katian
Membres-
Compteur de contenus
1 -
Inscription
-
Dernière visite
katian's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Bonjour, Je viens de decouvrir ce forum et je pense etre embeter avec un spyware car Pc cillin m'averti toujours de quarantaines, donc voici mon log : Merci pour votre formidable travail !!! Logfile of HijackThis v1.99.1 Scan saved at 20:44:47, on 24/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\SYSTEM32\SPOOLSV.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe C:\WINDOWS\TBPanel.exe C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe D:\utils\Trend Micro Internet Security 14\pccguide.exe D:\utils\PDF Printer\vspdfprsrv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe D:\utils\Spamihilator\spamihilator.exe D:\utils\SpeedFan\speedfan.exe C:\Program Files\Portrait Displays\ImageTune\dtsslsrv.exe D:\utils\Diskeeper\DkService.exe C:\Program Files\Portrait Displays\ImageTune\DTSRVC.exe D:\utils\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\nvsvc32.exe D:\UTILS\TRENDM~1\PCCTLCOM.EXE C:\WINDOWS\system32\svchost.exe D:\utils\TRENDM~1\Tmntsrv.exe D:\UTILS\TRENDM~1\TMPROXY.EXE C:\WINDOWS\system32\wdfmgr.exe D:\UTILS\SC101 MANAGER UTILITY\ZETERASERVICE.EXE D:\UTILS\TRENDM~1\TMPFW.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\svchost.exe D:\utils\Microsoft Office\OFFICE11\WINWORD.EXE C:\DOCUME~1\laurent\LOCALS~1\Temp\48exmodul32d.4.exe D:\Divers\Downloads\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\utils\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - D:\utils\COPERN~1\COPERN~1.DLL R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\utils\ICQToolbar\toolbaru.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\utils\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\utils\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\utils\Free Download Manager\iefdmcks.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\utils\ICQToolbar\toolbaru.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - D:\utils\COPERN~1\COPERN~1.DLL O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A O4 - HKLM\..\Run: [pccguide.exe] "D:\utils\Trend Micro Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [DiskeeperSystray] "D:\utils\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w O4 - HKLM\..\Run: [vspdfprsrv.exe] D:\utils\PDF Printer\vspdfprsrv.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "D:\utils\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [unlockerAssistant] "D:\utils\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "D:\jeux\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [spamihilator] "D:\utils\Spamihilator\spamihilator.exe" O4 - HKCU\..\Run: [appcfg.exe] C:\WINDOWS\system32\appcfg.exe O4 - HKCU\..\Run: [TorCP] D:\utils\Proxy pour Share\TorCP\torcp.exe O4 - HKCU\..\Run: [HDDHealth] D:\utils\HDD Health\hddhealth.exe -wl O4 - HKCU\..\Run: [superCopier2.exe] D:\utils\SuperCopier2\SuperCopier2.exe O4 - Startup: SpeedFan.lnk = D:\utils\SpeedFan\speedfan.exe O4 - Global Startup: ImageTune.lnk = C:\Program Files\Portrait Displays\ImageTune\dthtml.exe O8 - Extra context menu item: &eBay Search - res://D:\utils\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\utils\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 O8 - Extra context menu item: Chercher avec Copernic Agent - res://D:\utils\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: Download all with Free Download Manager - file://D:\utils\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\utils\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://D:\utils\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\utils\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003 O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002 O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000 O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\utils\Copernic Agent\CopernicAgent.exe O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\utils\Copernic Agent\CopernicAgent.exe O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\utils\Copernic Agent\CopernicAgent.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\utils\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\utils\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\utils\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1132695870195 O17 - HKLM\System\CCS\Services\Tcpip\..\{0BEA6F73-FBA5-477B-A5F8-9607342E68E8}: NameServer = 192.168.50.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{0BEA6F73-FBA5-477B-A5F8-9607342E68E8}: NameServer = 192.168.50.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{0BEA6F73-FBA5-477B-A5F8-9607342E68E8}: NameServer = 192.168.50.254 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files\Portrait Displays\ImageTune\dtsslsrv.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (file missing) O23 - Service: Symantec Network Proxy (ccProxy) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe (file missing) O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe (file missing) O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - D:\utils\Diskeeper\DkService.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Portrait Displays\ImageTune\DTSRVC.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\utils\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - D:\utils\TRENDM~1\PcCtlCom.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - D:\utils\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - D:\utils\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: SolidWorks SolidNetWork License Manager - Unknown owner - D:\temp\Help\SolidWorks 2005 SP0 crack (Ita-Eng-Fra)\Crack\lmgrd.exe (file missing) O23 - Service: svchosts - Unknown owner - C:\WINDOWS\system32\svchosts.exe (file missing) O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - D:\utils\TRENDM~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - D:\utils\TRENDM~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - D:\utils\TRENDM~1\tmproxy.exe O23 - Service: WinHosts - Unknown owner - C:\WINDOWS\system32\WinHosts.exe (file missing) O23 - Service: Zetera - Zetera Corporation - D:\utils\SC101 Manager Utility\ZeteraService.exe