Horst IJ et Spambot-B
Dernière réponse : dans Sécurité
Bonjour,
Aucun topic ne m'aide à trouver une solution,
Avast détecte plusieurs fois par jour Horst IJ et Spambot-B sans pouvoir les supprimer. Ils reviennent sans cesse
N'étant pas douée dans ce domaine, j'ai besoin de votre aide !
Merci d'avance
Aucun topic ne m'aide à trouver une solution,
Avast détecte plusieurs fois par jour Horst IJ et Spambot-B sans pouvoir les supprimer. Ils reviennent sans cesse
N'étant pas douée dans ce domaine, j'ai besoin de votre aide !
Merci d'avance
Autres pages sur : horst spambot
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.
Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :
Edition / Sélectionner tout
Edition / Copier
Clique-Droit / Coller dans ta réponse
AIDE : Tuto en vidéo sur Hijackthis
Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.
Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :
AIDE : Tuto en vidéo sur Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 19:46:19, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Camille\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com.tw/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus D88 Series sur COLLIN-JP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P42 "Auto EPSON Stylus D88 Series sur COLLIN-JP" /O22 "\\COLLIN-JP\Imprimante" /M "Stylus D88"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
Merci de votre aide !
Scan saved at 19:46:19, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Camille\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com.tw/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus D88 Series sur COLLIN-JP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P42 "Auto EPSON Stylus D88 Series sur COLLIN-JP" /O22 "\\COLLIN-JP\Imprimante" /M "Stylus D88"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
Merci de votre aide !
Re,
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.
Redémarre en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.
Redémarre en mode sans échec
Voici pour SDFIX :
SDFix: Version 1.88
Run by Administrateur on 23/06/2007 at 20:22
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\WINDOWS\system\smss.exe - Deleted
Removing Temp Files...
ADS Check:
Checking C:\WINDOWS
C:\WINDOWS
No streams found.
Checking C:\WINDOWS\system32
C:\WINDOWS\system32
No streams found.
Checking C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.
Checking C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\28exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\28exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\23exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\23exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\89exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\89exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\98exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\98exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\60exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\60exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\59exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\59exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Listing Files with Hidden Attributes:
C:\Documents and Settings\Camille\SendTo\WLM - camkikinou@msn.com\Desktop.ini
C:\Documents and Settings\Camille\SendTo\WLM - camkikinou@msn.com\lolo527@hotmail.fr.lnk
C:\Documents and Settings\Camille\SendTo\WLM - camkikinou@msn.com\sandrinejurion@hotmail.com.lnk
C:\Program Files\Outlook Express\msimn.exe
C:\wvnfao30.sys
C:\WINDOWS\system32\KGyGaAvL.sys
C:\WINDOWS\system32\E1F801B44F.sys
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\Camille\Mes documents\Mes images\Mes Photos\2006\8. Stage chez les 6. Pompiers Juillet-Aout 2006\SIV6.tmp
C:\Documents and Settings\Camille\Mes documents\Mes images\Mes Photos\2006\23. Prague R‚veillon 2006\Ville\SIV3.tmp
C:\Documents and Settings\Camille\Mes documents\Mes images\Mes Photos\2006\23. Prague R‚veillon 2006\Ville\SIV4.tmp
Listing User Accounts:
Administrateur Camille HelpAssistant
Invit‚ SUPPORT_388945a0
La commande s'est termin‚e correctement.
Finished
==============================================
Pour Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 20:29:59, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Camille\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com.tw/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus D88 Series sur COLLIN-JP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P42 "Auto EPSON Stylus D88 Series sur COLLIN-JP" /O22 "\\COLLIN-JP\Imprimante" /M "Stylus D88"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
SDFix: Version 1.88
Run by Administrateur on 23/06/2007 at 20:22
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service
Rebooting...
Normal Mode:
Checking Files:
Below files will be copied to Backups folder then removed:
C:\WINDOWS\system\smss.exe - Deleted
Removing Temp Files...
ADS Check:
Checking C:\WINDOWS
C:\WINDOWS
No streams found.
Checking C:\WINDOWS\system32
C:\WINDOWS\system32
No streams found.
Checking C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.
Checking C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\90exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\90exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\18exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\18exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\31exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\31exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\28exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\28exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\38exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\38exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\23exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\23exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\96exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\96exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\99exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\99exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\39exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\39exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\64exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\64exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\11exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\11exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\17exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\17exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\57exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\57exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\94exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\94exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\75exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\75exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\7exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\7exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\85exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\85exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\48exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\48exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\52exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\52exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\54exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\54exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\91exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\91exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\36exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\36exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\80exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\80exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\0exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\0exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\95exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\95exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\58exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\58exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\9exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\9exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\22exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\22exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\92exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\92exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\82exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\82exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\14exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\14exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\45exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\45exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\4exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\4exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\73exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\73exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\74exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\74exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\63exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\63exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\44exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\44exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\49exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\49exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\76exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\76exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\89exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\89exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\98exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\98exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\83exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\83exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\71exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\71exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\46exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\46exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\93exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\93exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\35exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\35exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\87exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\87exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\15exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\15exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\26exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\26exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\24exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\24exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\43exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\43exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\53exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\53exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\1exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\1exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\60exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\60exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\12exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\12exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\65exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\65exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\81exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\81exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\20exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\20exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\40exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\40exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\34exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\34exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\16exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\16exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\67exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\67exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\77exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\77exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\6exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\6exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\8exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\8exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\19exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\19exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\10exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\10exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\29exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\29exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\32exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\32exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\88exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\88exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\33exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\33exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\72exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\72exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\97exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\97exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\47exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\47exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\30exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\30exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\21exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\21exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\2exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\2exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\68exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\68exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\69exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\69exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\62exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\62exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\61exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\61exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\5exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\5exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\56exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\56exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\51exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\51exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\59exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\59exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\25exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\25exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\37exinjs.a9.exe"="C:\\DOCUME~1\\Camille\\LOCALS~1\\Temp\\37exinjs.a9.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Listing Files with Hidden Attributes:
C:\Documents and Settings\Camille\SendTo\WLM - camkikinou@msn.com\Desktop.ini
C:\Documents and Settings\Camille\SendTo\WLM - camkikinou@msn.com\lolo527@hotmail.fr.lnk
C:\Documents and Settings\Camille\SendTo\WLM - camkikinou@msn.com\sandrinejurion@hotmail.com.lnk
C:\Program Files\Outlook Express\msimn.exe
C:\wvnfao30.sys
C:\WINDOWS\system32\KGyGaAvL.sys
C:\WINDOWS\system32\E1F801B44F.sys
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\Camille\Mes documents\Mes images\Mes Photos\2006\8. Stage chez les 6. Pompiers Juillet-Aout 2006\SIV6.tmp
C:\Documents and Settings\Camille\Mes documents\Mes images\Mes Photos\2006\23. Prague R‚veillon 2006\Ville\SIV3.tmp
C:\Documents and Settings\Camille\Mes documents\Mes images\Mes Photos\2006\23. Prague R‚veillon 2006\Ville\SIV4.tmp
Listing User Accounts:
Administrateur Camille HelpAssistant
Invit‚ SUPPORT_388945a0
La commande s'est termin‚e correctement.
Finished
==============================================
Pour Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 20:29:59, on 23/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Camille\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com.tw/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Auto EPSON Stylus D88 Series sur COLLIN-JP] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P42 "Auto EPSON Stylus D88 Series sur COLLIN-JP" /O22 "\\COLLIN-JP\Imprimante" /M "Stylus D88"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
Re,
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
Re,
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
Lassé par la pub ? Créez un compte
