Besoin aide pour Rapport HijackThis
Dernière réponse : dans Sécurité
[resolu]Bonjour à tous !
J'ai attrappé le virus msn dance_.jpg (me rappelle plus trop le nom)
J ai téléchargé Hijackthis, voila le rapport , que je ne sais ni lire , ni traiter.......![:??:]( ":??:")
Mon ordi rame, une minute par page ! c est l horreur![:kaola:]( ":kaola:")
communs\Microsoft Shared\Windows
Live\WLLoginProxy.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\Program Files\Trend
Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.d
ll
R3 - URLSearchHook: (no name) -
{9CB65206-89C4-402c-BA80-02D8C59F9B1D} -
C:\Program
Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} -
C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.d
ll
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper -
{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} -
C:\Program Files\eBay\eBay
Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO -
{5CFEE306-E014-48A4-876D-06FF09EBB0F3} -
C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) -
{7E853D72-626A-48EC-A868-BA8D5E23E045} -
(no file)
O2 - BHO: Programme d'aide de l'Assistant
de connexion Windows Live -
{9030D464-4C02-4ABF-8ECC-5164760863C6} -
C:\Program Files\Fichiers
communs\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO -
{9CB65201-89C4-402c-BA80-02D8C59F9B1D} -
C:\Program
Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program
files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -
C:\Program
Files\Google\GoogleToolbarNotifier\2.0.30
1.7164\swg.dll
O2 - BHO: Ask Toolbar BHO -
{FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
C:\Program
Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.d
ll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program
files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar -
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} -
C:\Program Files\eBay\eBay
Toolbar2\eBayTB.dll
O3 - Toolbar: Ask Toolbar -
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
C:\Program
Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath]
C:\WINDOWS\VM_STI.EXE Philips SPC210NC
Webcam
O4 - HKLM\..\Run: [InCD] C:\Program
Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Fichiers
communs\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LXCDCATS] rundll32
C:\WINDOWS\System32\spool\DRIVERS\W32X86\
3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\Google
ToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail]
C:\Program
Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program
Files\MSN Messenger\MsnMsgr.Exe"
/background
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A
56B10AA}] "C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk =
C:\Program Files\OpenOffice.org
2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide
d'Adobe Reader.lnk = C:\Program
Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: TransText.lnk =
C:\Program
Files\ChaosSoft\TransText\TransText.exe
O4 - Global Startup: TrayMin210.exe.lnk =
?
O4 - Global Startup: Windows Desktop
Search.lnk = C:\Program Files\Windows
Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &eBay
Search - res://C:\Program Files\eBay\eBay
Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java
(Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O16 - DPF:
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
(YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF:
{315B0BFB-2BD4-481B-80A3-A9B80727C61B}
(WebIQ Engine Application Object) -
http://webiq005.webiqonline.com/WebIQ/Dat
aServer/Pub/DataServer.dll?Handler=GetEng
ineDistribution&EDID={896A23A1-5821-4609-
A6C6-6D5536C585C9}
O16 - DPF:
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}
(MSN Photo Upload Tool) -
http://lamourgouyette.spaces.live.com//Ph
otoUpload/MsnPUpld.cab
O16 - DPF:
{5D6F45B3-9043-443D-A792-115447494D24}
(UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO
1/GAME_UNO1.cab
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
http://update.microsoft.com/windowsupdate
/v6/V5Controls/en/x86/client/wuweb_site.c
ab?1171287600390
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/microsoftupda
te/v6/V5Controls/en/x86/client/muweb_site
.cab?1179348450984
O16 - DPF:
{7FC1B346-83E6-4774-8D20-1A6B09B0E737}
(Windows Live Photo Upload Control) -
http://lamourgouyette.spaces.live.com/Pho
toUpload/MsnPUpld.cab
O16 - DPF:
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Mess
engerStatsClient.cab31267.cab
O16 - DPF:
{AB86CE53-AC9F-449F-9399-D8ABCA09EC09}
(Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/Sec
ure/HPGetDownloadManager.ocx
O16 - DPF:
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}
(a-squared Scanner) -
http://ax.emsisoft.com/asquared.cab
O16 - DPF:
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Mess
engerStatsPAClient.cab56907.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{B13FD7
72-BEA9-40A7-B1BC-C5753A207CBF}:
NameServer =
130.244.127.161,130.244.127.162
O17 -
HKLM\System\CCS\Services\Tcpip\..\{B811B7
C9-2432-480F-B1A1-920D432E382F}:
NameServer = 212.151.136.246
212.151.137.166
O18 - Filter: application/xhtml+xml;
charset=iso-8859-1 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml;
charset=utf-8 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml;
charset=iso-8859-1 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O23 - Service: avast! iAVS4 Control
Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard -
GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: Boonty Games - BOONTY -
C:\Program Files\Fichiers communs\BOONTY
Shared\Service\Boonty.exe
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) -
AHEAD Software - C:\Program
Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown
owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) -
Unknown owner - C:\Program
Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService -
Unknown owner - C:\Program Files\Fichiers
communs\Ahead\Lib\NMIndexingService.exe
(file missing)
O23 - Service: ServiceLayer - Nokia. -
C:\Program Files\PC Connectivity
Solution\ServiceLayer.exe
--
End of file - 10755 bytes
Merci pour votre aide
J'ai attrappé le virus msn dance_.jpg (me rappelle plus trop le nom)
J ai téléchargé Hijackthis, voila le rapport , que je ne sais ni lire , ni traiter.......
Mon ordi rame, une minute par page ! c est l horreur
communs\Microsoft Shared\Windows
Live\WLLoginProxy.exe
C:\Program Files\Internet
Explorer\iexplore.exe
C:\Program Files\Trend
Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.d
ll
R3 - URLSearchHook: (no name) -
{9CB65206-89C4-402c-BA80-02D8C59F9B1D} -
C:\Program
Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} -
C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.d
ll
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper -
{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} -
C:\Program Files\eBay\eBay
Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO -
{5CFEE306-E014-48A4-876D-06FF09EBB0F3} -
C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) -
{7E853D72-626A-48EC-A868-BA8D5E23E045} -
(no file)
O2 - BHO: Programme d'aide de l'Assistant
de connexion Windows Live -
{9030D464-4C02-4ABF-8ECC-5164760863C6} -
C:\Program Files\Fichiers
communs\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO -
{9CB65201-89C4-402c-BA80-02D8C59F9B1D} -
C:\Program
Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program
files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -
C:\Program
Files\Google\GoogleToolbarNotifier\2.0.30
1.7164\swg.dll
O2 - BHO: Ask Toolbar BHO -
{FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
C:\Program
Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program
Files\Yahoo!\Companion\Installs\cpn0\yt.d
ll
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program
files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar -
{92085AD4-F48A-450D-BD93-B28CC7DF67CE} -
C:\Program Files\eBay\eBay
Toolbar2\eBayTB.dll
O3 - Toolbar: Ask Toolbar -
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
C:\Program
Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath]
C:\WINDOWS\VM_STI.EXE Philips SPC210NC
Webcam
O4 - HKLM\..\Run: [InCD] C:\Program
Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Fichiers
communs\Real\Update_OB\realsched.exe"
-osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LXCDCATS] rundll32
C:\WINDOWS\System32\spool\DRIVERS\W32X86\
3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\Google
ToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail]
C:\Program
Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program
Files\MSN Messenger\MsnMsgr.Exe"
/background
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A
56B10AA}] "C:\Program Files\Fichiers
communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic]
C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User
'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk =
C:\Program Files\OpenOffice.org
2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide
d'Adobe Reader.lnk = C:\Program
Files\Adobe\Acrobat
7.0\Reader\reader_sl.exe
O4 - Global Startup: TransText.lnk =
C:\Program
Files\ChaosSoft\TransText\TransText.exe
O4 - Global Startup: TrayMin210.exe.lnk =
?
O4 - Global Startup: Windows Desktop
Search.lnk = C:\Program Files\Windows
Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &eBay
Search - res://C:\Program Files\eBay\eBay
Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java
(Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O16 - DPF:
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
(YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF:
{315B0BFB-2BD4-481B-80A3-A9B80727C61B}
(WebIQ Engine Application Object) -
http://webiq005.webiqonline.com/WebIQ/Dat
aServer/Pub/DataServer.dll?Handler=GetEng
ineDistribution&EDID={896A23A1-5821-4609-
A6C6-6D5536C585C9}
O16 - DPF:
{4F1E5B1A-2A80-42CA-8532-2D05CB959537}
(MSN Photo Upload Tool) -
http://lamourgouyette.spaces.live.com//Ph
otoUpload/MsnPUpld.cab
O16 - DPF:
{5D6F45B3-9043-443D-A792-115447494D24}
(UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO
1/GAME_UNO1.cab
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
http://update.microsoft.com/windowsupdate
/v6/V5Controls/en/x86/client/wuweb_site.c
ab?1171287600390
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/microsoftupda
te/v6/V5Controls/en/x86/client/muweb_site
.cab?1179348450984
O16 - DPF:
{7FC1B346-83E6-4774-8D20-1A6B09B0E737}
(Windows Live Photo Upload Control) -
http://lamourgouyette.spaces.live.com/Pho
toUpload/MsnPUpld.cab
O16 - DPF:
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Mess
engerStatsClient.cab31267.cab
O16 - DPF:
{AB86CE53-AC9F-449F-9399-D8ABCA09EC09}
(Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/Sec
ure/HPGetDownloadManager.ocx
O16 - DPF:
{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9}
(a-squared Scanner) -
http://ax.emsisoft.com/asquared.cab
O16 - DPF:
{C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Mess
engerStatsPAClient.cab56907.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{B13FD7
72-BEA9-40A7-B1BC-C5753A207CBF}:
NameServer =
130.244.127.161,130.244.127.162
O17 -
HKLM\System\CCS\Services\Tcpip\..\{B811B7
C9-2432-480F-B1A1-920D432E382F}:
NameServer = 212.151.136.246
212.151.137.166
O18 - Filter: application/xhtml+xml;
charset=iso-8859-1 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml;
charset=utf-8 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml;
charset=iso-8859-1 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 -
{32F66A26-7614-11D4-BD11-00104BD3F987} -
C:\Program Files\Design
Science\MathPlayer\MathMLMimer.dll
O23 - Service: avast! iAVS4 Control
Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard -
GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware
7.5\guard.exe
O23 - Service: Boonty Games - BOONTY -
C:\Program Files\Fichiers communs\BOONTY
Shared\Service\Boonty.exe
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) -
AHEAD Software - C:\Program
Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown
owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) -
Unknown owner - C:\Program
Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService -
Unknown owner - C:\Program Files\Fichiers
communs\Ahead\Lib\NMIndexingService.exe
(file missing)
O23 - Service: ServiceLayer - Nokia. -
C:\Program Files\PC Connectivity
Solution\ServiceLayer.exe
--
End of file - 10755 bytes
Merci pour votre aide
Autres pages sur : besoin aide rapport hijackthis
Lassé par la pub ? Créez un compte
bonjour
ton rapport n'est pas complet et difficilement lisible, poste en un comme suit:
~Lance Hijackthis.exe "do a system scan & save log file",et fais un copier coller du rapport généré dans ton prochain post.
AIDE : Comment utiliser Hijackthis v2.0.2
ton rapport n'est pas complet et difficilement lisible, poste en un comme suit:
~Lance Hijackthis.exe "do a system scan & save log file",et fais un copier coller du rapport généré dans ton prochain post.
AIDE : Comment utiliser Hijackthis v2.0.2
merci !
voila j ai refait, et copier-coller, ca donne ca :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:00:20, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ChaosSoft\TransText\TransText.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TransText.lnk = C:\Program Files\ChaosSoft\TransText\TransText.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.246 212.151.137.166
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10854 bytes
voila j ai refait, et copier-coller, ca donne ca :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:00:20, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ChaosSoft\TransText\TransText.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TransText.lnk = C:\Program Files\ChaosSoft\TransText\TransText.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.246 212.151.137.166
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10854 bytes
j ai aussi fait un MSNFix , ca donne ca :
MSNFix 1.576
C:\Documents and Settings\admin\Bureau\MSNFix
Fix exécuté le 14/11/2007 - 15:44:46,01 By admin
mode normal
************************ Recherche les fichiers présents
... C:\ir-1-1148.exe
************************ MSNCHK ***** /!\ beta test /!\
************************ Recherche les dossiers présents
... C:\PROGRA~1\Temporary\
... C:\PROGRA~1\WinAble\
... C:\Temp\
************************ Suppression des fichiers
.. OK ... C:\ir-1-1148.exe
.. OK ... C:\ir-1-1148.exe
************************ Suppression des dossiers
.. OK ... C:\PROGRA~1\Temporary\
.. OK ... C:\PROGRA~1\WinAble\
.. OK ... C:\Temp\
************************ Nettoyage du registre
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\Documents and Settings\admin\bcgfvx.exe] 744E4B10DECA7A5E43B299F566136BBF
[C:\Documents and Settings\admin\bthurn.exe] 917943D2DC9388F4CD4BFF651B933210
[C:\Documents and Settings\admin\caivoi.exe] 7483D3CB16EEA58D1D27ED1E03106A56
[C:\Documents and Settings\admin\cxrbpr.exe] E61B80CA62EB9B4FF9A1B895121175A9
[C:\Documents and Settings\admin\dowckb.exe] 07B4CA5B2CF87E7D1E242C2A3D9684EB
[C:\Documents and Settings\admin\fqxxcw.exe] 9E8897041AEFABCDDBE7F658E8D64634
[C:\Documents and Settings\admin\ihjqkw.exe] 7B02426909F1BE400B5449CB3705DEDC
[C:\Documents and Settings\admin\ikvyuu.exe] C96A959CAB6209596C6DF11FB7595AC7
[C:\Documents and Settings\admin\jovaiv.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\Documents and Settings\admin\nptqyq.exe] DFF3DF5035474A56A2AB51BB6AD0A1F1
[C:\Documents and Settings\admin\whhamf.exe] 2259C6AF4D4349D90F8B3CC18B75B33F
[C:\Documents and Settings\admin\ypsouk.exe] FB25E687C2206EA03791AF18C88AEBAA
[C:\Documents and Settings\admin\zowrxm.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\PROGRA~1\cursorxp_free.exe] 4E20300482179B0C47C1F9B072679D1B
[C:\PROGRA~1\InstMsiA.Exe] CD91A545478263B4E6902E7D5932077D
[C:\PROGRA~1\InstMsiW.Exe] D0EF61E0A6EB919BA51229D14C3EF5D5
[C:\PROGRA~1\openoffice-org_openoffice.org_2.1.0_francais_10677.exe] CE73C15291EE609CFCD4E8E4A2DE8A33
[C:\PROGRA~1\setup dont see.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\SETUP.EXE] DC38A8BAA941F7F7529B2EE1E2714921
[C:\PROGRA~1\setup1.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\setupfre.exe] B17B55B062BA384869F65763084A5324
[C:\PROGRA~1\TVUPlayer2.3.0.exe] 68BF852DD8E5E62729C8EE2EA30B67DA
[C:\PROGRA~1\_ISDEL.EXE] C3200E3277AEF0E5D150D797AA62D55F
==> SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 14112007_15465640.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END
MSNFix 1.576
C:\Documents and Settings\admin\Bureau\MSNFix
Fix exécuté le 14/11/2007 - 15:44:46,01 By admin
mode normal
************************ Recherche les fichiers présents
... C:\ir-1-1148.exe
************************ MSNCHK ***** /!\ beta test /!\
************************ Recherche les dossiers présents
... C:\PROGRA~1\Temporary\
... C:\PROGRA~1\WinAble\
... C:\Temp\
************************ Suppression des fichiers
.. OK ... C:\ir-1-1148.exe
.. OK ... C:\ir-1-1148.exe
************************ Suppression des dossiers
.. OK ... C:\PROGRA~1\Temporary\
.. OK ... C:\PROGRA~1\WinAble\
.. OK ... C:\Temp\
************************ Nettoyage du registre
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\Documents and Settings\admin\bcgfvx.exe] 744E4B10DECA7A5E43B299F566136BBF
[C:\Documents and Settings\admin\bthurn.exe] 917943D2DC9388F4CD4BFF651B933210
[C:\Documents and Settings\admin\caivoi.exe] 7483D3CB16EEA58D1D27ED1E03106A56
[C:\Documents and Settings\admin\cxrbpr.exe] E61B80CA62EB9B4FF9A1B895121175A9
[C:\Documents and Settings\admin\dowckb.exe] 07B4CA5B2CF87E7D1E242C2A3D9684EB
[C:\Documents and Settings\admin\fqxxcw.exe] 9E8897041AEFABCDDBE7F658E8D64634
[C:\Documents and Settings\admin\ihjqkw.exe] 7B02426909F1BE400B5449CB3705DEDC
[C:\Documents and Settings\admin\ikvyuu.exe] C96A959CAB6209596C6DF11FB7595AC7
[C:\Documents and Settings\admin\jovaiv.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\Documents and Settings\admin\nptqyq.exe] DFF3DF5035474A56A2AB51BB6AD0A1F1
[C:\Documents and Settings\admin\whhamf.exe] 2259C6AF4D4349D90F8B3CC18B75B33F
[C:\Documents and Settings\admin\ypsouk.exe] FB25E687C2206EA03791AF18C88AEBAA
[C:\Documents and Settings\admin\zowrxm.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\PROGRA~1\cursorxp_free.exe] 4E20300482179B0C47C1F9B072679D1B
[C:\PROGRA~1\InstMsiA.Exe] CD91A545478263B4E6902E7D5932077D
[C:\PROGRA~1\InstMsiW.Exe] D0EF61E0A6EB919BA51229D14C3EF5D5
[C:\PROGRA~1\openoffice-org_openoffice.org_2.1.0_francais_10677.exe] CE73C15291EE609CFCD4E8E4A2DE8A33
[C:\PROGRA~1\setup dont see.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\SETUP.EXE] DC38A8BAA941F7F7529B2EE1E2714921
[C:\PROGRA~1\setup1.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\setupfre.exe] B17B55B062BA384869F65763084A5324
[C:\PROGRA~1\TVUPlayer2.3.0.exe] 68BF852DD8E5E62729C8EE2EA30B67DA
[C:\PROGRA~1\_ISDEL.EXE] C3200E3277AEF0E5D150D797AA62D55F
==> SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 14112007_15465640.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END
bonsoir
fais ça stp:
1
Télécharge BTFix de Bibi26.
Dézippe l'archive sur ton Bureau.
Ouvre le dossier BTFix.
Double clique sur BTFix.exe.
Clique sur Rechercher.
Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.
2
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
fais ça stp:
Citation :
SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr1
Télécharge BTFix de Bibi26.
2
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Merci beaucoup !! , je desesperais.........
Novice sur les posts, désolée pour le doublon...
Depuis, J ai installé antivir : 22 virus supprimés, dont des trojans mais ca rame toujours
RESULTAT NAVILOG :
Search Navipromo version 3.3.6 commencé le 15/11/2007 à 0:43:29,79
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\admin\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\ADMIN\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\ADMIN\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 15/11/2007 à 0:44:13,03 ***
POUR BTFix : RESULTAT
BTFix 1.060 (par bibi26) - 15/11/2007 00:50:00 - Analyse
Lancé depuis C:\Documents and Settings\admin\Bureau\BTFix\BTFix.exe
---> Fichiers/Dossiers trouvés
- C:\Program Files\AskTBar
---> Analyse terminée
Novice sur les posts, désolée pour le doublon...
Depuis, J ai installé antivir : 22 virus supprimés, dont des trojans mais ca rame toujours
RESULTAT NAVILOG :
Search Navipromo version 3.3.6 commencé le 15/11/2007 à 0:43:29,79
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\admin\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\ADMIN\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\ADMIN\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 15/11/2007 à 0:44:13,03 ***
POUR BTFix : RESULTAT
BTFix 1.060 (par bibi26) - 15/11/2007 00:50:00 - Analyse
Lancé depuis C:\Documents and Settings\admin\Bureau\BTFix\BTFix.exe
---> Fichiers/Dossiers trouvés
- C:\Program Files\AskTBar
---> Analyse terminée
EST CE KIL FAUT FAIRE AUSSI CE KIL Y A DANS L ENCADRE "CITATION" ??? :
Citation :
SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
Citation :
SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
bonsoir
pas de majuscules stp
Citation :
SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
oui puisque je te le demande...
fais également le point 1 avec BTFix, j'attends ton rapport.
pas de majuscules stp
Citation :
EST CE KIL FAUT FAIRE AUSSI CE KIL Y A DANS L ENCADRE "CITATION" ??? :Citation :
SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
oui puisque je te le demande...
fais également le point 1 avec BTFix, j'attends ton rapport.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:42, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\admin\Bureau\BTFix\BTFix\BTFix.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin210.exe.lnk = C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.242 193.12.150.22
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10087 bytes
Scan saved at 14:12:42, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\admin\Bureau\BTFix\BTFix\BTFix.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin210.exe.lnk = C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.242 193.12.150.22
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10087 bytes
bonjour
supprime MSNFix et son rapport
puis retélécharge le et refais un passage.
comme tu as utilisé antivir, je ne sais pas où sont maintenant les fichiers suspects qu'il avait detecté:
[C:\Documents and Settings\admin\bcgfvx.exe] 744E4B10DECA7A5E43B299F566136BBF
[C:\Documents and Settings\admin\bthurn.exe] 917943D2DC9388F4CD4BFF651B933210
[C:\Documents and Settings\admin\caivoi.exe] 7483D3CB16EEA58D1D27ED1E03106A56
[C:\Documents and Settings\admin\cxrbpr.exe] E61B80CA62EB9B4FF9A1B895121175A9
[C:\Documents and Settings\admin\dowckb.exe] 07B4CA5B2CF87E7D1E242C2A3D9684EB
[C:\Documents and Settings\admin\fqxxcw.exe] 9E8897041AEFABCDDBE7F658E8D64634
[C:\Documents and Settings\admin\ihjqkw.exe] 7B02426909F1BE400B5449CB3705DEDC
[C:\Documents and Settings\admin\ikvyuu.exe] C96A959CAB6209596C6DF11FB7595AC7
[C:\Documents and Settings\admin\jovaiv.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\Documents and Settings\admin\nptqyq.exe] DFF3DF5035474A56A2AB51BB6AD0A1F1
[C:\Documents and Settings\admin\whhamf.exe] 2259C6AF4D4349D90F8B3CC18B75B33F
[C:\Documents and Settings\admin\ypsouk.exe] FB25E687C2206EA03791AF18C88AEBAA
[C:\Documents and Settings\admin\zowrxm.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\PROGRA~1\cursorxp_free.exe] 4E20300482179B0C47C1F9B072679D1B
[C:\PROGRA~1\InstMsiA.Exe] CD91A545478263B4E6902E7D5932077D
[C:\PROGRA~1\InstMsiW.Exe] D0EF61E0A6EB919BA51229D14C3EF5D5
[C:\PROGRA~1\openoffice-org_openoffice.org_2.1.0_francais_10677.exe] CE73C15291EE609CFCD4E8E4A2DE8A33
[C:\PROGRA~1\setup dont see.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\SETUP.EXE] DC38A8BAA941F7F7529B2EE1E2714921
[C:\PROGRA~1\setup1.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\setupfre.exe] B17B55B062BA384869F65763084A5324
[C:\PROGRA~1\TVUPlayer2.3.0.exe] 68BF852DD8E5E62729C8EE2EA30B67DA
[C:\PROGRA~1\_ISDEL.EXE] C3200E3277AEF0E5D150D797AA62D55F
supprime MSNFix et son rapport
puis retélécharge le et refais un passage.
comme tu as utilisé antivir, je ne sais pas où sont maintenant les fichiers suspects qu'il avait detecté:
Citation :
!\ ces fichiers nécessitent un avis expérimenté avant toute intervention [C:\Documents and Settings\admin\bcgfvx.exe] 744E4B10DECA7A5E43B299F566136BBF
[C:\Documents and Settings\admin\bthurn.exe] 917943D2DC9388F4CD4BFF651B933210
[C:\Documents and Settings\admin\caivoi.exe] 7483D3CB16EEA58D1D27ED1E03106A56
[C:\Documents and Settings\admin\cxrbpr.exe] E61B80CA62EB9B4FF9A1B895121175A9
[C:\Documents and Settings\admin\dowckb.exe] 07B4CA5B2CF87E7D1E242C2A3D9684EB
[C:\Documents and Settings\admin\fqxxcw.exe] 9E8897041AEFABCDDBE7F658E8D64634
[C:\Documents and Settings\admin\ihjqkw.exe] 7B02426909F1BE400B5449CB3705DEDC
[C:\Documents and Settings\admin\ikvyuu.exe] C96A959CAB6209596C6DF11FB7595AC7
[C:\Documents and Settings\admin\jovaiv.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\Documents and Settings\admin\nptqyq.exe] DFF3DF5035474A56A2AB51BB6AD0A1F1
[C:\Documents and Settings\admin\whhamf.exe] 2259C6AF4D4349D90F8B3CC18B75B33F
[C:\Documents and Settings\admin\ypsouk.exe] FB25E687C2206EA03791AF18C88AEBAA
[C:\Documents and Settings\admin\zowrxm.exe] 6CBB4C0ED2E2575084F4BF5198B6C584
[C:\PROGRA~1\cursorxp_free.exe] 4E20300482179B0C47C1F9B072679D1B
[C:\PROGRA~1\InstMsiA.Exe] CD91A545478263B4E6902E7D5932077D
[C:\PROGRA~1\InstMsiW.Exe] D0EF61E0A6EB919BA51229D14C3EF5D5
[C:\PROGRA~1\openoffice-org_openoffice.org_2.1.0_francais_10677.exe] CE73C15291EE609CFCD4E8E4A2DE8A33
[C:\PROGRA~1\setup dont see.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\SETUP.EXE] DC38A8BAA941F7F7529B2EE1E2714921
[C:\PROGRA~1\setup1.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\setupfre.exe] B17B55B062BA384869F65763084A5324
[C:\PROGRA~1\TVUPlayer2.3.0.exe] 68BF852DD8E5E62729C8EE2EA30B67DA
[C:\PROGRA~1\_ISDEL.EXE] C3200E3277AEF0E5D150D797AA62D55F
MSNFix 1.581
C:\Documents and Settings\admin\Bureau\MSNFix\MSNFix
Fix exécuté le 17/11/2007 - 22:38:02,15 By admin
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\Documents and Settings\admin\bcgfvx.exe] 744E4B10DECA7A5E43B299F566136BBF
[C:\PROGRA~1\cursorxp_free.exe] 4E20300482179B0C47C1F9B072679D1B
[C:\PROGRA~1\InstMsiA.Exe] CD91A545478263B4E6902E7D5932077D
[C:\PROGRA~1\InstMsiW.Exe] D0EF61E0A6EB919BA51229D14C3EF5D5
[C:\PROGRA~1\openoffice-org_openoffice.org_2.1.0_francais_10677.exe] CE73C15291EE609CFCD4E8E4A2DE8A33
[C:\PROGRA~1\setup dont see.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\SETUP.EXE] DC38A8BAA941F7F7529B2EE1E2714921
[C:\PROGRA~1\setup1.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\setupfre.exe] B17B55B062BA384869F65763084A5324
[C:\PROGRA~1\TVUPlayer2.3.0.exe] 68BF852DD8E5E62729C8EE2EA30B67DA
[C:\PROGRA~1\_ISDEL.EXE] C3200E3277AEF0E5D150D797AA62D55F
==> SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END --------------------------------------------
C:\Documents and Settings\admin\Bureau\MSNFix\MSNFix
Fix exécuté le 17/11/2007 - 22:38:02,15 By admin
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\Documents and Settings\admin\bcgfvx.exe] 744E4B10DECA7A5E43B299F566136BBF
[C:\PROGRA~1\cursorxp_free.exe] 4E20300482179B0C47C1F9B072679D1B
[C:\PROGRA~1\InstMsiA.Exe] CD91A545478263B4E6902E7D5932077D
[C:\PROGRA~1\InstMsiW.Exe] D0EF61E0A6EB919BA51229D14C3EF5D5
[C:\PROGRA~1\openoffice-org_openoffice.org_2.1.0_francais_10677.exe] CE73C15291EE609CFCD4E8E4A2DE8A33
[C:\PROGRA~1\setup dont see.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\SETUP.EXE] DC38A8BAA941F7F7529B2EE1E2714921
[C:\PROGRA~1\setup1.exe] 7E169517E0E57B39E2A7C331347887B3
[C:\PROGRA~1\setupfre.exe] B17B55B062BA384869F65763084A5324
[C:\PROGRA~1\TVUPlayer2.3.0.exe] 68BF852DD8E5E62729C8EE2EA30B67DA
[C:\PROGRA~1\_ISDEL.EXE] C3200E3277AEF0E5D150D797AA62D55F
==> SVP merci d'envoyer le fichier C:\DOCUME~1\admin\Bureau\Upload_Me.zip sur http://upload.changelog.fr
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END --------------------------------------------
bonsoir
supprime:
C:\Documents and Settings\admin\bcgfvx.exe
analyse:
C:\Program Files\setup dont see.exe
C:\Program Files\setup1.exe
C:\Program Files\setupfre.exe
Sur le site de virusscan
http://virusscan.jotti.org/
poste-nous les rapports.
supprime:
C:\Documents and Settings\admin\bcgfvx.exe
analyse:
C:\Program Files\setup dont see.exe
C:\Program Files\setup1.exe
C:\Program Files\setupfre.exe
Sur le site de virusscan
http://virusscan.jotti.org/
poste-nous les rapports.
Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
File to upload & scan:
Service
Service load: 0% 100%
File: setup1.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 7e169517e0e57b39e2a7c331347887b3
Packers detected: -
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 18 Nov 2007 18:18:55 (GMT)
A-Squared Found Trojan-Downloader.Win32.Agent.bkw
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Powered by
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.
Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.
Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.
Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.
Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, HotelScraper.com, people who donated in the past, and some people who prefer to remain anonymous... many thanks to all!
--------------------------------------------------------------------------------
Statistics
Last file scanned at least one scanner reported something about: EVO_Script.exe (MD5: 0c9a6d0c12a038b6d776626c56110b11, size: 1461291 bytes), detected by:
Scanner Malware name
A-Squared X
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV X
CPsecure X
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus not-a-virus:Client-IRC.Win32.mIRC.614 (6, 2, 601)
Fortinet X
Kaspersky Anti-Virus not-a-virus:Client-IRC.Win32.mIRC.614
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 X
You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.
Frequently asked questions - Feedback - Privacy policy
Page generated by JTPL
© 2004-2007 Jordi Bosveld <jotti@jotti.org>
File to upload & scan:
Service
Service load: 0% 100%
File: setup1.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 7e169517e0e57b39e2a7c331347887b3
Packers detected: -
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 18 Nov 2007 18:18:55 (GMT)
A-Squared Found Trojan-Downloader.Win32.Agent.bkw
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Powered by
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.
Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.
Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.
Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.
Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, HotelScraper.com, people who donated in the past, and some people who prefer to remain anonymous... many thanks to all!
--------------------------------------------------------------------------------
Statistics
Last file scanned at least one scanner reported something about: EVO_Script.exe (MD5: 0c9a6d0c12a038b6d776626c56110b11, size: 1461291 bytes), detected by:
Scanner Malware name
A-Squared X
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV X
CPsecure X
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus not-a-virus:Client-IRC.Win32.mIRC.614 (6, 2, 601)
Fortinet X
Kaspersky Anti-Virus not-a-virus:Client-IRC.Win32.mIRC.614
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 X
You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.
Frequently asked questions - Feedback - Privacy policy
Page generated by JTPL
© 2004-2007 Jordi Bosveld <jotti@jotti.org>
Jotti's malware scan 2.99-TRANSITION_TO_3.00-R1
File to upload & scan:
Service
Service load: 0% 100%
File: setup_dont_see.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 7e169517e0e57b39e2a7c331347887b3
Packers detected: -
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 18 Nov 2007 18:21:53 (GMT)
A-Squared Found Trojan-Downloader.Win32.Agent.bkw
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Powered by
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.
Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.
Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.
Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.
Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, HotelScraper.com, people who donated in the past, and some people who prefer to remain anonymous... many thanks to all!
--------------------------------------------------------------------------------
Statistics
Last file scanned at least one scanner reported something about: 3836218.exe (MD5: 420507e57c798fbab444e806d313d1f3, size: 1536 bytes), detected by:
Scanner Malware name
A-Squared X
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV Trojan.Small-4253
CPsecure W32.Virut.N
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
Fortinet X
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 X
You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.
Frequently asked questions - Feedback - Privacy policy
Page generated by JTPL
© 2004-2007 Jordi Bosveld <jotti@jotti.org>
File to upload & scan:
Service
Service load: 0% 100%
File: setup_dont_see.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 7e169517e0e57b39e2a7c331347887b3
Packers detected: -
Bit9 reports: No threat detected (more info)
Scanner results
Scan taken on 18 Nov 2007 18:21:53 (GMT)
A-Squared Found Trojan-Downloader.Win32.Agent.bkw
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Powered by
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.
Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.
Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.
Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.
Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, HotelScraper.com, people who donated in the past, and some people who prefer to remain anonymous... many thanks to all!
--------------------------------------------------------------------------------
Statistics
Last file scanned at least one scanner reported something about: 3836218.exe (MD5: 420507e57c798fbab444e806d313d1f3, size: 1536 bytes), detected by:
Scanner Malware name
A-Squared X
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV Trojan.Small-4253
CPsecure W32.Virut.N
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
Fortinet X
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 X
You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.
Frequently asked questions - Feedback - Privacy policy
Page generated by JTPL
© 2004-2007 Jordi Bosveld <jotti@jotti.org>
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:59, on 18/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Roland Garros 2007\oneclick.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Documents and Settings\admin\Bureau\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [rg] C:\Program Files\Roland Garros 2007\oneclick.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin210.exe.lnk = C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.242 193.12.150.22
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10417 bytes
Scan saved at 21:23:59, on 18/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Roland Garros 2007\oneclick.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Documents and Settings\admin\Bureau\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [rg] C:\Program Files\Roland Garros 2007\oneclick.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin210.exe.lnk = C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/Pub/Da...{896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.242 193.12.150.22
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10417 bytes
re
~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/We [...] 536C585C9}
Clique sur Fix checked (en bas à gauche)
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\Program Files\ADS Plugins
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
~Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
O2 - BHO: EnigmaBHO - {5CFEE306-E014-48A4-876D-06FF09EBB0F3} - C:\Program Files\ADS Plugins\Enigma.dll
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/We [...] 536C585C9}
Clique sur Fix checked (en bas à gauche)
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\Program Files\ADS Plugins
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
Bonsoir,
En effet , ca ligne c etait une 02.
J ai supprime le dossier avec suppression de programme
J ai du faire "rechercher" pour trouver le dossier dans c![:p]( ":p")
rogrammes files, car il n apparaissait pas dans la liste des programmes.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:30:25, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Roland Garros 2007\oneclick.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rsvp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\admin\Bureau\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [rg] C:\Program Files\Roland Garros 2007\oneclick.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.246 193.12.150.22
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10490 bytes
En effet , ca ligne c etait une 02.
J ai supprime le dossier avec suppression de programme
J ai du faire "rechercher" pour trouver le dossier dans c
rogrammes files, car il n apparaissait pas dans la liste des programmes.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:30:25, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Roland Garros 2007\oneclick.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rsvp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\admin\Bureau\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [rg] C:\Program Files\Roland Garros 2007\oneclick.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e14fc0c92d654736a77e61e4d6357fb9
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lamourgouyette.spaces.live.com//PhotoUpload/MsnP...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://lamourgouyette.spaces.live.com/PhotoUpload/MsnPU...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownl...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{B13FD772-BEA9-40A7-B1BC-C5753A207CBF}: NameServer = 130.244.127.161,130.244.127.162
O17 - HKLM\System\CCS\Services\Tcpip\..\{B811B7C9-2432-480F-B1A1-920D432E382F}: NameServer = 212.151.136.246 193.12.150.22
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10490 bytes
1/les pages internet sont toujours tres longues a venir.
2/ MSN ne bugg plus mais
3/je ne peux plus me servir du micro en conversation video MSN (pourtant il fonctionne, je l ai testé en enregistrement).
4/Les voix sont modifiées.
J 'ai telechargé de nouveaux drivers audio (AC97 je crois) , ce ne sont peut etre pas les bons drivers. (?)
2/ MSN ne bugg plus mais
3/je ne peux plus me servir du micro en conversation video MSN (pourtant il fonctionne, je l ai testé en enregistrement).
4/Les voix sont modifiées.
J 'ai telechargé de nouveaux drivers audio (AC97 je crois) , ce ne sont peut etre pas les bons drivers. (?)
Pour ce qui est des logiciels, essaye de poster ici:
http://www.infos-du-net.com/forum/forum-7.html
on va faire un peu de ménage:
~Télécharge CCleaner:
http://www.filehippo.com/download_ccleaner/
~Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Clique sur le bouton nettoyeur, tu fais " lancer le nettoyage "
Clique sur le bouton erreurs, tu fais "chercher les erreurs ", puis "réparer les erreurs".
Tuto de CCleaner: (merci à Malekal) .
http://www.malekal.com/tutorial_CCleaner.html
Défragmente ton disque dur:
http://www.vulgarisation-informatique.com/defragmenter....
http://www.infos-du-net.com/forum/forum-7.html
on va faire un peu de ménage:
~Télécharge CCleaner:
http://www.filehippo.com/download_ccleaner/
~Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Clique sur le bouton nettoyeur, tu fais " lancer le nettoyage "
Clique sur le bouton erreurs, tu fais "chercher les erreurs ", puis "réparer les erreurs".
Tuto de CCleaner: (merci à Malekal) .
http://www.malekal.com/tutorial_CCleaner.html
Défragmente ton disque dur:
http://www.vulgarisation-informatique.com/defragmenter....
J ai fait le ménage, réparé les erreurs et defragmenté le disque dur.
Peut on encore tenter quelque chose pour la vitesse d execution d internet ?
La vitesse est tres variable d'une page a l autre (sur votre site, c très lent, beaucoup de monde a se connecter ?)
Est ce ke antivir ralentit beaucoup le PC ?
J ai posté sur le forum que vous m avez indiqué pour le probleme de son.
Merci...
Peut on encore tenter quelque chose pour la vitesse d execution d internet ?
La vitesse est tres variable d'une page a l autre (sur votre site, c très lent, beaucoup de monde a se connecter ?)
Est ce ke antivir ralentit beaucoup le PC ?
J ai posté sur le forum que vous m avez indiqué pour le probleme de son.
Merci...
re
je ne pense plus que ce soit infectieux...
fais une analayse pour vérifier quand même:
Fais une analyse antivirus en ligne sur le site de Kaspersky
http://webscanner.kaspersky.fr/
~ Clique sur Online Scanner.
~Accepte l'installation du contrôle ActiveX en cliquant sur le bouton Install.
~Sélectionne le poste de travail comme analyse.
~Enregistre le rapport en cliquant sur le bouton "Enregistrer rapport sous". Nomme-le, tu feras un copier/coller dans ta prochaine réponse.
Aide
je ne pense plus que ce soit infectieux...
fais une analayse pour vérifier quand même:
Fais une analyse antivirus en ligne sur le site de Kaspersky
http://webscanner.kaspersky.fr/
~ Clique sur Online Scanner.
~Accepte l'installation du contrôle ActiveX en cliquant sur le bouton Install.
~Sélectionne le poste de travail comme analyse.
~Enregistre le rapport en cliquant sur le bouton "Enregistrer rapport sous". Nomme-le, tu feras un copier/coller dans ta prochaine réponse.
Aide
KASPERSKY ON-LINE SCANNER REPORT
Thursday, November 22, 2007 5:23:33 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 22/11/2007
Enregistrements dans la base antivirus Kaspersky : 435127
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
E:\
F:\
G:\
H:\
I:\
Statistiques de l'analyse
Total d'objets analysés 60441
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:52:15
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\admin\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Desktop Search\Logs\OTFSMonLog.txt L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Historique\History.IE5\MSHist012007112220071123\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Temp\~DF289F.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Temp\~DFCE76.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\admin\UserData\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.11.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.11.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy35.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_508.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{7530BD80-93B0-4679-8285-6EEBCCBC2463}\RP373\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{DF79F3B5-FB93-4EB9-8DB5-D1A1F99315AA}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\xpdx.sys L'objet est verrouillé ignoré
C:\WINDOWS\Temp\hsperfdata_SYSTEM\560 L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
Thursday, November 22, 2007 5:23:33 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 22/11/2007
Enregistrements dans la base antivirus Kaspersky : 435127
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
E:\
F:\
G:\
H:\
I:\
Statistiques de l'analyse
Total d'objets analysés 60441
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:52:15
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\admin\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Desktop Search\Logs\OTFSMonLog.txt L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Historique\History.IE5\MSHist012007112220071123\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Temp\~DF289F.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Temp\~DFCE76.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\admin\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\admin\UserData\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.11.Crwl L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.11.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.ci L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wsb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy35.gthr L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Ntf2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_508.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{7530BD80-93B0-4679-8285-6EEBCCBC2463}\RP373\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{DF79F3B5-FB93-4EB9-8DB5-D1A1F99315AA}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\xpdx.sys L'objet est verrouillé ignoré
C:\WINDOWS\Temp\hsperfdata_SYSTEM\560 L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
Bonsoir,
Oui j ai toujours des lenteurs, avec IDN, mais sur les autres pages aussi.
J'ai appelé mon FAI (tele2): ca viendrait de ma ligne ! j ai eu des coupures intempestives il y a 6 mois , je les avais donc appelé à maintes reprises.
Ils me disent maintenant que ma ligne est trop loin de l antenne, ke j ai beaucoup trop de debit par rapport a ce kelle peut supporter, et peut etre il faudra faire une expertise complete de la ligne...
Tout ca au bout de 5 ans chez eux ! et avec un debit normal juska y a 6 mois...
J espère ke la solution viendra un jour...
Enfin bref, en tout cas merci pour tout, j 'ai beaucoup appris avec vous, Super Sham Rock !
Oui j ai toujours des lenteurs, avec IDN, mais sur les autres pages aussi.
J'ai appelé mon FAI (tele2): ca viendrait de ma ligne ! j ai eu des coupures intempestives il y a 6 mois , je les avais donc appelé à maintes reprises.
Ils me disent maintenant que ma ligne est trop loin de l antenne, ke j ai beaucoup trop de debit par rapport a ce kelle peut supporter, et peut etre il faudra faire une expertise complete de la ligne...
Tout ca au bout de 5 ans chez eux ! et avec un debit normal juska y a 6 mois...
J espère ke la solution viendra un jour...
Enfin bref, en tout cas merci pour tout, j 'ai beaucoup appris avec vous, Super Sham Rock !
bonjour
puisque c'est un problème lié à ton FAI, tu peux toujours aller voir ici:
http://www.infos-du-net.com/forum/forum-8.html
Supprime tous les programmes installés pour la désinfection.
~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.
![:hello:]( ":hello:")
puisque c'est un problème lié à ton FAI, tu peux toujours aller voir ici:
http://www.infos-du-net.com/forum/forum-8.html
Supprime tous les programmes installés pour la désinfection.
~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumAide pour rapport hijackthis.
- ForumVirus - aide rapport hijackthis
- ForumSpyware- aide rapport hijackthis
- ForumAide pour dechiffrer un rapport hijackthis
- ForumAide pour analyser un rapport hijackthis
- ForumAide rapport navilog1 et hijackthis
- ForumRapport hijackthis aide pour interpretation
- ForumHijackthis, aide pour lire le rapport
- ForumBesoin de lecture de rapport hijackthis
- ForumBesoin quon examine mon rapport hijackthis
- Voir plus
