dark eagle

Membres

Afficher le profil Afficher son activité

Compteur de contenus
1
Inscription
le 2 mai 2006
Dernière visite
le 3 mai 2006

Autres informations

Mes langues
francais

dark eagle's Achievements

Junior Member (3/12)

Réputation sur la communauté

eradiquer les malware

dark eagle a posté un sujet dans Analyses et éradication malwares

Logfile of HijackThis v1.99.1 Scan saved at 15:17:18, on 02/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe C:\program Files\nero\InCD\InCDsrv.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe C:\PowerCinema\Kernel\TV\CLCapSvc.exe D:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe D:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe D:\Program Files\CA\eTrust Antivirus\InoRpc.exe D:\Program Files\CA\eTrust Antivirus\InoRT.exe D:\Program Files\CA\eTrust Antivirus\InoTask.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\HPZipm12.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\Explorer.EXE C:\PowerCinema\Kernel\TV\CLSched.exe C:\PowerDVD\PDVDServ.exe C:\PowerCinema\PCMService.exe D:\WINDOWS\System32\svchost.exe C:\program Files\hp\HP Software Update\HPWuSchd2.exe D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe D:\WINDOWS\Dit.exe D:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe D:\WINDOWS\system32\P2P Networking\P2P Networking.exe D:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe D:\WINDOWS\system32\rundll32.exe C:\win patrol\winpatrol.exe D:\Program Files\MSI\Bluetooth Software\BTTray.exe D:\Program Files\MessengerPlus! 3\MsgPlus.exe D:\Program Files\QuickTime\qttask.exe D:\program files\fichiers communs\system\mplay64.exe D:\PROGRA~1\CA\ETRUST~1\realmon.exe D:\WINDOWS\SOUNDMAN.EXE D:\WINDOWS\system32\ctfmon.exe C:\program Files\hp\Digital Imaging\bin\hpqtra08.exe C:\program Files\hp\Digital Imaging\bin\hpqgalry.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE D:\WINDOWS\system32\wscntfy.exe C:\antivir\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://resultsmaster.com/SmartOffers/Servi...omeLeftPane.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: ticont.MyBHO - {2520BA45-3D97-4864-82FF-F47F951727BA} - D:\WINDOWS\system32\ticont.dll O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - D:\PROGRA~1\INSTAF~1\INSTAF~1.DLL (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\SEARCH~1\SPYBOT~1\SDHelper.dll O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - D:\WINDOWS\system32\sfg_2f9a.dll O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - D:\PROGRA~1\RXTOOL~1\sfcont.dll (file missing) O2 - BHO: HbTools - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - D:\Program Files\HbTools\Bin\4.7.2.1\HbtHostIE.dll O2 - BHO: tisa.MyBHO - {9B053E00-78D3-47AE-B763-60FF36FF2886} - D:\WINDOWS\system32\tisa.dll O4 - HKLM\..\Run: [RemoteControl] C:\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [PCMService] "C:\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] "C:\program Files\hp\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [siSUSBRG] D:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [mmtask] "D:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" O4 - HKLM\..\Run: [P2P Networking] D:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [PCShield] regsvr32 /s "D:\WINDOWS\system32\sfg_2f9a.dll" O4 - HKLM\..\Run: [HbTools] D:\Program Files\HbTools\Bin\4.7.2.1\HbtOEAddOn.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [WinPatrol] C:\win patrol\winpatrol.exe O4 - HKLM\..\Run: [iST Service] D:\Program Files\ISTsvc\istsvc.exe O4 - HKLM\..\Run: [surfAccuracy] D:\Program Files\SurfAccuracy\SAcc.exe O4 - HKLM\..\Run: [internet Optimizer] "D:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [bluetooth Tray Application] D:\Program Files\MSI\Bluetooth Software\BTTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MPlay64] d:\program files\fichiers communs\system\mplay64.exe /noerrorinfo O4 - HKLM\..\Run: [AntivirusRegistration] D:\Program Files\CA\Etrust Antivirus\Register.exe O4 - HKLM\..\Run: [Realtime Monitor] D:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PCShield] regsvr32 /s "D:\WINDOWS\system32\sfg_2f9a.dll" O4 - HKCU\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [NBJ] "C:\program Files\nero\Nero BackItUp\NBJ.exe" O4 - Startup: MyWebSearch Email Plugin.lnk = D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\program Files\hp\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\program Files\hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: MyWebSearch Email Plugin.lnk = D:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxdm414YYFR O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - D:\Program Files\MSI\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1134759922328 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} (Internet Optimizer) - http://xbs.climaxbucks.com/mt/dialers/fc/UniDist.CAB O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/wi...rInstallFRA.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - D:\PROGRA~1\RXTOOL~1\sfcont.dll O20 - AppInit_DLLs: pushow96.dll O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - D:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - D:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\program Files\nero\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - D:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - D:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - D:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - D:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: InstallShield Licensing Service - Macrovision - D:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe O23 - Service: iPodService - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - D:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
- le 2 mai 2006
- 1 réponse

Connexion

dark eagle

Compteur de contenus

Inscription

Dernière visite

Autres informations

dark eagle's Achievements

Junior Member (3/12)

Réputation sur la communauté

eradiquer les malware

Zebulon

Outils en ligne

Naviguer