Aller au contenu

seden2

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    2

  • Inscription

  • Dernière visite

seden2's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. seden2
    Apres avoir suivi les instructions : Fixwareout ver 1.003 Last edited 2/15/2006 Post this report in the forums please Reg Entries that were deleted HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\xedocne HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\gib_ogol HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\llun HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\puorgdopd HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\23plhps HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\mgcppp HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\tesvaf HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\32refaselif HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\putesprpgd ... Microsoft ® Windows Script Host Version 5.6 Random Runs removed from HKLM REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "dmgyl.exe"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] ... PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE. »»»»» Search by size and names... Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\LOCATE.COM Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\XFIND.COM »»»»» Misc files Impossible d'ex‚cuter C:\FIXWAREOUT\FINDT\XFIND.COM »»»»» Checking for older varients covered by the Rem3 tool Logfile of HijackThis v1.99.1 Scan saved at 17:34:46, on 23/02/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Outils Systeme\Eset\nod32krn.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\PROGRA~1\Messager Wanadoo\Demon.exe C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\Winamp\winampa.exe C:\Outils Systeme\Eset\nod32kui.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\AlertModule\AlertModule.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\swmfd.dll/sp.html#10001%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\swmfd.dll/sp.html#10001%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\swmfd.dll/sp.html#10001%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Class - {484E6A8F-D990-0E41-B833-E180E3149E44} - C:\WINDOWS\system32\atlnj.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Class - {A49D52A9-DE08-47DE-6764-86D278A7683C} - C:\WINDOWS\system32\sysgb.dll (file missing) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: Class - {CF22795E-F0CD-B9F1-BAF6-79B05A0373A3} - C:\WINDOWS\ntaa.dll (file missing) O2 - BHO: Class - {FBD6353C-D46D-064E-0DB4-A986D34AD0CE} - C:\WINDOWS\ntfb32.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: (no name) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - (no file) O4 - HKLM\..\Run: [Demon] C:\PROGRA~1\Messager Wanadoo\Demon.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [KAZAA] C:\Program Files\Kazaa\kazaa.exe /SYSTRAY O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [ntcy32.exe] C:\WINDOWS\ntcy32.exe O4 - HKLM\..\Run: [2239.tmp] C:\DOCUME~1\Administrateur\Local Settings\Temp\2239.tmp.exe O4 - HKLM\..\Run: [2239.tmp.exe] C:\DOCUME~1\Administrateur\Local Settings\Temp\2239.tmp.exe O4 - HKLM\..\Run: [DCB.tmp] C:\DOCUME~1\Administrateur\Local Settings\Temp\DCB.tmp.exe O4 - HKLM\..\Run: [DCB.tmp.exe] C:\DOCUME~1\Administrateur\Local Settings\Temp\DCB.tmp.exe O4 - HKLM\..\Run: [E12.tmp] C:\DOCUME~1\Administrateur\Local Settings\Temp\E12.tmp.exe O4 - HKLM\..\Run: [E12.tmp.exe] C:\DOCUME~1\Administrateur\Local Settings\Temp\E12.tmp.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [DCC_send] _ctcp.exe O4 - HKLM\..\Run: [WTFCTF] DCC_send.exe O4 - HKLM\..\Run: [nod32kui] "C:\Outils Systeme\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [wormexe] ERTYDF.exe O4 - HKCU\..\Run: [bogobot] BoundRec.exe O4 - HKCU\..\Run: [br0ken] InpriseMon.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0A5A71B2-600F-44DE-AEA0-82CFB5CCA393}: NameServer = 85.255.116.87,85.255.112.236 O17 - HKLM\System\CCS\Services\Tcpip\..\{0B7AC058-3071-47E7-B605-1A3307C7706E}: NameServer = 85.255.116.87,85.255.112.236 O17 - HKLM\System\CCS\Services\Tcpip\..\{6F7763A2-605B-4C8B-B61D-B258EFA6DDC9}: NameServer = 80.10.246.1 80.10.246.132 O17 - HKLM\System\CCS\Services\Tcpip\..\{F3898909-3887-4166-BD79-A8251C0B159F}: NameServer = 85.255.116.87,85.255.112.236 O17 - HKLM\System\CS2\Services\Tcpip\..\{0A5A71B2-600F-44DE-AEA0-82CFB5CCA393}: NameServer = 85.255.116.87,85.255.112.236 O17 - HKLM\System\CS3\Services\Tcpip\..\{0A5A71B2-600F-44DE-AEA0-82CFB5CCA393}: NameServer = 85.255.116.87,85.255.112.236 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing) O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\msrw32.exe (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Outils Systeme\Eset\nod32krn.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  2. seden2
    En fait il y a de multiples trucs bizarres, l'ouverture de fenetre windows etranges ( pour des erreurs inexistentes et contenant des petits commentaires naze ), le curseur qui se deplace seul sur l'ecran.
×
×
  • Créer...