasdour\applic~1\Foxit Software
.
==================== Find3M ====================
.
2011-02-13 15:55:19 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-02-09 13:54:09 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54:09 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:59:09 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-26 11:40:36 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-01-26 11:40:36 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-01-26 11:40:30 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-01-21 14:44:12 441344 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2011-01-08 03:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27:00 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27:00 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27:00 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27:00 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27:00 2292678 ----a-w- c:\windows\system32\nvdata.bin
2011-01-08 03:27:00 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27:00 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27:00 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-08 03:27:00 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04:24 1855104 ----a-w- c:\windows\system32\win32k.sys
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
.
============= FINISH: 19:33:30,89 ===============
Ci- joint le rapport DDS. txt:
DDS (Ver_11-03-05.01) - NTFSx86
Run by GASDOUR at 19:31:22,28 on 23/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1072 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Kaspersky Anti-Virus *Enabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\GASDOUR\Mes documents\Téléchargements\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.fr/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.fr/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: H - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: {3049c3e9-b461-4bc5-8870-4c09146192ca} - RealPlayer Download and Record Plugin for Internet Explorer
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Foxit Toolbar
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {147D6308-0614-4112-89B1-31402F9B82C4} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EPSON SX110 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifbe.exe /fu "c:\windows\temp\E_S221.tmp" /EF "HKCU"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [!AVG Anti-Spyware] "c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe" /minimized
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [Anti Trojan Elite] c:\program files\anti trojan elite\TJEnder.exe :NO
dRunOnce: [Config] %systemroot%\system32\run.cmd
dRunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
uPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1)
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
uPolicies-explorer: NoWelcomeScreen = 1 (0x1)
dPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1)
dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: NoWelcomeScreen = 1 (0x1)
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_0_5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
SEH: CShellExecuteHookImpl Object: {57b86673-276a-48b2-bae7-c6dbb3020eb8} - c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\gasdour\applic~1\mozilla\firefox\profiles\ievownb1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - qtl
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 4444
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 4444
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4444
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 4444
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4444
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\gasdour\application data\mozilla\firefox\profiles\ievownb1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\gasdour\application data\mozilla\firefox\profiles\ievownb1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - component: c:\program files\free download manager\firefox\extension\components\vmsfdmff.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Dictionnaire français «Classique»: fr-FR@dictionaries.addons.mozilla.org - %profile%\extensions\fr-FR@dictionaries.addons.mozilla.org
FF - Ext: Dictionnaire français «Réforme 1990»: fr@dictionaries.addons.mozilla.org - %profile%\extensions\fr@dictionaries.addons.mozilla.org
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: myBabylon English Toolbar: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - %profile%\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\mozilla firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 99561572;99561572 Boot Guard Driver;c:\windows\system32\drivers\99561572.sys [2010-11-16 37392]
R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
R1 99561571;99561571;c:\windows\system32\drivers\99561571.sys [2010-11-16 128016]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-22 294608]
R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;c:\program files\grisoft\avg anti-spyware 7.5\guard.sys [2007-5-30 11000]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver;c:\windows\system32\drivers\AvgAsCln.sys [2011-3-8 10872]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-9-23 475736]
R1 setup_9.0.0.722_13.11.2010_20-13drv;setup_9.0.0.722_13.11.2010_20-13drv;c:\windows\system32\drivers\9956157.sys [2010-11-16 315408]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\fichiers communs\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-22 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-22 40384]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard;c:\program files\grisoft\avg anti-spyware 7.5\guard.exe [2007-5-30 312880]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-7-9 54760]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
R3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [2008-3-26 6369]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\superadblocker.com\super ad blocker\sabkutil.sys --> c:\program files\superadblocker.com\super ad blocker\SABKUTIL.sys [?]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\anti trojan elite\atepmon.sys --> c:\program files\anti trojan elite\ATEPMon.sys [?]
S2 AVP;Kaspersky Anti-Virus Service; [x]
S2 gupdate1c98e13c8f6bdca;Service Google Update (gupdate1c98e13c8f6bdca);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
S3 APL531;Hercules Dualpix HD Webcam;c:\windows\system32\drivers\hdvidv.sys --> c:\windows\system32\drivers\HDvidv.sys [?]
S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys --> c:\windows\system32\drivers\camfilt2.sys [?]
S3 DOSMEMIO;MEMIO;\??\d:\memio.sys --> d:\MEMIO.SYS [?]
S3 EPUSBSTOR;EPSON USB Storage Driver;c:\windows\system32\drivers\epusbsto.sys [2001-9-10 17976]
S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-12-29 100480]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-1-24 310640]
S3 ovt530;Webcam Classic;c:\windows\system32\drivers\ov530vid.sys --> c:\windows\system32\drivers\ov530vid.sys [?]
.
=============== File Associations ===============
.
regfile=regedit.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-03-22 22:17:30 -------- d-----w- c:\program files\Anti Trojan Elite
2011-03-22 22:02:10 -------- d-----w- c:\docume~1\gasdour\locals~1\applic~1\PackageAware
2011-03-21 11:50:26 86528 ----a-w- c:\windows\system32\E_FLBFBE.DLL
2011-03-21 11:50:26 78848 ----a-w- c:\windows\system32\E_FD4BFBE.DLL
2011-03-21 11:46:27 155648 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iuser.dll
2011-03-21 11:46:26 57344 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\ctor.dll
2011-03-21 11:46:26 5632 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2011-03-21 11:46:26 237568 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iscript.dll
2011-03-21 11:46:25 696320 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iKernel.dll
2011-03-21 11:46:24 163972 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\iGdi.dll
2011-03-21 11:46:22 282756 ----a-w- c:\program files\fichiers communs\installshield\professional\runtime\0701\intel32\setup.dll
2011-03-21 11:44:44 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2011-03-21 11:42:24 80024 ----a-w- c:\windows\system32\PICSDK.dll
2011-03-21 11:42:24 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2011-03-21 11:42:24 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2011-03-21 11:42:24 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2011-03-21 11:42:24 108704 ----a-w- c:\windows\system32\PICEntry.dll
2011-03-17 13:57:20 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-03-17 13:57:17 93696 ----a-w- c:\windows\system32\E_FLBGCE.DLL
2011-03-17 13:57:17 63488 ----a-w- c:\windows\system32\E_FD4BGCE.DLL
2011-03-17 13:51:15 -------- d-----w- c:\program files\Epson Software
2011-03-17 13:49:46 -------- d-----w- c:\docume~1\gasdour\locals~1\applic~1\ABBYY
2011-03-17 13:44:48 -------- d-----w- c:\program files\fichiers communs\ABBYY
2011-03-17 13:44:48 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2011-03-17 13:44:48 -------- d-----w- c:\docume~1\alluse~1\applic~1\ABBYY
2011-03-17 13:43:25 457611 ----a-w- c:\windows\system32\ensppui.dll
2011-03-17 13:43:25 251392 ----a-w- c:\windows\system32\enspres.dll
2011-03-17 13:43:24 474892 ----a-w- c:\windows\system32\ensppmon.dll
2011-03-17 13:43:24 474892 ----a-w- c:\windows\system32\enppmon.dll
2011-03-17 13:43:24 457611 ----a-w- c:\windows\system32\enppui.dll
2011-03-17 13:43:24 251392 ----a-w- c:\windows\system32\enpres.dll
2011-03-17 13:42:55 -------- d-----w- c:\program files\fichiers communs\EPSON
2011-03-17 13:41:44 -------- d-----w- c:\program files\EpsonNet
2011-03-17 13:38:44 -------- d-----w- c:\docume~1\alluse~1\applic~1\EPSON
2011-03-17 13:38:15 15872 ----a-w- c:\windows\system32\escdev.dll
2011-03-17 13:38:15 128392 ----a-w- c:\windows\system32\esdevapp.exe
2011-03-17 13:38:14 342016 ----a-w- c:\windows\system32\eswiaud.dll
2011-03-14 07:39:24 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-03-09 16:11:27 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-09 16:11:27 790528 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-09 16:11:27 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-09 16:11:27 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-09 16:11:27 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-09 16:11:26 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-09 16:11:23 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-08 20:51:00 -------- d-----w- c:\docume~1\gasdour\applic~1\Grisoft
2011-03-08 20:51:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Grisoft
2011-03-08 20:50:43 10872 ----a-w- c:\windows\system32\drivers\AvgAsCln.sys
2011-03-07 11:49:56 1581056 ----a-w- c:\windows\system32\mplvw7.dll
2011-03-07 11:49:48 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2011-02-24 10:52:53 -------- d-----w- c:\docume~1\alluse~1\applic~1\iFgCePl06504
2011-02-24 10:51:25 -------- d-----w- c:\docume~1\gasdour\applic~1\Foxit Software
.
==================== Find3M ====================
.
2011-02-13 15:55:19 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-02-09 13:54:09 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:54:09 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:59:09 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-26 11:40:36 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-01-26 11:40:36 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-01-26 11:40:30 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-01-21 14:44:12 441344 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2011-01-08 03:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27:00 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27:00 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27:00 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27:00 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27:00 2292678 ----a-w- c:\windows\system32\nvdata.bin
2011-01-08 03:27:00 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27:00 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27:00 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-08 03:27:00 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04:24 1855104 ----a-w- c:\windows\system32\win32k.sys
2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
.
============= FINISH: 19:33:30,89 ===============
re
il est ou Malwarebytes' Anti-Malware ?
tu dis:
Il me le trouve dans ce répertoire : c:\temp\avast5\unp266221666.tmp.
mais je ne le vois pas...
je vois:
AVG Anti-Spyware 7.5 que tu peux désinstaller car c'est plus qu'obsolète...![:)]( ":)")
anti trojan elite même chose, ça ne sert à rien...
++++++++++++++
Télécharge ![]()
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Scanner.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
il est ou Malwarebytes' Anti-Malware ?
tu dis:
Citation :
Malwarebytes' Anti-Malware me trouve ce virus : trojan p2p-downloader.Il me le trouve dans ce répertoire : c:\temp\avast5\unp266221666.tmp.
mais je ne le vois pas...
je vois:
AVG Anti-Spyware 7.5 que tu peux désinstaller car c'est plus qu'obsolète...
anti trojan elite même chose, ça ne sert à rien...
++++++++++++++
Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau./!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
Bonsoir,
Ci-joint le rapport de Malwarebytes' Anti-Malware :
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6130
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
22/03/2011 15:12:01
mbam-log-2011-03-22 (15-12-01).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 241105
Temps écoulé: 1 heure(s), 10 minute(s), 59 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\windows\temp\_avast5_\unp266221666.tmp (Trojan.P2P.Downloader) -> Quarantined and deleted successfully.
Ci-joint le rapport de Malwarebytes' Anti-Malware :
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6130
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
22/03/2011 15:12:01
mbam-log-2011-03-22 (15-12-01).txt
Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 241105
Temps écoulé: 1 heure(s), 10 minute(s), 59 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\windows\temp\_avast5_\unp266221666.tmp (Trojan.P2P.Downloader) -> Quarantined and deleted successfully.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus trojan downloader
- ForumDownload trojan virus
- ForumTrojan downloader win32.conhook.hl
- ForumTrojan infectee trojan lopad.b downloader
- ForumInfecte par un trojan downloader zlob
- ForumTrojan downloader
- ForumTrojan horse downloader
- ForumVirus infecte par un trojan downloader.
- ForumVirus trojan downloader small
- ForumInfectee par trojan downloader
- Voir plus
