Aller au contenu

leke

Membres
  • Compteur de contenus

    14
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français, anglais

leke's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Rapport Hijack This: Logfile of HijackThis v1.99.1 Scan saved at 23:22:03, on 16/11/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\taskbaricon.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\PROGRA~1\WANADOO\EspaceWanadoo.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Watch.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=www.google.fr O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BCE34D70-8E85-4D88-A10A-7376918BFCFA}: NameServer = 80.10.246.1 80.10.246.132 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - Unknown owner - C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - Unknown owner - C:\WINDOWS\System32\vmnetdhcp.exe (file missing) O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - Unknown owner - C:\WINDOWS\system32\vmnat.exe (file missing) O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing) **************************************************************************************** **************************************************************************************** Rapport scan d'AVG Anti spyware 7.5: + Créé à: 21:38:36 16/11/2006 + Résultat de l'analyse: C:\Program Files\Everest Poker\cstart-tmp.exe -> Adware.Casino : Nettoyé. C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP164\A0019498.exe -> Adware.Casino : Nettoyé. C:\Program Files\HijackThis\backups\backup-20060322-192017-446.dll -> Dialer.EgroupDial.v : Nettoyé. C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP164\A0019499.dll -> Dialer.EgroupDial.v : Nettoyé. C:\Program Files\HijackThis\backups\backup-20060322-192017-470.dll -> Dialer.InstantAccess.e : Nettoyé. C:\Program Files\HijackThis\backups\backup-20060322-192018-255.dll -> Dialer.InstantAccess.r : Nettoyé. C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP164\A0019500.dll -> Dialer.InstantAccess.r : Nettoyé. C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP164\A0019496.exe -> Heuristic.Win32.Backdoor.IrcBot : Nettoyé. C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP164\A0019497.exe -> Heuristic.Win32.Backdoor.IrcBot : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Planetactive : Nettoyé. C:\Documents and Settings\leke\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\leke\Cookies\leke@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. C:\Program Files\HijackThis\backups\backup-20060322-192017-954.dll -> Trojan.Dialer.pc : Nettoyé. Fin du rapport *************************************************************************************** *************************************************************************************** Scan en ligne KASPERSKY ON-LINE SCANNER REPORT Thursday, November 16, 2006 11:19:14 PM Système d'exploitation : Microsoft Windows XP Professional, (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 16/11/2006 Enregistrements dans la base antivirus Kaspersky : 228747 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail A:\ C:\ D:\ E:\ F:\ G:\ H:\ Statistiques de l'analyse Total d'objets analysés 57876 Nombre de virus trouvés 3 Nombre d'objets infectés 3 / 0 Nombre d'objets suspects 2 Durée de l'analyse 01:11:44 Nom de l'objet infecté Nom du virus Dernière action C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\Temp\vmware-serverd-SYSTEM-376.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\leke\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Temp\~DF664C.tmp L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Temp\~DF6B1B.tmp L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Temp\~DF794E.tmp L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Historique\History.IE5\MSHist012006111620061117\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\leke\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\leke\Bureau\Nouveau Document Microsoft Word (2).doc L'objet est verrouillé ignoré C:\Documents and Settings\leke\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\leke\Application Data\Microsoft\Modèles\Normal.dot L'objet est verrouillé ignoré C:\Documents and Settings\leke\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Program Files\Trend Micro\PC-cillin 9\QUARANTINE\B.tmp Infecté : Trojan-Downloader.Win32.Agent.acd ignoré C:\Program Files\Trend Micro\PC-cillin 9\QUARANTINE\C.tmp Infecté : Trojan-Downloader.Win32.Agent.acd ignoré C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP165\A0020317.dll Infecté : Trojan.Win32.Dialer.pc ignoré C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP165\change.log L'objet est verrouillé ignoré E:\informatique\Nouveau dossier\Installations\PATCH_DREAMWEAVER_MX6VF.ZIP/Patch_Dreamweaver MX6vf.exe Suspect : Password-protected-EXE ignoré E:\informatique\Nouveau dossier\Installations\PATCH_DREAMWEAVER_MX6VF.ZIP ZIP: suspect - 1 ignoré Analyse terminée.
  2. Mon système était pas mal infecté. J'ai supprimé un certain nombre de malware et spyware par l'intermédiaire de ewido ad-ware et pccillin et je ne sais pas ce qu'il me reste à virer. Pouvez-vous me dire ce qu'il en est. Merci Voici le dernier scan de HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 18:53:27, on 16/11/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\taskbaricon.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe C:\PROGRA~1\WANADOO\EspaceWanadoo.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Watch.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netcourrier.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=www.google.fr O17 - HKLM\System\CCS\Services\Tcpip\..\{BCE34D70-8E85-4D88-A10A-7376918BFCFA}: NameServer = 80.10.246.130 80.10.246.3 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\System32\wdfmgr.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - Unknown owner - C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - Unknown owner - C:\WINDOWS\System32\vmnetdhcp.exe (file missing) O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - Unknown owner - C:\WINDOWS\system32\vmnat.exe (file missing) O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
  3. Ca y est, c'est fait! Je l'ai pas laissé terminer car il commençait à scanner mes autres partitions mais je sais exactement ce qu'il y a dedans. Voilà le rapport du scan sur la partition systeme: Incident Statut Analyse Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe Adware:adware/navipromo No Désinfecté C:\WINDOWS\system32\zainhymg_navps.dat Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\leke\Bureau\SmitfraudFix.zip[Process.exe] Outil indésirable:Application/Processor No Désinfecté C:\Documents and Settings\leke\Bureau\SmitfraudFix\Process.exe Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\leke\Cookies\leke@xiti[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\leke\Cookies\leke@xiti[3].txt Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\leke\Cookies\leke@adultfriendfinder[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][2].txt Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][2].txt Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][1].txt Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][3].txt Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\leke\Cookies\leke@belnk[1].txt Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\leke\Cookies\leke@adultfriendfinder[3].txt Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\leke\Cookies\leke@adultfriendfinder[2].txt Spyware:Cookie/360i No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][1].txt Spyware:Cookie/Spyfalcon No Désinfecté C:\Documents and Settings\leke\Cookies\[email protected][2].txt Spyware:Cookie/WebPower No Désinfecté C:\Documents and Settings\leke\Cookies\leke@webpower[1].txt Spyware:Cookie/WinFixer No Désinfecté C:\Documents and Settings\leke\Cookies\leke@winfixer[1].txt Spyware:Cookie/ErrorSafe No Désinfecté C:\Documents and Settings\leke\Cookies\leke@errorsafe[1].txt Spyware:Cookie/Ccbill No Désinfecté C:\Documents and Settings\leke\Cookies\leke@ccbill[2].txt Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt[] Dialer:Dialer.DNZ No Désinfecté C:\Program Files\HijackThis\backups\backup-20060322-192017-446.dll Dialer:Dialer.GTN No Désinfecté C:\Program Files\HijackThis\backups\backup-20060322-192018-255.dll
  4. C'était trop beau! T'es consciencieux jusqu'au bout. Je fais ça tout de suite.
  5. Je vais manger et boire un pti verre de vin rouge à ta santé! Passe une TRES BONNE SOIREE
  6. Et non, rien de rien!!! C'est super! Je te remercie beaucoup, tu m'enlève une belle épine du pied
  7. Ok, c'est fait. Ca m'a l'air de bien se présenter dis moi?! Le rapport: SmitFraudFix v2.25 Rapport fait à 21:14:26,81 le 22/03/2006 Executé à partir de C:\Documents and Settings\leke\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\ginuerep.dll supprimé C:\WINDOWS\system32\1024\ supprimé C:\Documents and Settings\leke\Favoris\Antivirus Test Online.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
  8. Ouai c'est cool, ça a l'air d'avancer à grands pas! J'ai plus Instant Access dans la barre de démarrage, IE n'ouvre plus de pages concernant spy falcon (il a l'air d'avoir disparu). La seule chose qu'il reste c'est un icone Windows "Virus Alert" dans la barre de tache qui me signale par info-bulle que mon pc est infecté. Je fais le scan par SmitfraudFix et te transmets le rapport tout de suite... SmitFraudFix v2.25 Rapport fait à 21:08:07,82 le 22/03/2006 Executé à partir de C:\Documents and Settings\leke\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\ »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32 C:\WINDOWS\system32\ginuerep.dll PRESENT ! C:\WINDOWS\system32\1024\ PRESENT! »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\leke\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» Recherche Favoris C:\Documents and Settings\leke\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau »»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" [HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" [HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\System32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}"="Prestige Software" [HKEY_CLASSES_ROOT\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}\InProcServer32] @="C:\WINDOWS\System32\ginuerep.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}\InProcServer32] @="C:\WINDOWS\System32\ginuerep.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
  9. Ca y est, j'ai terminé. Le scan de ewido a pris du temps. Voici son rapport: --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 20:42:40, 22/03/2006 + Somme de contrôle: 3BE0394A + Résultats du scan: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{4da4616d-7e6e-4fd9-a2d5-b6c535733e22} -> Adware.Generic : Nettoyer et sauvegarder C:\WINDOWS\system32\msclock32.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\WINDOWS\system32\msplock32.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@com[2].txt -> TrackingCookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@yadro[2].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Clubdicecasino : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@yadro[3].txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][3].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][1].txt -> TrackingCookie.Grandonline : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Grandonline : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@ivwbox[3].txt -> TrackingCookie.Ivwbox : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@com[3].txt -> TrackingCookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Newyorkcasino : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@goldenpalace[3].txt -> TrackingCookie.Goldenpalace : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@grandonline[3].txt -> TrackingCookie.Grandonline : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][2].txt -> TrackingCookie.Wegcash : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][1].txt -> TrackingCookie.Wegcash : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\leke@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder C:\Documents and Settings\leke\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.10:C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\cookies.txt -> TrackingCookie.Ru4 : Nettoyer et sauvegarder :mozilla.11:C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\cookies.txt -> TrackingCookie.Ru4 : Nettoyer et sauvegarder :mozilla.12:C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\cookies.txt -> TrackingCookie.Ru4 : Nettoyer et sauvegarder :mozilla.13:C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.14:C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.15:C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder :mozilla.6:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder :mozilla.7:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder :mozilla.8:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.9:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.10:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.11:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder :mozilla.18:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder :mozilla.20:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Overture : Nettoyer et sauvegarder :mozilla.26:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.27:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder :mozilla.38:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder :mozilla.51:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.52:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder :mozilla.55:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.56:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder :mozilla.66:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.67:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.68:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.69:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.70:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.71:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyer et sauvegarder :mozilla.72:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyer et sauvegarder :mozilla.73:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyer et sauvegarder :mozilla.74:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyer et sauvegarder :mozilla.75:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyer et sauvegarder :mozilla.76:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.77:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.78:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder :mozilla.97:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.98:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.99:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.100:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder :mozilla.101:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder :mozilla.103:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Centrport : Nettoyer et sauvegarder :mozilla.104:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Centrport : Nettoyer et sauvegarder :mozilla.105:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder :mozilla.124:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder :mozilla.138:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Paycounter : Nettoyer et sauvegarder :mozilla.140:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyer et sauvegarder :mozilla.145:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.146:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder :mozilla.149:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyer et sauvegarder :mozilla.165:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.166:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.167:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.168:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder :mozilla.190:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyer et sauvegarder :mozilla.193:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder :mozilla.203:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder :mozilla.215:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder :mozilla.216:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder :mozilla.217:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.71i : Nettoyer et sauvegarder :mozilla.222:C:\Documents and Settings\leke\Application Data\Mozilla\Firefox\Profiles\00fptb9r.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Program Files\SpyFalcon -> Adware.SpyFalcon : Nettoyer et sauvegarder C:\Program Files\SpyFalcon\SpyFalcon.exe -> Adware.SpyFalcon : Nettoyer et sauvegarder C:\Program Files\SpyFalcon\sf.ini -> Adware.SpyFalcon : Nettoyer et sauvegarder C:\Program Files\SpyFalcon\ignored.lst -> Adware.SpyFalcon : Nettoyer et sauvegarder C:\Program Files\HijackThis\backups\backup-20060322-192017-954.dll -> Trojan.Dialer.pc : Nettoyer et sauvegarder C:\Program Files\HijackThis\backups\backup-20060322-192017-470.dll -> Dialer.InstantAccess.e : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0000110.dll -> Dialer.InstantAccess.m : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0000622.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0000681.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0000696.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0001697.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0001809.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0001834.dll -> Adware.NaviPromo : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0001860.dll -> Trojan.Dialer.pc : Nettoyer et sauvegarder C:\System Volume Information\_restore{7EB6730A-8BF0-49F3-AB65-5EEFC0C94183}\RP1\A0001861.dll -> Dialer.InstantAccess.e : Nettoyer et sauvegarder C:\Recycled\Dc1.exe -> Downloader.Zlob : Nettoyer et sauvegarder ::Fin du rapport ##################################################################### Ensuite, le rapport de HijackThis : Logfile of HijackThis v1.99.1 Scan saved at 20:45:01, on 22/03/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\taskbaricon.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe C:\WINDOWS\System32\vmnetdhcp.exe C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe C:\WINDOWS\system32\vmnat.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://wer-mit-wem.webhop.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=www.google.fr O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: VMware Authorization Service (VMAuthdService) - Unknown owner - C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - Unknown owner - C:\WINDOWS\system32\vmnat.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
  10. Je crois que j'ai lancer HijackThis en mode sans échec, je recommence: Logfile of HijackThis v1.99.1 Scan saved at 18:52:40, on 22/03/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe C:\WINDOWS\System32\vmnetdhcp.exe C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe C:\WINDOWS\system32\vmnat.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\taskbaricon.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe C:\PROGRA~1\WANADOO\EspaceWanadoo.exe C:\PROGRA~1\WANADOO\ComComp.exe C:\PROGRA~1\WANADOO\Watch.exe C:\Program Files\Microsoft Office\Office\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://wer-mit-wem.webhop.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netcourrier.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) O2 - BHO: Nothing - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - C:\WINDOWS\System32\hp371.tmp (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [instant Access] rundll32.exe EGACCESS4_1060.dll,InstantAccess O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=www.google.fr O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1058_XP.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1059_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - http://scripts.downloadv3.com/binaries/EGD...ESS_1074_XP.cab O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1060_XP.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGD...ESS_1073_XP.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BCE34D70-8E85-4D88-A10A-7376918BFCFA}: NameServer = 80.10.246.1 80.10.246.132 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: VMware Authorization Service (VMAuthdService) - Unknown owner - C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - Unknown owner - C:\WINDOWS\system32\vmnat.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
  11. Je manque de réflexes!! En tout cas, j'ai fait ce que tu m'as dit. J'ai éxécuté de nouveau HijackThis. Le rapport: Logfile of HijackThis v1.99.1 Scan saved at 18:38:41, on 22/03/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://wer-mit-wem.webhop.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) O2 - BHO: Nothing - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - C:\WINDOWS\System32\hp371.tmp (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [zainhymg] c:\windows\system32\zainhymg.exe zainhymg O4 - HKCU\..\Run: [instant Access] rundll32.exe EGACCESS4_1060.dll,InstantAccess O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=www.google.fr O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1058_XP.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1059_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - http://scripts.downloadv3.com/binaries/EGD...ESS_1074_XP.cab O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1060_XP.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGD...ESS_1073_XP.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: VMware Authorization Service (VMAuthdService) - Unknown owner - C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - Unknown owner - C:\WINDOWS\system32\vmnat.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
  12. Bonjour, je suis nouveau venu et j'ai eu des petits soucis en rapport à Spy Falcon. J'ai fait ce que vous avez recommandé dans le forum: install de Antivir, scan, install de HijackThis et scan. Ci dessous le rapport de HijackThis. Pouvez-vous l'analysez? Merci Logfile of HijackThis v1.99.1 Scan saved at 18:02:21, on 22/03/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe C:\WINDOWS\System32\vmnetdhcp.exe C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe C:\WINDOWS\system32\vmnat.exe C:\PROGRA~1\WANADOO\CnxMon.exe C:\PROGRA~1\WANADOO\taskbaricon.exe C:\WINDOWS\System32\GSICON.EXE C:\WINDOWS\System32\dslagent.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://wer-mit-wem.webhop.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\leke\Application Data\Mozilla\Profiles\default\2722pqcp.slt\prefs.js) O2 - BHO: Nothing - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - C:\WINDOWS\System32\hp371.tmp (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\WANADOO\CnxMon.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe" O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe" O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [instant Access] rundll32.exe EGACCESS4_1060.dll,InstantAccess O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Validate XML - C:\WINDOWS\web\msxmlval.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: View XSL Output - C:\WINDOWS\web\msxmlvw.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=www.google.fr O16 - DPF: {2A3DFC59-8A87-49A1-85D1-42903410911F} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1058_XP.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1059_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {8D8BAF56-B581-4B90-A549-C4AC6B03F1BB} - http://scripts.downloadv3.com/binaries/EGD...ESS_1074_XP.cab O16 - DPF: {AF7410C1-FBA3-415E-800A-4110CED40536} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1060_XP.cab O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGD...ESS_1073_XP.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 9\Tmntsrv.exe O23 - Service: VMware Authorization Service (VMAuthdService) - Unknown owner - C:\Program Files\VMware\VMware GSX Server\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\System32\vmnetdhcp.exe O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware GSX Server\vmserverdWin32.exe O23 - Service: VMware NAT Service - Unknown owner - C:\WINDOWS\system32\vmnat.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
×
×
  • Créer...