Aller au contenu

bgman1

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    3

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français

bgman1's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. bgman1
    bonjour et encore merci a toi!! rapport sdfx SDFix: Version 1.79 Run by beranger - 27/04/2007 - 16:39:06,98 Microsoft Windows XP [version 5.1.2600] Running From: C:\zebulon\sdfx\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Below files will be copied to Backups folder then removed: C:\DOCUME~1\beranger\LOCALS~1\Temp\autorun.inf - Deleted Removing Temp Files ADS Check: Checking if ADS is attached to system32 Folder C:\WINDOWS\system32 No streams found. Checking if ADS is attached to svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" "C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe"="C:\\Program Files\\Acer\\Acer eConsole\\eConsole.exe:LocalSubNet:Enabled:eConsole" "C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe"="C:\\Program Files\\Acer\\Acer eConsole\\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" "C:\\Program Files\\Acer TV-FM\\PowerCinema.exe"="C:\\Program Files\\Acer TV-FM\\PowerCinema.exe:*:Enabled:CyberLink PowerCinema" "C:\\Program Files\\Acer TV-FM\\PCMService.exe"="C:\\Program Files\\Acer TV-FM\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\logicielbg\\musique\\iTunes.exe"="C:\\logicielbg\\musique\\iTunes.exe:*:Enabled:iTunes" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Conference\\Conference.dll"="C:\\Program Files\\Conference\\Conference.dll:*:Enabled:Audio/Video Conference by KIOSK Team" "C:\\Program Files\\WINSOS\\winsos.exe"="C:\\Program Files\\Winsos\\winsos.exe:*:Enabled:Winsos" "C:\\Program Files\\WINSOS\\anti-spy.exe"="C:\\Program Files\\Winsos\\anti-spy.exe:*:Enabled:anti-spy Winsos" "C:\\Program Files\\WINSOS\\help.exe"="C:\\Program Files\\Winsos\\help.exe:*:Enabled:Winsos Help" "C:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe"="C:\\Program Files\\Maïdo Production\\IziSpot 4\\IziSpot.exe:*:Enabled:IziSpot" "C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\72exinjs.a6.exe"="C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\72exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\34exinjs.a6.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\34exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\95exinjs.a6.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\95exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\90exinjs.a6.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\90exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\35exinjs.a6.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\35exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\12exinjs.a6.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\12exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\86exinjs.a6.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\86exinjs.a6.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\48exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\48exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\44exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\44exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\19exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\19exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\76exinjs.a7.exe"="C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\76exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\2exinjs.a7.exe"="C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\2exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\14exinjs.a7.exe"="C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\14exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\33exinjs.a7.exe"="C:\\DOCUME~1\\seve\\LOCALS~1\\Temp\\33exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\90exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\90exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\47exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\47exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\97exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\97exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\12exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\12exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\79exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\79exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\66exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\66exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\69exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\69exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\7exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\7exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\56exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\56exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\73exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\73exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\77exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\77exinjs.a7.exe:*:Enabled:Microsoft Update" "C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\60exinjs.a7.exe"="C:\\DOCUME~1\\beranger\\LOCALS~1\\Temp\\60exinjs.a7.exe:*:Enabled:Microsoft Update" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" Remaining Files: --------------- Backups Folder: - C:\zebulon\sdfx\SDFix\backups\backups.zip Checking For Files with Hidden Attributes: C:\WINDOWS\system32\NTIBUN4.dll C:\WINDOWS\system32\NTICDMK7.dll C:\WINDOWS\system32\NTIFCD3.dll C:\WINDOWS\system32\NTIMP3.dll C:\WINDOWS\system32\NTIMPEG2.dll C:\WINDOWS\AcerDRV\InsD1211.exe C:\WINDOWS\AcerDRV\InsD1215.exe C:\WINDOWS\AcerDRV\rescan.exe C:\WINDOWS\system32\InsD1211.exe C:\WINDOWS\system32\InsD1215.exe C:\WINDOWS\system32\KCMDNIns.exe C:\WINDOWS\system32\Kill1211.exe C:\WINDOWS\system32\reboot.exe C:\WINDOWS\system32\RemD1211.exe C:\WINDOWS\system32\RemD1215.exe C:\WINDOWS\system32\rescan.exe C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp Finished rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 16:50:11, on 27/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe D:\jeux\pirate\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\telechargement\anti spyware\hitman\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\QuickTime\qttask.exe C:\logicielbg\musique\iTunesHelper.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\zebulon\avg\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.DLL R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\TELECH~1\ANTISP~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\telechargement\meta moteur\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\logicielbg\musique\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &NeoTrace It! - D:\TÉLÉCH~1\traceur\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\telechargement\meta moteur\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\TELECH~1\ANTISP~1\hitman\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - D:\TÉLÉCH~1\traceur\NEOTRA~1\NTXtoolbar.htm (HKCU) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypixmania.com/importer/MypixUploader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\zebulon\avg\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\telechargement\anti spyware\hitman\Spyware Doctor\sdhelp.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\jeux\pirate\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\telechargement\anti spyware\hitman\Webroot\Spy Sweeper\WRSSSDK.exe et enfin celui d'avg --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 16:35:55 27/04/2007 + Résultat de l'analyse: C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044286.exe -> Proxy.Horst.pu : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044275.exe -> Proxy.Horst.sv : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044277.exe -> Proxy.Horst.sv : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044280.exe -> Proxy.Horst.sv : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044281.exe -> Proxy.Horst.sv : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044283.exe -> Proxy.Horst.sv : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046536.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046537.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046539.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046540.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046542.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046544.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046545.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046547.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046548.exe -> Proxy.Horst.ya : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP203\A0046549.exe -> Proxy.Horst.ya : Nettoyé. :mozilla.34:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.17:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.18:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.50:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.51:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.52:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.143:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Live : Nettoyé. :mozilla.144:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Live : Nettoyé. :mozilla.145:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Live : Nettoyé. :mozilla.150:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé. :mozilla.208:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.179:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.180:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.181:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\beranger\Cookies\beranger@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.91:C:\Documents and Settings\seve\Application Data\Mozilla\Firefox\Profiles\sf074xyb.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044273.exe -> Worm.Medbod : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044274.exe -> Worm.Medbod : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044276.exe -> Worm.Medbod : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044279.exe -> Worm.Medbod : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044282.exe -> Worm.Medbod : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044284.exe -> Worm.Medbod : Nettoyé. C:\System Volume Information\_restore{27929864-1714-4615-A18A-05D85FEEEFEA}\RP197\A0044287.exe -> Worm.Medbod : Nettoyé. Fin du rapport voici un peu de lecture pour toi car j'y pyge pas grand chose pourtant j'aimerai bien (dit moi tu sais pas comment enlever le virus de mon corps car je crois que l'ordi ma donner la gastro du genre trojan surement , etre malade en meme temps que l'ordi ca me fait dire n'importe quoi désoler ) a tout de suite !!!!
  2. bgman1
    bonjour a toi et merci de ton aide !! voila le rapport Logfile of HijackThis v1.99.1 Scan saved at 13:19:46, on 26/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe D:\jeux\pirate\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\telechargement\anti spyware\hitman\Webroot\Spy Sweeper\WRSSSDK.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\QuickTime\qttask.exe C:\logicielbg\musique\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Logitech\QuickCam10\LU\LULnchr.exe C:\Program Files\Logitech\QuickCam10\LU\LogitechUpdate.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.DLL R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\TELECH~1\ANTISP~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\telechargement\meta moteur\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\logicielbg\musique\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\telechargement\meta moteur\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\TELECH~1\ANTISP~1\hitman\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypixmania.com/importer/MypixUploader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\telechargement\anti spyware\hitman\Spyware Doctor\sdhelp.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\jeux\pirate\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\telechargement\anti spyware\hitman\Webroot\Spy Sweeper\WRSSSDK.exe la fin me semblai pas normal car il n'y a pas écrit mais j'ai vérifier il est entier merci
  3. bgman1
    bonsoir a tous !! ca fait une semaine que j'en peu plus avast s'enerve dans tout les sens a cause d'un trojan nommé win32:horst-HV ou Hw ou encore plein d'autre h.. j'ai meme entendu des son de click alors que j'ai pas toucher a la souris et ma connexion rame grave sinon tout va bien a part que je deviens parano. depuis que j'ai fait le pré netoyage j'ai plus d'alerte alors si quelqu'un pouvait jetter un oeil sur mon rapport ca serai vraiment sympa de votre part merci d'avance a tous !!! Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 23:18:47, on 25/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\System32\FTRTSVC.exe c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe D:\jeux\pirate\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\[app ita & multilinguage]Alcohol 120% v1.9.6.4719 serial activator freddy\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\telechargement\anti spyware\hitman\Webroot\Spy Sweeper\WRSSSDK.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\QuickTime\qttask.exe C:\logicielbg\musique\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\system32\wuauclt.exe C:\Hijackthis V2\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.DLL R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\TELECH~1\ANTISP~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\telechargement\meta moteur\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0 O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB001" /M "Stylus C66" O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\logicielbg\musique\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\GestMaj.exe GestionnaireInternet.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\telechargement\meta moteur\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\TELECH~1\ANTISP~1\hitman\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\TELECH~1\METAMO~1\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypixmania.com/importer/MypixUploader.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\telechargement\anti spyware\hitman\Spyware Doctor\sdhelp.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - C:\WINDOWS\ O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\telechargement\anti spyware\hitman\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 12746 bytes
×
×
  • Créer...