krikri58

Membres

Afficher le profil Afficher son activité

Compteur de contenus
35
Inscription
le 20 juillet 2008
Dernière visite
le 1 mai 2013

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par krikri58

[Resolu]probleme pour lire les videos de youtube

krikri58 a répondu à un(e) sujet de krikri58 dans Software

Bonjour! J'utilise internet explorer 7, la version du flash player c'est la 9 la derniere ( en plus sur youtube on me met le lien du site adobe). Pour la dernière question , concernant les scripts et les "objets embarqués je ne sais pas du tout. Ou faut il regarder?
- le 25 juillet 2008
- 8 réponses
[Resolu]probleme pour lire les videos de youtube

krikri58 a posté un sujet dans Software

Bonjour! Alors mon problème est que je n'arrive plus à lire les videos du site de youtube. A la place il y a un message qui s'affiche : Bonjour, vous avez désactivé JavaScript ou bien vous possédez une ancienne version d'Adobe Flash Player. Téléchargez la dernière version de Flash Player. J'ai téléchargé cette version via le site d'adobe mais c'est le même résultat. Je ne sais pas du tout comment faire pour régler ce problème contraigant ayant l'habitude d'aller sur youtube. J'ai aussi supprimé toutes les versions antérieures de java, et j'ai mis la derniere version ( 6 update 7). Merci d'avance pour votre aide
- le 23 juillet 2008
- 8 réponses
image ecran qui defile anormalement

krikri58 a posté un sujet dans Hardware

Bonjour je voulais savoir comment savoir de quoi vient le fait qu a chaque fois que je fais dèfiler les pages il y a des traits et c est s accadé je sais que cela ne vient pas de l écran car j ai essayé sur 2 écrans différents et le résultat est identique
- le 23 juillet 2008
- 2 réponses
[RESOLU] rapport hijackthis

krikri58 a répondu à un(e) sujet de krikri58 dans Analyses et éradication malwares

merci pour tout
- le 23 juillet 2008
- 13 réponses
[RESOLU] rapport hijackthis

krikri58 a répondu à un(e) sujet de krikri58 dans Analyses et éradication malwares

je voulais savoir aussi si c est du au pc infecté que l ecran défile bizarrement, avec des traits et de manière s accadée je sais que cela ne vient pas de l écran car j ai essayé sur 2 écrans différents et le résultat est identique. PS au passage MERCI à ta rapidité Apollo 01
- le 22 juillet 2008
- 13 réponses
[RESOLU] rapport hijackthis

krikri58 a répondu à un(e) sujet de krikri58 dans Analyses et éradication malwares

Voici le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:07:26, on 23.07.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\Philips\SPC220NC\Monitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Isabelle\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe O4 - HKLM\..\Run: [ugescw] "C:\PROGRA~1\ERREUR~1\ugescw.exe" -start O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124099845656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -- End of file - 9988 bytes
- le 22 juillet 2008
- 13 réponses
[RESOLU] rapport hijackthis

krikri58 a répondu à un(e) sujet de krikri58 dans Analyses et éradication malwares

voici les 2 rapports. Malwarebytes' Anti-Malware 1.22 Version de la base de données: 978 Windows 5.1.2600 Service Pack 2 19:24:08 22.07.2008 mbam-log-7-22-2008 (19-24-08).txt Type de recherche: Examen complet (A:\|C:\|D:\|) Eléments examinés: 100614 Temps écoulé: 57 minute(s), 14 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): (Aucun élément nuisible détecté) Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:31:21, on 22.07.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\Philips\SPC220NC\Monitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Documents and Settings\Isabelle\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe O4 - HKLM\..\Run: [ugescw] "C:\PROGRA~1\ERREUR~1\ugescw.exe" -start O4 - HKLM\..\Run: [salestart] "C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe" dm=http://erreurchasseur.com; ad=http://erreurchasseur.com O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sixth Dent] C:\DOCUME~1\Isabelle\APPLIC~1\THISBI~1\WebRemote.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TrayMin220.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124099845656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -- End of file - 11815 bytes
- le 22 juillet 2008
- 13 réponses
[RESOLU] rapport hijackthis

krikri58 a répondu à un(e) sujet de krikri58 dans Analyses et éradication malwares

voici les 3 rapports --------------------\\ Lop S&D 4.2.2-2 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Isabelle ] [ "C:\Lop SD" ] [ Selection : 2 ] [ 22.07.2008 | 14:11:03.10 ] [ PC : CHIEFTEC ] [ MAJ : 20-07-2008 | 12:15 ] \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION ///////////////////////////// Supprime! - C:\DOCUME~1\Isabelle\Cookies\isabelle@advertising[1].txt Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\axis wait the bone RestaurÚ! - Fichier Hosts //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Supprime! - C:\DOCUME~1\Isabelle\APPLIC~1\DriveCleaner Free Supprime! - C:\DOCUME~1\Isabelle\APPLIC~1\ErreurChasseur Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\ErreurChasseur //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [13.06.2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [21.07.2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [18.12.2004|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [18.12.2004|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [01.06.2007|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios [20.01.2007|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [19.05.2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [27.08.2005|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [27.06.2006|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [04.06.2008|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt [04.03.2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [20.04.2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12.03.2005|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [23.12.2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [13.01.2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Philips Intelligent Agent [04.11.2007|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMonitor [12.09.2007|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [10.02.2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [08.04.2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [11.09.2005|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [24.12.2006|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [18.12.2004|16:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [02.12.2007|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [27.02.2008|20:51] C:\DOCUME~1\Isabelle\APPLIC~1\Adobe [02.07.2006|15:05] C:\DOCUME~1\Isabelle\APPLIC~1\AdobeUM [13.01.2007|15:57] C:\DOCUME~1\Isabelle\APPLIC~1\Ahead [22.12.2007|18:38] C:\DOCUME~1\Isabelle\APPLIC~1\ArcSoft [19.05.2008|21:18] C:\DOCUME~1\Isabelle\APPLIC~1\Azureus [25.02.2005|20:44] C:\DOCUME~1\Isabelle\APPLIC~1\CyberLink [18.12.2004|16:37] C:\DOCUME~1\Isabelle\APPLIC~1\desktop.ini [21.04.2008|19:32] C:\DOCUME~1\Isabelle\APPLIC~1\GDIPFONTCACHEV1.DAT [28.05.2006|21:26] C:\DOCUME~1\Isabelle\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log [29.10.2006|12:47] C:\DOCUME~1\Isabelle\APPLIC~1\Google [04.03.2005|20:09] C:\DOCUME~1\Isabelle\APPLIC~1\Help [26.10.2006|14:37] C:\DOCUME~1\Isabelle\APPLIC~1\HP [22.02.2005|08:13] C:\DOCUME~1\Isabelle\APPLIC~1\Identities [26.12.2007|16:36] C:\DOCUME~1\Isabelle\APPLIC~1\Image Zone Express [22.12.2007|18:18] C:\DOCUME~1\Isabelle\APPLIC~1\InstallShield [04.06.2008|17:00] C:\DOCUME~1\Isabelle\APPLIC~1\Leadertech [12.07.2008|12:07] C:\DOCUME~1\Isabelle\APPLIC~1\LimeWire [04.03.2005|20:11] C:\DOCUME~1\Isabelle\APPLIC~1\Macromedia [23.04.2008|14:00] C:\DOCUME~1\Isabelle\APPLIC~1\Microsoft [03.04.2007|20:19] C:\DOCUME~1\Isabelle\APPLIC~1\MSN6 [25.12.2005|16:41] C:\DOCUME~1\Isabelle\APPLIC~1\Musicmatch [13.01.2007|15:45] C:\DOCUME~1\Isabelle\APPLIC~1\NeroDCTemplates [26.12.2007|16:28] C:\DOCUME~1\Isabelle\APPLIC~1\Printer Info Cache [10.11.2007|20:48] C:\DOCUME~1\Isabelle\APPLIC~1\Samsung [23.04.2006|23:35] C:\DOCUME~1\Isabelle\APPLIC~1\Sun [04.03.2005|06:09] C:\DOCUME~1\Isabelle\APPLIC~1\Symantec [21.07.2008|14:17] C:\DOCUME~1\Isabelle\APPLIC~1\this bird mags [09.06.2007|18:45] C:\DOCUME~1\Isabelle\APPLIC~1\vlc [24.05.2006|22:02] C:\DOCUME~1\Isabelle\APPLIC~1\Vso [10.01.2008|21:46] C:\DOCUME~1\Isabelle\APPLIC~1\WinRAR [16.07.2007|14:07] C:\DOCUME~1\ISABEL~1\APPLIC~1\Adobe [09.02.2006|20:39] C:\DOCUME~1\ISABEL~1\APPLIC~1\AdobeUM [17.06.2006|09:12] C:\DOCUME~1\ISABEL~1\APPLIC~1\Ahead [18.12.2004|16:37] C:\DOCUME~1\ISABEL~1\APPLIC~1\desktop.ini [20.01.2007|17:35] C:\DOCUME~1\ISABEL~1\APPLIC~1\Google [11.08.2006|12:25] C:\DOCUME~1\ISABEL~1\APPLIC~1\HP [14.01.2006|21:40] C:\DOCUME~1\ISABEL~1\APPLIC~1\Identities [11.08.2006|12:27] C:\DOCUME~1\ISABEL~1\APPLIC~1\Image Zone Express [14.01.2006|21:44] C:\DOCUME~1\ISABEL~1\APPLIC~1\Macromedia [14.08.2006|21:45] C:\DOCUME~1\ISABEL~1\APPLIC~1\Magic Match [05.03.2008|22:19] C:\DOCUME~1\ISABEL~1\APPLIC~1\Microsoft [04.02.2008|22:34] C:\DOCUME~1\ISABEL~1\APPLIC~1\Skype [05.03.2008|22:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [05.03.2008|22:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [06.02.2006|21:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [21.07.2008 18:14][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job [22.07.2008 10:27][--ah-----] C:\WINDOWS\tasks\SA.DAT [28.09.2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13.06.2007|22:54] C:\Program Files\Adobe [10.02.2006|19:30] C:\Program Files\Alwil Software [18.12.2004|17:42] C:\Program Files\Analog Devices [04.03.2008|19:32] C:\Program Files\Anuman Interactive [22.12.2007|18:22] C:\Program Files\ArcSoft [21.07.2008|21:00] C:\Program Files\Avira [05.03.2008|22:26] C:\Program Files\AxBx [24.12.2006|17:07] C:\Program Files\Azureus [01.01.2007|14:12] C:\Program Files\Azureus1 [27.02.2008|21:03] C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor [18.12.2004|17:59] C:\Program Files\CyberLink [26.04.2008|10:57] C:\Program Files\EasyPHP 2.0b1 [26.04.2008|10:52] C:\Program Files\EasyPHP1-8 [12.07.2008|18:21] C:\Program Files\eMule [12.07.2008|18:21] C:\Program Files\eMule2 [12.07.2008|18:40] C:\Program Files\ffdshow [02.03.2008|22:13] C:\Program Files\Fichiers communs [28.01.2007|09:54] C:\Program Files\Google [27.06.2006|11:52] C:\Program Files\Hewlett-Packard [27.06.2006|11:53] C:\Program Files\HP [20.07.2008|16:36] C:\Program Files\InstallShield Installation Information [18.06.2008|21:14] C:\Program Files\Internet Explorer [08.08.2007|17:04] C:\Program Files\Java [12.07.2008|12:02] C:\Program Files\LimeWire [22.12.2007|18:12] C:\Program Files\Logitech [18.12.2004|17:43] C:\Program Files\Marvell [24.09.2005|17:07] C:\Program Files\Messenger [29.10.2007|18:03] C:\Program Files\MessengerPlus! 3 [18.12.2004|16:47] C:\Program Files\microsoft frontpage [21.04.2008|19:03] C:\Program Files\Microsoft Office [21.09.2005|19:47] C:\Program Files\Movie Maker [21.04.2008|19:02] C:\Program Files\MSECache [18.12.2004|16:44] C:\Program Files\MSN [11.04.2005|14:15] C:\Program Files\MSN Apps [08.08.2007|17:06] C:\Program Files\MSN Games [18.12.2004|16:44] C:\Program Files\MSN Gaming Zone [12.07.2008|18:06] C:\Program Files\MSN Messenger [24.04.2007|13:14] C:\Program Files\MSN Spy 2004 [25.12.2005|16:42] C:\Program Files\Musicmatch [20.05.2006|18:29] C:\Program Files\Nero [13.01.2007|14:50] C:\Program Files\nero express [21.09.2005|19:42] C:\Program Files\NetMeeting [28.02.2008|20:49] C:\Program Files\Neuf [12.06.2007|23:40] C:\Program Files\Outlook Express [22.12.2007|18:21] C:\Program Files\Philips [13.01.2007|16:50] C:\Program Files\Philips Intelligent Agent [15.05.2006|20:56] C:\Program Files\Real Clone DVD [20.07.2008|16:36] C:\Program Files\SAGEM [10.11.2007|20:33] C:\Program Files\Samsung [23.04.2008|14:20] C:\Program Files\Script Edit [20.07.2008|15:41] C:\Program Files\Securitoo [18.12.2004|16:46] C:\Program Files\Services en ligne [27.01.2006|16:26] C:\Program Files\Skype [12.09.2007|20:54] C:\Program Files\Spybot - Search & Destroy [08.04.2008|10:26] C:\Program Files\Spyware Doctor [10.02.2006|19:29] C:\Program Files\Symantec [16.12.2005|19:37] C:\Program Files\Ubisoft [18.12.2004|17:07] C:\Program Files\Uninstall Information [09.06.2007|13:50] C:\Program Files\VideoLAN [22.07.2008|11:04] C:\Program Files\Wanadoo [04.03.2008|19:38] C:\Program Files\Winamp [11.08.2007|15:27] C:\Program Files\Windows Live [21.07.2008|20:08] C:\Program Files\Windows Media Connect 2 [21.07.2008|20:08] C:\Program Files\Windows Media Player [21.09.2005|19:42] C:\Program Files\Windows NT [15.08.2005|12:00] C:\Program Files\WindowsUpdate [10.01.2008|21:42] C:\Program Files\WinRAR [18.12.2004|16:47] C:\Program Files\xerox [24.12.2006|16:41] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [03.09.2007|18:24] C:\Program Files\Fichiers communs\Adobe [13.01.2007|14:53] C:\Program Files\Fichiers communs\Ahead [18.12.2004|18:07] C:\Program Files\Fichiers communs\Designer [20.05.2008|20:49] C:\Program Files\Fichiers communs\ErreurChasseur [27.08.2005|10:51] C:\Program Files\Fichiers communs\Hewlett-Packard [17.12.2007|20:55] C:\Program Files\Fichiers communs\HP [18.12.2004|17:43] C:\Program Files\Fichiers communs\InstallShield [23.04.2006|23:32] C:\Program Files\Fichiers communs\Java [13.01.2007|15:21] C:\Program Files\Fichiers communs\LightScribe [02.03.2008|22:35] C:\Program Files\Fichiers communs\Logitech [21.04.2008|19:03] C:\Program Files\Fichiers communs\Microsoft Shared [18.12.2004|16:45] C:\Program Files\Fichiers communs\MSSoap [18.12.2004|16:37] C:\Program Files\Fichiers communs\ODBC [25.12.2005|16:43] C:\Program Files\Fichiers communs\PhilipsMM [18.12.2004|16:45] C:\Program Files\Fichiers communs\Services [18.12.2004|16:37] C:\Program Files\Fichiers communs\SpeechEngines [10.02.2006|19:29] C:\Program Files\Fichiers communs\Symantec Shared [12.06.2007|23:40] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 46 Processus ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-22 14:12:11 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 297 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\ALLUSE~1\Bureau\Q-DANCE RADIO HARD STREAM 128K MP3\incomplete\(1)Asys - Acid Head Cracker [303 Inferno Mix].mp3 [F:279][D:16]-> C:\DOCUME~1\Isabelle\LOCALS~1\Temp [F:56][D:0]-> C:\DOCUME~1\Isabelle\Cookies [F:846][D:5]-> C:\DOCUME~1\Isabelle\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 14:13:13.10 SmitFraudFix v2.331 Rapport fait à 14:27:40.67, 22.07.2008 Executé à partir de C:\Documents and Settings\Isabelle\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{228C4964-C9F9-4581-819E-4C15EB34662F}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{D7E96D8B-180B-4825-B5CA-B4160C0C39E8}: DhcpNameServer=86.64.145.141 84.103.237.141 HKLM\SYSTEM\CS1\Services\Tcpip\..\{228C4964-C9F9-4581-819E-4C15EB34662F}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{D7E96D8B-180B-4825-B5CA-B4160C0C39E8}: DhcpNameServer=86.64.145.141 84.103.237.141 HKLM\SYSTEM\CS2\Services\Tcpip\..\{228C4964-C9F9-4581-819E-4C15EB34662F}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{D7E96D8B-180B-4825-B5CA-B4160C0C39E8}: DhcpNameServer=86.64.145.141 84.103.237.141 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:42:54, on 22.07.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\Philips\SPC220NC\Monitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe C:\Documents and Settings\Isabelle\Bureau\HijackThis.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe O4 - HKLM\..\Run: [ugescw] "C:\PROGRA~1\ERREUR~1\ugescw.exe" -start O4 - HKLM\..\Run: [salestart] "C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe" dm=http://erreurchasseur.com; ad=http://erreurchasseur.com O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sixth Dent] C:\DOCUME~1\Isabelle\APPLIC~1\THISBI~1\WebRemote.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TrayMin220.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124099845656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -- End of file - 11782 bytes
- le 22 juillet 2008
- 13 réponses
[RESOLU] rapport hijackthis

krikri58 a répondu à un(e) sujet de krikri58 dans Analyses et éradication malwares

Je ne vois pas avast dans l ajout ou suppression de programmes , c est bizarre. voici les 2 rapports --------------------\\ Lop S&D 4.2.2-2 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : Isabelle ] [ "C:\Lop SD" ] [ Selection : 1 ] [ 22.07.2008 | 11:11:26.32 ] [ PC : CHIEFTEC ] [ MAJ : 20-07-2008 | 12:15 ] --------------------\\ Listing des dossiers dans Application Data [13.06.2007|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [21.07.2008|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [09.11.2007|22:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\axis wait the bone [18.12.2004|17:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [18.12.2004|16:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini [01.06.2007|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios [04.11.2007|16:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\erreurchasseur [20.01.2007|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google [19.05.2008|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft [27.08.2005|10:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [27.06.2006|12:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log [04.06.2008|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt [04.03.2008|19:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [20.04.2007|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12.03.2005|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [23.12.2006|19:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage [13.01.2007|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Philips Intelligent Agent [04.11.2007|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SalesMonitor [12.09.2007|20:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [10.02.2006|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [08.04.2008|10:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [11.09.2005|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [24.12.2006|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [18.12.2004|16:37] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini [02.12.2007|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [27.02.2008|20:51] C:\DOCUME~1\Isabelle\APPLIC~1\Adobe [02.07.2006|15:05] C:\DOCUME~1\Isabelle\APPLIC~1\AdobeUM [13.01.2007|15:57] C:\DOCUME~1\Isabelle\APPLIC~1\Ahead [22.12.2007|18:38] C:\DOCUME~1\Isabelle\APPLIC~1\ArcSoft [19.05.2008|21:18] C:\DOCUME~1\Isabelle\APPLIC~1\Azureus [25.02.2005|20:44] C:\DOCUME~1\Isabelle\APPLIC~1\CyberLink [18.12.2004|16:37] C:\DOCUME~1\Isabelle\APPLIC~1\desktop.ini [08.09.2007|15:19] C:\DOCUME~1\Isabelle\APPLIC~1\DriveCleaner Free [04.11.2007|16:32] C:\DOCUME~1\Isabelle\APPLIC~1\erreurchasseur [21.04.2008|19:32] C:\DOCUME~1\Isabelle\APPLIC~1\GDIPFONTCACHEV1.DAT [28.05.2006|21:26] C:\DOCUME~1\Isabelle\APPLIC~1\GdiplusUpgrade_MSIApproach_Wrapper.log [29.10.2006|12:47] C:\DOCUME~1\Isabelle\APPLIC~1\Google [04.03.2005|20:09] C:\DOCUME~1\Isabelle\APPLIC~1\Help [26.10.2006|14:37] C:\DOCUME~1\Isabelle\APPLIC~1\HP [22.02.2005|08:13] C:\DOCUME~1\Isabelle\APPLIC~1\Identities [26.12.2007|16:36] C:\DOCUME~1\Isabelle\APPLIC~1\Image Zone Express [22.12.2007|18:18] C:\DOCUME~1\Isabelle\APPLIC~1\InstallShield [04.06.2008|17:00] C:\DOCUME~1\Isabelle\APPLIC~1\Leadertech [12.07.2008|12:07] C:\DOCUME~1\Isabelle\APPLIC~1\LimeWire [04.03.2005|20:11] C:\DOCUME~1\Isabelle\APPLIC~1\Macromedia [23.04.2008|14:00] C:\DOCUME~1\Isabelle\APPLIC~1\Microsoft [03.04.2007|20:19] C:\DOCUME~1\Isabelle\APPLIC~1\MSN6 [25.12.2005|16:41] C:\DOCUME~1\Isabelle\APPLIC~1\Musicmatch [13.01.2007|15:45] C:\DOCUME~1\Isabelle\APPLIC~1\NeroDCTemplates [26.12.2007|16:28] C:\DOCUME~1\Isabelle\APPLIC~1\Printer Info Cache [10.11.2007|20:48] C:\DOCUME~1\Isabelle\APPLIC~1\Samsung [23.04.2006|23:35] C:\DOCUME~1\Isabelle\APPLIC~1\Sun [04.03.2005|06:09] C:\DOCUME~1\Isabelle\APPLIC~1\Symantec [21.07.2008|14:17] C:\DOCUME~1\Isabelle\APPLIC~1\this bird mags [09.06.2007|18:45] C:\DOCUME~1\Isabelle\APPLIC~1\vlc [24.05.2006|22:02] C:\DOCUME~1\Isabelle\APPLIC~1\Vso [10.01.2008|21:46] C:\DOCUME~1\Isabelle\APPLIC~1\WinRAR [16.07.2007|14:07] C:\DOCUME~1\ISABEL~1\APPLIC~1\Adobe [09.02.2006|20:39] C:\DOCUME~1\ISABEL~1\APPLIC~1\AdobeUM [17.06.2006|09:12] C:\DOCUME~1\ISABEL~1\APPLIC~1\Ahead [18.12.2004|16:37] C:\DOCUME~1\ISABEL~1\APPLIC~1\desktop.ini [20.01.2007|17:35] C:\DOCUME~1\ISABEL~1\APPLIC~1\Google [11.08.2006|12:25] C:\DOCUME~1\ISABEL~1\APPLIC~1\HP [14.01.2006|21:40] C:\DOCUME~1\ISABEL~1\APPLIC~1\Identities [11.08.2006|12:27] C:\DOCUME~1\ISABEL~1\APPLIC~1\Image Zone Express [14.01.2006|21:44] C:\DOCUME~1\ISABEL~1\APPLIC~1\Macromedia [14.08.2006|21:45] C:\DOCUME~1\ISABEL~1\APPLIC~1\Magic Match [05.03.2008|22:19] C:\DOCUME~1\ISABEL~1\APPLIC~1\Microsoft [04.02.2008|22:34] C:\DOCUME~1\ISABEL~1\APPLIC~1\Skype [05.03.2008|22:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [05.03.2008|22:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [06.02.2006|21:13] C:\DOCUME~1\NETWOR~1\APPLIC~1\Symantec --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [21.07.2008 18:14][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job [22.07.2008 10:27][--ah-----] C:\WINDOWS\tasks\SA.DAT [28.09.2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [13.06.2007|22:54] C:\Program Files\Adobe [10.02.2006|19:30] C:\Program Files\Alwil Software [18.12.2004|17:42] C:\Program Files\Analog Devices [04.03.2008|19:32] C:\Program Files\Anuman Interactive [22.12.2007|18:22] C:\Program Files\ArcSoft [21.07.2008|21:00] C:\Program Files\Avira [05.03.2008|22:26] C:\Program Files\AxBx [24.12.2006|17:07] C:\Program Files\Azureus [01.01.2007|14:12] C:\Program Files\Azureus1 [27.02.2008|21:03] C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor [18.12.2004|17:59] C:\Program Files\CyberLink [26.04.2008|10:57] C:\Program Files\EasyPHP 2.0b1 [26.04.2008|10:52] C:\Program Files\EasyPHP1-8 [12.07.2008|18:21] C:\Program Files\eMule [12.07.2008|18:21] C:\Program Files\eMule2 [12.07.2008|18:40] C:\Program Files\ffdshow [02.03.2008|22:13] C:\Program Files\Fichiers communs [28.01.2007|09:54] C:\Program Files\Google [27.06.2006|11:52] C:\Program Files\Hewlett-Packard [27.06.2006|11:53] C:\Program Files\HP [20.07.2008|16:36] C:\Program Files\InstallShield Installation Information [18.06.2008|21:14] C:\Program Files\Internet Explorer [08.08.2007|17:04] C:\Program Files\Java [12.07.2008|12:02] C:\Program Files\LimeWire [22.12.2007|18:12] C:\Program Files\Logitech [18.12.2004|17:43] C:\Program Files\Marvell [24.09.2005|17:07] C:\Program Files\Messenger [29.10.2007|18:03] C:\Program Files\MessengerPlus! 3 [18.12.2004|16:47] C:\Program Files\microsoft frontpage [21.04.2008|19:03] C:\Program Files\Microsoft Office [21.09.2005|19:47] C:\Program Files\Movie Maker [21.04.2008|19:02] C:\Program Files\MSECache [18.12.2004|16:44] C:\Program Files\MSN [11.04.2005|14:15] C:\Program Files\MSN Apps [08.08.2007|17:06] C:\Program Files\MSN Games [18.12.2004|16:44] C:\Program Files\MSN Gaming Zone [12.07.2008|18:06] C:\Program Files\MSN Messenger [24.04.2007|13:14] C:\Program Files\MSN Spy 2004 [25.12.2005|16:42] C:\Program Files\Musicmatch [20.05.2006|18:29] C:\Program Files\Nero [13.01.2007|14:50] C:\Program Files\nero express [21.09.2005|19:42] C:\Program Files\NetMeeting [28.02.2008|20:49] C:\Program Files\Neuf [12.06.2007|23:40] C:\Program Files\Outlook Express [22.12.2007|18:21] C:\Program Files\Philips [13.01.2007|16:50] C:\Program Files\Philips Intelligent Agent [15.05.2006|20:56] C:\Program Files\Real Clone DVD [20.07.2008|16:36] C:\Program Files\SAGEM [10.11.2007|20:33] C:\Program Files\Samsung [23.04.2008|14:20] C:\Program Files\Script Edit [20.07.2008|15:41] C:\Program Files\Securitoo [18.12.2004|16:46] C:\Program Files\Services en ligne [27.01.2006|16:26] C:\Program Files\Skype [12.09.2007|20:54] C:\Program Files\Spybot - Search & Destroy [08.04.2008|10:26] C:\Program Files\Spyware Doctor [10.02.2006|19:29] C:\Program Files\Symantec [16.12.2005|19:37] C:\Program Files\Ubisoft [18.12.2004|17:07] C:\Program Files\Uninstall Information [09.06.2007|13:50] C:\Program Files\VideoLAN [22.07.2008|11:04] C:\Program Files\Wanadoo [04.03.2008|19:38] C:\Program Files\Winamp [11.08.2007|15:27] C:\Program Files\Windows Live [21.07.2008|20:08] C:\Program Files\Windows Media Connect 2 [21.07.2008|20:08] C:\Program Files\Windows Media Player [21.09.2005|19:42] C:\Program Files\Windows NT [15.08.2005|12:00] C:\Program Files\WindowsUpdate [10.01.2008|21:42] C:\Program Files\WinRAR [18.12.2004|16:47] C:\Program Files\xerox [24.12.2006|16:41] C:\Program Files\Yahoo! --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [03.09.2007|18:24] C:\Program Files\Fichiers communs\Adobe [13.01.2007|14:53] C:\Program Files\Fichiers communs\Ahead [18.12.2004|18:07] C:\Program Files\Fichiers communs\Designer [20.05.2008|20:49] C:\Program Files\Fichiers communs\ErreurChasseur [27.08.2005|10:51] C:\Program Files\Fichiers communs\Hewlett-Packard [17.12.2007|20:55] C:\Program Files\Fichiers communs\HP [18.12.2004|17:43] C:\Program Files\Fichiers communs\InstallShield [23.04.2006|23:32] C:\Program Files\Fichiers communs\Java [13.01.2007|15:21] C:\Program Files\Fichiers communs\LightScribe [02.03.2008|22:35] C:\Program Files\Fichiers communs\Logitech [21.04.2008|19:03] C:\Program Files\Fichiers communs\Microsoft Shared [18.12.2004|16:45] C:\Program Files\Fichiers communs\MSSoap [18.12.2004|16:37] C:\Program Files\Fichiers communs\ODBC [25.12.2005|16:43] C:\Program Files\Fichiers communs\PhilipsMM [18.12.2004|16:45] C:\Program Files\Fichiers communs\Services [18.12.2004|16:37] C:\Program Files\Fichiers communs\SpeechEngines [10.02.2006|19:29] C:\Program Files\Fichiers communs\Symantec Shared [12.06.2007|23:40] C:\Program Files\Fichiers communs\System --------------------\\ Process ( 48 Processus ) iexplore.exe ~ [2844] --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\axis wait the bone C:\DOCUME~1\Isabelle\Cookies\isabelle@advertising[1].txt --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "the bone download 1"="C:\\Documents and Settings\\All Users\\Application Data\\axis wait the bone\\flaw live.exe" --------------------\\ Verification du fichier Hosts Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 72 [ 70 ## added by CiD ] /!\ 1 Not 127.0.0.1 !! --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-22 11:12:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 297 --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. => C:\DOCUME~1\ALLUSE~1\Bureau\Q-DANCE RADIO HARD STREAM 128K MP3\incomplete\(1)Asys - Acid Head Cracker [303 Inferno Mix].mp3 [F:279][D:16]-> C:\DOCUME~1\Isabelle\LOCALS~1\Temp [F:53][D:0]-> C:\DOCUME~1\Isabelle\Cookies [F:568][D:5]-> C:\DOCUME~1\Isabelle\LOCALS~1\TEMPOR~1\content.IE5 --------------------\\ Fin du rapport a 11:13:30.76 SmitFraudFix v2.331 Rapport fait à 12:45:47.45, 22.07.2008 Executé à partir de C:\Documents and Settings\Isabelle\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\Philips\SPC220NC\Monitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Isabelle\Bureau\SmitfraudFix\Policies.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Isabelle »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Isabelle\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Isabelle\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~2\\GOEC62~1.DLL" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{228C4964-C9F9-4581-819E-4C15EB34662F}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{D7E96D8B-180B-4825-B5CA-B4160C0C39E8}: DhcpNameServer=86.64.145.141 84.103.237.141 HKLM\SYSTEM\CS1\Services\Tcpip\..\{228C4964-C9F9-4581-819E-4C15EB34662F}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{D7E96D8B-180B-4825-B5CA-B4160C0C39E8}: DhcpNameServer=86.64.145.141 84.103.237.141 HKLM\SYSTEM\CS2\Services\Tcpip\..\{228C4964-C9F9-4581-819E-4C15EB34662F}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{D7E96D8B-180B-4825-B5CA-B4160C0C39E8}: DhcpNameServer=86.64.145.141 84.103.237.141 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
- le 22 juillet 2008
- 13 réponses
[RESOLU] rapport hijackthis

krikri58 a posté un sujet dans Analyses et éradication malwares

Bonjour. j"ai un problème avec un PC, il rame , se bloque, pourtant j'ai supprimé les virus et le problème persiste quand meme. J ai suivi la procèdure. Voici le rapport Hijack This MERCI D AVANCE- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:58:59, on 21.07.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\Philips\SPC220NC\Monitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Isabelle\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [the bone download 1] C:\Documents and Settings\All Users\Application Data\axis wait the bone\flaw live.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe O4 - HKLM\..\Run: [ugescw] "C:\PROGRA~1\ERREUR~1\ugescw.exe" -start O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [salestart] "C:\Program Files\Fichiers communs\ErreurChasseur\strpmon.exe" dm=http://erreurchasseur.com; ad=http://erreurchasseur.com O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sixth Dent] C:\DOCUME~1\Isabelle\APPLIC~1\THISBI~1\WebRemote.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TrayMin220.lnk = ? O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124099845656 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe -- End of file - 12486 bytes
- le 21 juillet 2008
- 13 réponses

Connexion

krikri58

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par krikri58

[Resolu]probleme pour lire les videos de youtube

[Resolu]probleme pour lire les videos de youtube

image ecran qui defile anormalement

[RESOLU] rapport hijackthis

[RESOLU] rapport hijackthis

[RESOLU] rapport hijackthis

[RESOLU] rapport hijackthis

[RESOLU] rapport hijackthis

[RESOLU] rapport hijackthis

[RESOLU] rapport hijackthis

Zebulon

Outils en ligne

Naviguer