aide pour scan hijackthis
Dernière réponse : dans Sécurité
Voila mon scan
Des fenetres s'ouvre ssur internet
Pourriez vous m'aider?Merci
Logfile of HijackThis v1.99.1
Scan saved at 14:18:57, on 12/02/2007
Platform: Windows 2003 SP2, v.2825 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830)
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\WINDOWS\SysWOW64\rundll32.exe
c:\progra~2\intern~1\iexplore.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\pspvideo9\pspvideo9.exe
C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\DOCUME~1\Steven\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PSPVideo9] "C:\Program Files (x86)\pspvideo9\pspvideo9.exe" -t
O4 - HKLM\..\Run: [AsusServiceProvider] "C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe -AISUITE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [loadheckmovesettings] C:\Documents and Settings\All Users\Application Data\dart htm load heck\Enc time.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [16inside] C:\DOCUME~1\Steven\APPLIC~1\UPLITE~1\UploadBlehCash.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
Des fenetres s'ouvre ssur internet
Pourriez vous m'aider?Merci
Logfile of HijackThis v1.99.1
Scan saved at 14:18:57, on 12/02/2007
Platform: Windows 2003 SP2, v.2825 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830)
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\WINDOWS\SysWOW64\rundll32.exe
c:\progra~2\intern~1\iexplore.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\pspvideo9\pspvideo9.exe
C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\DOCUME~1\Steven\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PSPVideo9] "C:\Program Files (x86)\pspvideo9\pspvideo9.exe" -t
O4 - HKLM\..\Run: [AsusServiceProvider] "C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe -AISUITE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [loadheckmovesettings] C:\Documents and Settings\All Users\Application Data\dart htm load heck\Enc time.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [16inside] C:\DOCUME~1\Steven\APPLIC~1\UPLITE~1\UploadBlehCash.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
Autres pages sur : aide scan hijackthis
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge LopResearch.zip
Dézippe-le sur ton Bureau.
Lance le fichier Scan.bat
Un rapport sera généré, poste son contenu ici.
Télécharge LopResearch.zip
Dézippe-le sur ton Bureau.
Lance le fichier Scan.bat
Un rapport sera généré, poste son contenu ici.
voila
Rapport fait à 14:23:12,31 le 12/02/2007
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Administrator\Application Data
01/01/2007 20:28 <REP> Mozilla
01/01/2007 20:27 <REP> Lavasoft
01/01/2007 19:29 <REP> Google
28/12/2006 18:26 <REP> Ahead
28/12/2006 11:55 <REP> Macromedia
28/12/2006 10:34 <REP> Identities
28/12/2006 10:34 62 desktop.ini
28/12/2006 10:34 <REP> Microsoft
28/12/2006 10:34 <REP> .
28/12/2006 10:34 <REP> ..
1 fichier(s) 62 octets
9 R‚p(s) 17287094272 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\All Users\Application Data
10/02/2007 14:08 <REP> nView_Profiles
10/02/2007 11:59 <REP> dart htm load heck
09/02/2007 20:11 2673 hpzinstall.log
02/02/2007 18:42 <REP> Yahoo! Companion
27/01/2007 17:15 <REP> Autodesk
27/01/2007 16:35 <REP> Adobe
19/01/2007 23:02 <REP> QuickTime
14/01/2007 18:32 <REP> QubeSoft
01/01/2007 20:26 <REP> Spybot - Search & Destroy
01/01/2007 19:28 <REP> Google
01/01/2007 19:24 <REP> NVIDIA
28/12/2006 18:29 <REP> DVD Shrink
28/12/2006 18:10 <REP> Ahead
28/12/2006 13:51 <REP> Kaspersky Lab
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
28/12/2006 11:10 <REP> ..
2 fichier(s) 2735 octets
16 R‚p(s) 17287081984 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Default User\Application Data
10/02/2007 18:28 <REP> Google
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> ..
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
1 fichier(s) 62 octets
4 R‚p(s) 17287081984 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Steven\Application Data
11/02/2007 11:16 <REP> InstallShield
10/02/2007 15:21 <REP> Ahead
10/02/2007 11:59 <REP> up lite base
09/02/2007 18:18 <REP> Help
02/02/2007 21:17 <REP> Sun
02/02/2007 19:01 <REP> Adobe
27/01/2007 17:15 <REP> Autodesk
27/01/2007 09:55 <REP> SecondLife
12/01/2007 23:11 <REP> Media Player Classic
02/01/2007 13:31 <REP> Macromedia
02/01/2007 13:30 <REP> Mozilla
02/01/2007 13:28 <REP> Lavasoft
02/01/2007 13:22 <REP> Google
02/01/2007 11:58 <REP> Identities
02/01/2007 11:58 62 desktop.ini
02/01/2007 11:58 <REP> Microsoft
02/01/2007 11:58 <REP> .
02/01/2007 11:58 <REP> ..
1 fichier(s) 62 octets
17 R‚p(s) 17287081984 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\WINDOWS\Tasks
10/02/2007 11:59 268 A888E42F91939AAB.job
12/01/2007 22:36 108 SesamTVMC.job
28/12/2006 10:34 6 SA.DAT
28/12/2006 10:34 32ÿ540 SchedLgU.Txt
28/12/2006 10:24 65 desktop.ini
28/12/2006 10:24 <REP> ..
28/12/2006 10:24 <REP> .
5 fichier(s) 32ÿ987 octets
2 R‚p(s) 17ÿ287ÿ077ÿ888 octets libres
******************************************
Recherche dans Program files
Rapport fait à 14:23:32,10 le 12/02/2007
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Administrator\Application Data
01/01/2007 20:28 <REP> Mozilla
01/01/2007 20:27 <REP> Lavasoft
01/01/2007 19:29 <REP> Google
28/12/2006 18:26 <REP> Ahead
28/12/2006 11:55 <REP> Macromedia
28/12/2006 10:34 <REP> Identities
28/12/2006 10:34 62 desktop.ini
28/12/2006 10:34 <REP> Microsoft
28/12/2006 10:34 <REP> .
28/12/2006 10:34 <REP> ..
1 fichier(s) 62 octets
9 R‚p(s) 17287090176 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\All Users\Application Data
10/02/2007 14:08 <REP> nView_Profiles
10/02/2007 11:59 <REP> dart htm load heck
09/02/2007 20:11 2673 hpzinstall.log
02/02/2007 18:42 <REP> Yahoo! Companion
27/01/2007 17:15 <REP> Autodesk
27/01/2007 16:35 <REP> Adobe
19/01/2007 23:02 <REP> QuickTime
14/01/2007 18:32 <REP> QubeSoft
01/01/2007 20:26 <REP> Spybot - Search & Destroy
01/01/2007 19:28 <REP> Google
01/01/2007 19:24 <REP> NVIDIA
28/12/2006 18:29 <REP> DVD Shrink
28/12/2006 18:10 <REP> Ahead
28/12/2006 13:51 <REP> Kaspersky Lab
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
28/12/2006 11:10 <REP> ..
2 fichier(s) 2735 octets
16 R‚p(s) 17287090176 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Default User\Application Data
10/02/2007 18:28 <REP> Google
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> ..
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
1 fichier(s) 62 octets
4 R‚p(s) 17287090176 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Steven\Application Data
11/02/2007 11:16 <REP> InstallShield
10/02/2007 15:21 <REP> Ahead
10/02/2007 11:59 <REP> up lite base
09/02/2007 18:18 <REP> Help
02/02/2007 21:17 <REP> Sun
02/02/2007 19:01 <REP> Adobe
27/01/2007 17:15 <REP> Autodesk
27/01/2007 09:55 <REP> SecondLife
12/01/2007 23:11 <REP> Media Player Classic
02/01/2007 13:31 <REP> Macromedia
02/01/2007 13:30 <REP> Mozilla
02/01/2007 13:28 <REP> Lavasoft
02/01/2007 13:22 <REP> Google
02/01/2007 11:58 <REP> Identities
02/01/2007 11:58 62 desktop.ini
02/01/2007 11:58 <REP> Microsoft
02/01/2007 11:58 <REP> .
02/01/2007 11:58 <REP> ..
1 fichier(s) 62 octets
17 R‚p(s) 17287090176 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\WINDOWS\Tasks
10/02/2007 11:59 268 A888E42F91939AAB.job
12/01/2007 22:36 108 SesamTVMC.job
28/12/2006 10:34 6 SA.DAT
28/12/2006 10:34 32ÿ540 SchedLgU.Txt
28/12/2006 10:24 65 desktop.ini
28/12/2006 10:24 <REP> ..
28/12/2006 10:24 <REP> .
5 fichier(s) 32ÿ987 octets
2 R‚p(s) 17ÿ287ÿ077ÿ888 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Rapport fait à 14:23:12,31 le 12/02/2007
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Administrator\Application Data
01/01/2007 20:28 <REP> Mozilla
01/01/2007 20:27 <REP> Lavasoft
01/01/2007 19:29 <REP> Google
28/12/2006 18:26 <REP> Ahead
28/12/2006 11:55 <REP> Macromedia
28/12/2006 10:34 <REP> Identities
28/12/2006 10:34 62 desktop.ini
28/12/2006 10:34 <REP> Microsoft
28/12/2006 10:34 <REP> .
28/12/2006 10:34 <REP> ..
1 fichier(s) 62 octets
9 R‚p(s) 17287094272 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\All Users\Application Data
10/02/2007 14:08 <REP> nView_Profiles
10/02/2007 11:59 <REP> dart htm load heck
09/02/2007 20:11 2673 hpzinstall.log
02/02/2007 18:42 <REP> Yahoo! Companion
27/01/2007 17:15 <REP> Autodesk
27/01/2007 16:35 <REP> Adobe
19/01/2007 23:02 <REP> QuickTime
14/01/2007 18:32 <REP> QubeSoft
01/01/2007 20:26 <REP> Spybot - Search & Destroy
01/01/2007 19:28 <REP> Google
01/01/2007 19:24 <REP> NVIDIA
28/12/2006 18:29 <REP> DVD Shrink
28/12/2006 18:10 <REP> Ahead
28/12/2006 13:51 <REP> Kaspersky Lab
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
28/12/2006 11:10 <REP> ..
2 fichier(s) 2735 octets
16 R‚p(s) 17287081984 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Default User\Application Data
10/02/2007 18:28 <REP> Google
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> ..
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
1 fichier(s) 62 octets
4 R‚p(s) 17287081984 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Steven\Application Data
11/02/2007 11:16 <REP> InstallShield
10/02/2007 15:21 <REP> Ahead
10/02/2007 11:59 <REP> up lite base
09/02/2007 18:18 <REP> Help
02/02/2007 21:17 <REP> Sun
02/02/2007 19:01 <REP> Adobe
27/01/2007 17:15 <REP> Autodesk
27/01/2007 09:55 <REP> SecondLife
12/01/2007 23:11 <REP> Media Player Classic
02/01/2007 13:31 <REP> Macromedia
02/01/2007 13:30 <REP> Mozilla
02/01/2007 13:28 <REP> Lavasoft
02/01/2007 13:22 <REP> Google
02/01/2007 11:58 <REP> Identities
02/01/2007 11:58 62 desktop.ini
02/01/2007 11:58 <REP> Microsoft
02/01/2007 11:58 <REP> .
02/01/2007 11:58 <REP> ..
1 fichier(s) 62 octets
17 R‚p(s) 17287081984 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\WINDOWS\Tasks
10/02/2007 11:59 268 A888E42F91939AAB.job
12/01/2007 22:36 108 SesamTVMC.job
28/12/2006 10:34 6 SA.DAT
28/12/2006 10:34 32ÿ540 SchedLgU.Txt
28/12/2006 10:24 65 desktop.ini
28/12/2006 10:24 <REP> ..
28/12/2006 10:24 <REP> .
5 fichier(s) 32ÿ987 octets
2 R‚p(s) 17ÿ287ÿ077ÿ888 octets libres
******************************************
Recherche dans Program files
Rapport fait à 14:23:32,10 le 12/02/2007
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Administrator\Application Data
01/01/2007 20:28 <REP> Mozilla
01/01/2007 20:27 <REP> Lavasoft
01/01/2007 19:29 <REP> Google
28/12/2006 18:26 <REP> Ahead
28/12/2006 11:55 <REP> Macromedia
28/12/2006 10:34 <REP> Identities
28/12/2006 10:34 62 desktop.ini
28/12/2006 10:34 <REP> Microsoft
28/12/2006 10:34 <REP> .
28/12/2006 10:34 <REP> ..
1 fichier(s) 62 octets
9 R‚p(s) 17287090176 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\All Users\Application Data
10/02/2007 14:08 <REP> nView_Profiles
10/02/2007 11:59 <REP> dart htm load heck
09/02/2007 20:11 2673 hpzinstall.log
02/02/2007 18:42 <REP> Yahoo! Companion
27/01/2007 17:15 <REP> Autodesk
27/01/2007 16:35 <REP> Adobe
19/01/2007 23:02 <REP> QuickTime
14/01/2007 18:32 <REP> QubeSoft
01/01/2007 20:26 <REP> Spybot - Search & Destroy
01/01/2007 19:28 <REP> Google
01/01/2007 19:24 <REP> NVIDIA
28/12/2006 18:29 <REP> DVD Shrink
28/12/2006 18:10 <REP> Ahead
28/12/2006 13:51 <REP> Kaspersky Lab
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
28/12/2006 11:10 <REP> ..
2 fichier(s) 2735 octets
16 R‚p(s) 17287090176 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Default User\Application Data
10/02/2007 18:28 <REP> Google
28/12/2006 11:10 62 desktop.ini
28/12/2006 11:10 <REP> ..
28/12/2006 11:10 <REP> Microsoft
28/12/2006 11:10 <REP> .
1 fichier(s) 62 octets
4 R‚p(s) 17287090176 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\Documents and Settings\Steven\Application Data
11/02/2007 11:16 <REP> InstallShield
10/02/2007 15:21 <REP> Ahead
10/02/2007 11:59 <REP> up lite base
09/02/2007 18:18 <REP> Help
02/02/2007 21:17 <REP> Sun
02/02/2007 19:01 <REP> Adobe
27/01/2007 17:15 <REP> Autodesk
27/01/2007 09:55 <REP> SecondLife
12/01/2007 23:11 <REP> Media Player Classic
02/01/2007 13:31 <REP> Macromedia
02/01/2007 13:30 <REP> Mozilla
02/01/2007 13:28 <REP> Lavasoft
02/01/2007 13:22 <REP> Google
02/01/2007 11:58 <REP> Identities
02/01/2007 11:58 62 desktop.ini
02/01/2007 11:58 <REP> Microsoft
02/01/2007 11:58 <REP> .
02/01/2007 11:58 <REP> ..
1 fichier(s) 62 octets
17 R‚p(s) 17287090176 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 1C17-42D9
R‚pertoire de C:\WINDOWS\Tasks
10/02/2007 11:59 268 A888E42F91939AAB.job
12/01/2007 22:36 108 SesamTVMC.job
28/12/2006 10:34 6 SA.DAT
28/12/2006 10:34 32ÿ540 SchedLgU.Txt
28/12/2006 10:24 65 desktop.ini
28/12/2006 10:24 <REP> ..
28/12/2006 10:24 <REP> .
5 fichier(s) 32ÿ987 octets
2 R‚p(s) 17ÿ287ÿ077ÿ888 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Re,
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
F2 - REG:system.ini: UserInit=userinit
O4 - HKLM\..\Run: [loadheckmovesettings] C:\Documents and Settings\All Users\Application Data\dart htm load heck\Enc time.exe
O4 - HKCU\..\Run: [16inside] C:\DOCUME~1\Steven\APPLIC~1\UPLITE~1\UploadBlehCash.exe
Clique sur Fix checked (en bas à gauche)
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Double-clique sur OTMoveIt.exe afin de le lancer.
Sélectionne TOUS les emplacements suivants :
C:\Documents and Settings\All Users\Application Data\dart htm load heck
C:\Documents and Settings\Steven\Application Data\up lite base
C:\WINDOWS\Tasks\A888E42F91939AAB.job
---> Clique-droit puis Copier
Retourne sur OTMoveIt, fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]
!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
Démarrer/Exécuter/cmd
Dans la nouvelle fenêtre, tape chkdsk /F /R c:
Accepte de redémarrer.
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
F2 - REG:system.ini: UserInit=userinit
O4 - HKLM\..\Run: [loadheckmovesettings] C:\Documents and Settings\All Users\Application Data\dart htm load heck\Enc time.exe
O4 - HKCU\..\Run: [16inside] C:\DOCUME~1\Steven\APPLIC~1\UPLITE~1\UploadBlehCash.exe
Clique sur Fix checked (en bas à gauche)
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Double-clique sur OTMoveIt.exe afin de le lancer.
Sélectionne TOUS les emplacements suivants :
C:\Documents and Settings\All Users\Application Data\dart htm load heck
C:\Documents and Settings\Steven\Application Data\up lite base
C:\WINDOWS\Tasks\A888E42F91939AAB.job
---> Clique-droit puis Copier
Retourne sur OTMoveIt, fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]
!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
Démarrer/Exécuter/cmd
Dans la nouvelle fenêtre, tape chkdsk /F /R c:
Accepte de redémarrer.
le voila désolé pour le retard
Logfile of HijackThis v1.99.1
Scan saved at 21:06:20, on 13/02/2007
Platform: Windows 2003 SP2, v.2825 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830)
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\pspvideo9\pspvideo9.exe
C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Documents and Settings\Steven\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PSPVideo9] "C:\Program Files (x86)\pspvideo9\pspvideo9.exe" -t
O4 - HKLM\..\Run: [AsusServiceProvider] "C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe -AISUITE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 21:06:20, on 13/02/2007
Platform: Windows 2003 SP2, v.2825 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.1830)
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Program Files (x86)\pspvideo9\pspvideo9.exe
C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files (x86)\MSN Messenger\usnsvc.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Documents and Settings\Steven\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\SysWOW64\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PSPVideo9] "C:\Program Files (x86)\pspvideo9\pspvideo9.exe" -t
O4 - HKLM\..\Run: [AsusServiceProvider] "C:\Program Files (x86)\ASUS\AASP\1.00.00\aaCenter.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe -AISUITE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumNetfxupdate, virus ou pas scan hijackthis
- ForumPc ralenti, scan hijackthis
- ForumAnalyse de scan hijackthis.
- ForumResultat scan hijackthis a etudier.
- ForumVirus heur.trojan.generic,scan hijackthis
- ForumProtection pc et scan hijackthis
- ForumInterpretation scan hijackthis
- ForumResultat du scan de hijackthis
- ForumScan hijackthis pc acer
- ForumScan hijackthis
- Voir plus
