hijckthis rapport

[sgraham]

salut tous ,

 

je vs laisse les rapports de hijackthis et avas av

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 10:52:33, on 31/07/06

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MDM.EXE

c:\windows\SYSTEM\KB891711\KB891711.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE

C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\SCHEDM.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\TRIDTRAY.EXE

C:\MOUSE\SYSTEM\EM_EXEC.EXE

C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMKEYBD.EXE

C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE

C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE

C:\WINDOWS\SYSTEM\LVCOMS.EXE

C:\WINDOWS\SYSTEM\HNEOUBAKSC.EXE

C:\PROGRAM FILES\NETROPA\MULTIMEDIA KEYBOARD\MMUSBKB2.EXE

C:\INTEL\PSNCU INTEL\CPUNUMBER.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\TAPISRV.EXE

C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL

O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\PROGRAM FILES\RXTOOLBAR\SFCONT.DLL (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [TridTray] c:\windows\SYSTEM\tridtray.exe

O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.exe

O4 - HKLM\..\Run: [Multimedia Keyboard] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [Onscreen Display] C:\Program Files\Netropa\Onscreen Display\OSD.exe

O4 - HKLM\..\Run: [OEMCleanup] C:\WINDOWS\OPTIONS\OEMRESET.EXE

O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe

O4 - HKLM\..\Run: [1stImpression] C:\PROGRAM FILES\1STIMPRESSION-2.5.0\1ST.EXE /CHANGE

O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup

O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE

O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE

O4 - HKLM\..\Run: [autoclk] autoclk.exe

O4 - HKLM\..\Run: [adiras] adiras.exe

O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A

O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe

O4 - HKLM\..\Run: [barre d'état système] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [hneoubaksc] c:\windows\system\hneoubaksc.exe

O4 - HKLM\..\Run: [avgctrl] "C:\Program Files\AntiVir PersonalEdition Classic\avgctrl.exe" /min

O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE

O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE

O4 - HKLM\..\RunServices: [schedm] "C:\Program Files\AntiVir PersonalEdition Classic\schedm.exe"

O4 - HKCU\..\Run: [intelProcNumUtility] "C:\Intel\PSNCU Intel\CPUNumber.exe" /nosplash

O4 - HKCU\..\Run: [AWMON] "C:\MES DOCUMENTS\AD-MONITOR.EXE"

O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL

O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll

O12 - Plugin for .swf: C:\Program Files\Netscape\Communicator\Program\PLUGINS\NPSWF32.DLL

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (IPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...n9x/AvSniff.cab

O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\PROGRAM FILES\RXTOOLBAR\SFCONT.DLL

 

 

 

 

AntiVir PersonalEdition Classic

Report file date: lundi 31 juillet 2006 10:06

 

Scanning for 466817 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serial number: 0000149996-WURGE-0001

Platform: Windows 98

Windows version: ( A ) [4.10.2222]

Username: Stevens Thibault

Computer name: OEMCOMPUTER

 

Version informations:

AVSCAN.EXE : 7.0.0.42 376872 31/07/06 06:44:18

AVSCAN.DLL : 7.0.0.42 53288 31/07/06 06:44:18

LUKE.DLL : 7.0.0.42 110632 31/07/06 06:44:18

LUKERES.DLL : 7.0.0.42 25640 31/07/06 06:44:19

ANTIVIR0.VDF : 6.35.0.1 7371264 31/07/06 06:44:18

ANTIVIR1.VDF : 6.35.0.168 730112 31/07/06 06:44:18

ANTIVIR2.VDF : 6.35.1.15 295936 31/07/06 06:44:18

ANTIVIR3.VDF : 6.35.1.22 14336 31/07/06 06:44:18

AVEWIN32.DLL : 7.1.1.0 1556992 31/07/06 06:53:16

AVPREF.DLL : 7.0.0.1 33832 31/07/06 06:44:18

AVREP.DLL : 6.35.1.1 503848 31/07/06 06:44:18

AVRPBASE.DLL : 7.0.0.0 1544232 31/07/06 06:44:18

AVPACK32.DLL : 7.1.0.1 331816 31/07/06 06:44:18

AVREG.DLL : 6.31.0.90 25128 31/07/06 06:44:18

NETNW.DLL : 6.32.0.0 9768 31/07/06 06:44:19

RCIMAGE.DLL : 7.0.0.71 1642536 31/07/06 06:44:19

RCTEXT.DLL : 7.0.0.75 77864 31/07/06 06:44:19

 

Configuration settings for the scan:

Jobname: '%s'.................: Local Drives

Configuration file............: C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\alldrives.avp

Boot sectors..................: C,D,A

Scan memory...................: 1

Process scan..................: 1

Scan all files................: 1

Scan archives.................: 1

Recursion depth...............: 20

Smart extensions..............: 1

Macro heuristic...............: 1

File heuristic................: -1

Primary action................: 1

Secondary action..............: 0

 

Start of the scan: lundi 31 juillet 2006 10:06

 

 

The scan over running processes will be started

6 Processes was scanned

 

Start scanning boot sectors:

 

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'D:\'

[NOTE] No virus was found!

Boot sector 'A:\'

[NOTE] In the drive 'A:\' no data medium is inserted!

 

Starting to scan the registry.

The registry was scanned ( 29 files ).

 

 

Starting the file scan:

 

C:\WINDOWS\WIN386.SWP

[WARNING] The file could not be opened!

 

The path A:\ could not be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: lundi 31 juillet 2006 10:38

Used time: 31:50 min

 

The scan has been done completely.

 

2642 Scanning directories

198945 Files were scanned

0 viruses and/or unwanted programs was found

0 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

3154 Archives were scanned

1 Notes

 

 

 

 

merci

[regis56]

Bonsoir sgraham !

 

Il y a trés peu d'outils pour désinfecter windows 98 tu peux quand même essayer ces deux là !

 

http://telechargement.zebulon.fr/79-spybot...destroy-14.html

et

http://telechargement.zebulon.fr/36-ad-awa...dition-106.html

 

ensuite refais un scan hijackthis pour vérifier.

 

Bon courage.