Rapport hijackthis
Dernière réponse : dans Sécurité
Voila j'ai plein de probleme avec mon ordi je vous poste le rapport pourriez vous m'aider svp
Logfile of HijackThis v1.99.1
Scan saved at 19:46:12, on 19/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\netconf32.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\sfx.exe
C:\WINDOWS\System32\win32oleupdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\oleupdate.exe
C:\WINDOWS\System32\dres.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\snddrv.exe
C:\Documents and Settings\snake\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ATLDistrib Object - {83A5F7B7-DC75-44CE-9195-264F41709FA9} - C:\WINDOWS\System32\mlljg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DRam prosessor] dres.exe
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\sfx.exe
O4 - HKLM\..\Run: [Services] c:\sxe33.tmp
O4 - HKLM\..\Run: [Windowsz] rwnt.exe
O4 - HKLM\..\Run: [Win32 Update] C:\WINDOWS\System32\win32oleupdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Win Update] C:\WINDOWS\System32\oleupdate.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dres.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: mlljg - C:\WINDOWS\System32\mlljg.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: netconf32 - Unknown owner - C:\WINDOWS\netconf32.exe
Logfile of HijackThis v1.99.1
Scan saved at 19:46:12, on 19/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\netconf32.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\sfx.exe
C:\WINDOWS\System32\win32oleupdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\oleupdate.exe
C:\WINDOWS\System32\dres.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\snddrv.exe
C:\Documents and Settings\snake\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ATLDistrib Object - {83A5F7B7-DC75-44CE-9195-264F41709FA9} - C:\WINDOWS\System32\mlljg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DRam prosessor] dres.exe
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\sfx.exe
O4 - HKLM\..\Run: [Services] c:\sxe33.tmp
O4 - HKLM\..\Run: [Windowsz] rwnt.exe
O4 - HKLM\..\Run: [Win32 Update] C:\WINDOWS\System32\win32oleupdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Win Update] C:\WINDOWS\System32\oleupdate.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dres.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: mlljg - C:\WINDOWS\System32\mlljg.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: netconf32 - Unknown owner - C:\WINDOWS\netconf32.exe
Autres pages sur : rapport hijackthis
Lassé par la pub ? Créez un compte
Regarde mon post en haut qui a ete modifie
Télécharge VundoFix sur ton Bureau.
www.atribune.org/ccount/click.php?id=4
. Double-clique VundoFix.exe.
. Coche la case "Run VundoFix as a task".
Attends le redemarrage de Vundofix
. Clique sur le bouton Scan for Vundo.
. Puis clique sur le bouton Remove Vundo.
. Ensuite sur yes pour confirmer
. Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
. Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
. Démarre ton PC à nouveau.
. Colle le rapport situé dans C:\vundofix.txt ici.
Télécharge VundoFix sur ton Bureau.
www.atribune.org/ccount/click.php?id=4
. Double-clique VundoFix.exe.
. Coche la case "Run VundoFix as a task".
Attends le redemarrage de Vundofix
. Clique sur le bouton Scan for Vundo.
. Puis clique sur le bouton Remove Vundo.
. Ensuite sur yes pour confirmer
. Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
. Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
. Démarre ton PC à nouveau.
. Colle le rapport situé dans C:\vundofix.txt ici.
voila je poste le rapport de vundofix
et encore merci de m'aider
VundoFix V4.2.26
Scan started at 20:45:57 19/02/2006
Listing files found while scanning....
C:\WINDOWS\System32\mlljg.dll
C:\WINDOWS\System32\gjllm.ini
C:\WINDOWS\System32\gjllm.bak1
C:\WINDOWS\System32\gjllm.bak2
C:\WINDOWS\System32\gjllm.ini2
C:\WINDOWS\System32\gjllm.tmp
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\gjllm.bak2
C:\WINDOWS\system32\gjllm.tmp
C:\WINDOWS\system32\gjllm.ini
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\mlljg.dll
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\gjllm.bak2
C:\WINDOWS\system32\gjllm.tmp
C:\WINDOWS\system32\gjllm.ini
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\mlljg.dll
Attempting to delete C:\WINDOWS\System32\mlljg.dll
C:\WINDOWS\System32\mlljg.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.ini
C:\WINDOWS\System32\gjllm.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.bak1
C:\WINDOWS\System32\gjllm.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.bak2
C:\WINDOWS\System32\gjllm.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.ini2
C:\WINDOWS\System32\gjllm.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.tmp
C:\WINDOWS\System32\gjllm.tmp Has been deleted!
Performing Repairs to the registry.
Done!
et encore merci de m'aider
VundoFix V4.2.26
Scan started at 20:45:57 19/02/2006
Listing files found while scanning....
C:\WINDOWS\System32\mlljg.dll
C:\WINDOWS\System32\gjllm.ini
C:\WINDOWS\System32\gjllm.bak1
C:\WINDOWS\System32\gjllm.bak2
C:\WINDOWS\System32\gjllm.ini2
C:\WINDOWS\System32\gjllm.tmp
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\gjllm.bak2
C:\WINDOWS\system32\gjllm.tmp
C:\WINDOWS\system32\gjllm.ini
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\mlljg.dll
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\gjllm.bak2
C:\WINDOWS\system32\gjllm.tmp
C:\WINDOWS\system32\gjllm.ini
C:\WINDOWS\system32\gjllm.ini2
C:\WINDOWS\system32\mlljg.dll
Attempting to delete C:\WINDOWS\System32\mlljg.dll
C:\WINDOWS\System32\mlljg.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.ini
C:\WINDOWS\System32\gjllm.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.bak1
C:\WINDOWS\System32\gjllm.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.bak2
C:\WINDOWS\System32\gjllm.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.ini2
C:\WINDOWS\System32\gjllm.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gjllm.tmp
C:\WINDOWS\System32\gjllm.tmp Has been deleted!
Performing Repairs to the registry.
Done!
voila le rapport
Logfile of HijackThis v1.99.1
Scan saved at 21:11:35, on 19/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\netconf32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\system32\snddrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\sfx.exe
C:\WINDOWS\System32\win32oleupdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\dres.exe
C:\WINDOWS\System32\oleupdate.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\snake\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DRam prosessor] dres.exe
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\sfx.exe
O4 - HKLM\..\Run: [Services] c:\sxe33.tmp
O4 - HKLM\..\Run: [Windowsz] rwnt.exe
O4 - HKLM\..\Run: [Win32 Update] C:\WINDOWS\System32\win32oleupdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Win Update] C:\WINDOWS\System32\oleupdate.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dres.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: netconf32 - Unknown owner - C:\WINDOWS\netconf32.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:11:35, on 19/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\netconf32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\system32\snddrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\sfx.exe
C:\WINDOWS\System32\win32oleupdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\dres.exe
C:\WINDOWS\System32\oleupdate.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\snake\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DRam prosessor] dres.exe
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\sfx.exe
O4 - HKLM\..\Run: [Services] c:\sxe33.tmp
O4 - HKLM\..\Run: [Windowsz] rwnt.exe
O4 - HKLM\..\Run: [Win32 Update] C:\WINDOWS\System32\win32oleupdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Win Update] C:\WINDOWS\System32\oleupdate.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dres.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: netconf32 - Unknown owner - C:\WINDOWS\netconf32.exe
1/ Redemarre en mode sans echec
2/ Lance Hijackthis ->Do a system scan only
->Coche les lignes puis Fix checked
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\sfx.exe
O4 - HKLM\..\Run: [Services] c:\sxe33.tmp
O4 - HKLM\..\Run: [Windowsz] rwnt.exe
O4 - HKLM\..\Run: [Win32 Update] C:\WINDOWS\System32\win32oleupdate.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O23 - Service: netconf32 - Unknown owner - C:\WINDOWS\netconf32.exe
Assure toi d'avoir acces au dossier/fichiers caches
->Panneau de configuration
->Options dossiers
->Coche Afficher les dossiers caches
Decoche Masquer les extensions...
Decoche Masquer les fichiers proteges...
3/ Suppime ces fichiers/dossiers si existe
C:\sfx.exe
C:\sxe33.tmp
C:\WINDOWS\System32\win32oleupdate.exe
C:\WINDOWS\netconf32.exe
4/ Lance un nettoyage Ccleaner
5/ Lance un scan Ewido Ad Aware et Spybot(mis a jour)
Colle le rapport Ewido
6/ Fais un scan en ligne Panda
Colle le rapport
7/ Reposte un log Hijackthis
As tu encore des problemes ?
2/ Lance Hijackthis ->Do a system scan only
->Coche les lignes puis Fix checked
O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\sfx.exe
O4 - HKLM\..\Run: [Services] c:\sxe33.tmp
O4 - HKLM\..\Run: [Windowsz] rwnt.exe
O4 - HKLM\..\Run: [Win32 Update] C:\WINDOWS\System32\win32oleupdate.exe
O4 - HKLM\..\Run: [WinProfile] sndcfg16.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O23 - Service: netconf32 - Unknown owner - C:\WINDOWS\netconf32.exe
Assure toi d'avoir acces au dossier/fichiers caches
->Panneau de configuration
->Options dossiers
->Coche Afficher les dossiers caches
Decoche Masquer les extensions...
Decoche Masquer les fichiers proteges...
3/ Suppime ces fichiers/dossiers si existe
C:\sfx.exe
C:\sxe33.tmp
C:\WINDOWS\System32\win32oleupdate.exe
C:\WINDOWS\netconf32.exe
4/ Lance un nettoyage Ccleaner
5/ Lance un scan Ewido Ad Aware et Spybot(mis a jour)
Colle le rapport Ewido
6/ Fais un scan en ligne Panda
Colle le rapport
7/ Reposte un log Hijackthis
As tu encore des problemes ?
voila deja le rapport ewido la je v faire la suite par contre pour le rapport panda c'est quoi ??
et encore merci de bien vouloir m'aider
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 17:41:31, 20/02/2006
+ Somme de contrôle: 66921AB8
+ Résultats du scan:
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\new[1].exe -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\saved[1].exe -> Backdoor.SdBot.akc : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\as2[1].exe -> Backdoor.SdBot.akt : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\iexplorer-update[1].exe -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\update181[1].exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\win32update[1].exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PKL51O68\SC[1].exe -> Proxy.Agent.is : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\iexplorer.exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
C:\sxe10.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe11.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe113.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe12.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe13.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe14.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe15.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe16.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe17.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe18.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe19.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1A.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1B.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1C.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1D.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1E.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1F.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe20.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe21.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe22.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe23.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe24.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe25.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe26.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe27.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe28.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe29.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2A.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2B.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2C.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2D.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2E.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2F.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe30.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe31.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe32.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe7.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe8.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe9.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeB.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeC.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeD.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeE.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeF.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Nettoyer et sauvegarder
C:\WINDOWS\system32\netdrvr.exe -> Backdoor.SdBot.akt : Nettoyer et sauvegarder
C:\WINDOWS\system32\syscntrl.exe -> Backdoor.SdBot.akc : Nettoyer et sauvegarder
C:\WINDOWS\system32\wincon.exe -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder
C:\WINDOWS\system32\__delete_on_reboot__oleupdate.exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
::Fin du rapport
et encore merci de bien vouloir m'aider
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 17:41:31, 20/02/2006
+ Somme de contrôle: 66921AB8
+ Résultats du scan:
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\new[1].exe -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\saved[1].exe -> Backdoor.SdBot.akc : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\as2[1].exe -> Backdoor.SdBot.akt : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\iexplorer-update[1].exe -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\update181[1].exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\win32update[1].exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PKL51O68\SC[1].exe -> Proxy.Agent.is : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\snake\Cookies\snake@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\iexplorer.exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
C:\sxe10.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe11.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe113.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe12.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe13.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe14.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe15.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe16.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe17.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe18.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe19.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1A.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1B.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1C.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1D.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1E.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe1F.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe20.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe21.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe22.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe23.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe24.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe25.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe26.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe27.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe28.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe29.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2A.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2B.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2C.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2D.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2E.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe2F.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe30.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe31.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe32.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe7.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe8.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxe9.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeB.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeC.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeD.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeE.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\sxeF.tmp -> Proxy.Ranky.cq : Nettoyer et sauvegarder
C:\WINDOWS\Downloaded Program Files\UERSV_0001_LPNetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.d : Nettoyer et sauvegarder
C:\WINDOWS\system32\netdrvr.exe -> Backdoor.SdBot.akt : Nettoyer et sauvegarder
C:\WINDOWS\system32\syscntrl.exe -> Backdoor.SdBot.akc : Nettoyer et sauvegarder
C:\WINDOWS\system32\wincon.exe -> Backdoor.Aimbot.cc : Nettoyer et sauvegarder
C:\WINDOWS\system32\__delete_on_reboot__oleupdate.exe -> Proxy.Agent.hd : Nettoyer et sauvegarder
::Fin du rapport
1/ Deja Ewido a bien bosse ;-)
2/ -> Fais un scan en ligne (avec Internet Explorer):
(si tu as Avast! desactive le pour eviter les conflits)
Panda
Colle le rapport a la fin de l'analyse
2/ -> Fais un scan en ligne (avec Internet Explorer):
(si tu as Avast! desactive le pour eviter les conflits)
Panda
Colle le rapport a la fin de l'analyse
voila le rapport panda
Incident Status Location
Adware:adware/wupd Not disinfected C:\WINDOWS\install.inf
Potentially unwanted tool:application/errorsafe Not disinfected C:\PROGRAM FILES\FICHIERS COMMUNS\ErrorSafe
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\snake\Cookies\snake@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\snake\Cookies\snake@mediaplex[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\snake\Cookies\snake@xiti[1].txt
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\shit[1].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\shit[2].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\shit[4].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\shit[1].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\shit[2].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUE3XEX3\shit[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PKL51O68\is756[1].exe
Virus:Trj/Agent.BBP Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PKL51O68\ServerFuck[1].exe
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\snake\Cookies\snake@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\snake\Cookies\snake@mediaplex[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\snake\Cookies\snake@xiti[1].txt
Potentially unwanted tool:Application/ErrorSafe Not disinfected C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\ddayx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\gebyx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\geebx.dll
Virus:W32/Sdbot.ftp Disinfected C:\WINDOWS\system32\i
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkhff.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkkjk.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\mljgg.dll
Virus:W32/Gaobot.MIF.worm Disinfected C:\WINDOWS\system32\snddrv.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\ssqrp.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\vtsts.dll
Incident Status Location
Adware:adware/wupd Not disinfected C:\WINDOWS\install.inf
Potentially unwanted tool:application/errorsafe Not disinfected C:\PROGRAM FILES\FICHIERS COMMUNS\ErrorSafe
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\snake\Cookies\snake@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\snake\Cookies\snake@mediaplex[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\snake\Cookies\snake@xiti[1].txt
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\shit[1].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\shit[2].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\1WRCN6KX\shit[4].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\shit[1].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\56AIGZN6\shit[2].exe
Virus:Trj/Pintxatore.M Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OUE3XEX3\shit[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PKL51O68\is756[1].exe
Virus:Trj/Agent.BBP Disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\PKL51O68\ServerFuck[1].exe
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\snake\Cookies\snake@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\snake\Cookies\snake@mediaplex[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\snake\Cookies\snake@xiti[1].txt
Potentially unwanted tool:Application/ErrorSafe Not disinfected C:\Program Files\Fichiers communs\ErrorSafe\PCheck.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\ddayx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\gebyx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\geebx.dll
Virus:W32/Sdbot.ftp Disinfected C:\WINDOWS\system32\i
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkhff.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkkjk.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\mljgg.dll
Virus:W32/Gaobot.MIF.worm Disinfected C:\WINDOWS\system32\snddrv.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\ssqrp.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\vtsts.dll
Supprime ces fichiers
C:\WINDOWS\install.inf
C:\PROGRAM FILES\FICHIERS COMMUNS\ErrorSafe
C:\WINDOWS\system32\ddayx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\gebyx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\geebx.dll
Virus:W32/Sdbot.ftp Disinfected C:\WINDOWS\system32\i
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkhff.dll
C:\WINDOWS\system32\jkkjk.dll
C:\WINDOWS\system32\mljgg.dll
C:\WINDOWS\system32\snddrv.exe
C:\WINDOWS\system32\ssqrp.dll
C:\WINDOWS\system32\vtsts.dll
Passe un coup de Ccleaner
Reposte un log HJT, comment va ton pc ?
C:\WINDOWS\install.inf
C:\PROGRAM FILES\FICHIERS COMMUNS\ErrorSafe
C:\WINDOWS\system32\ddayx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\gebyx.dll
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\geebx.dll
Virus:W32/Sdbot.ftp Disinfected C:\WINDOWS\system32\i
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\jkhff.dll
C:\WINDOWS\system32\jkkjk.dll
C:\WINDOWS\system32\mljgg.dll
C:\WINDOWS\system32\snddrv.exe
C:\WINDOWS\system32\ssqrp.dll
C:\WINDOWS\system32\vtsts.dll
Passe un coup de Ccleaner
Reposte un log HJT, comment va ton pc ?
voila le raport HJT par contre je voulais vous demander si ct normal qu'il y a des fichier ecrit en bleu kan je v ds systeme32 ??
Logfile of HijackThis v1.99.1
Scan saved at 20:50:40, on 20/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Documents and Settings\snake\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
Logfile of HijackThis v1.99.1
Scan saved at 20:50:40, on 20/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Documents and Settings\snake\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat9.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
Pour System32 je sais pas trop :-?
Fix ces lignes:
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
As-tu encore des problemes ?
Fix ces lignes:
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [Windowsz] rwnt.exe
O4 - HKLM\..\RunServices: [WinProfile] sndcfg16.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
As-tu encore des problemes ?
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumAnalyse de mon rapport hijackthis
- ForumRapport hijackthis.
- ForumInterpretation d'un rapport hijackthis
- ForumRapport hijackthis suppretion de virtumonde
- ForumAi-je un virus rapport hijackthis
- ForumRapport hijackthis. besoin d'analyse
- ForumPc lent, rapport hijackthis
- ForumRapport hijackthis aide pour interpretation
- ForumPc infecte - rapport hijackthis
- ForumVirus ou spywares rapport hijackthis
- Voir plus
