Service IPSEC+SVKP n'ont pas pu demarrer

[regis56]

Bonjour Jedivador !

 

OK,

Je la ferai et je reviendrai

 

Pas de problème fais ca dès que tu peut.

 

A plus.

[Jedivador]

Voici les 3 rapports :

 

 

10/26/06 01:44:02 [info]: BlackLight Engine 1.0.47 initialized

10/26/06 01:44:02 [info]: OS: 5.1 build 2600 (Service Pack 2)

10/26/06 01:44:02 [Note]: 7019 4

10/26/06 01:44:02 [Note]: 7005 0

10/26/06 01:44:05 [Note]: 7006 0

10/26/06 01:44:05 [Note]: 7011 1664

10/26/06 01:44:05 [Note]: 7026 0

10/26/06 01:44:05 [Note]: 7026 0

10/26/06 01:44:19 [Note]: FSRAW library version 1.7.1020

10/26/06 01:51:20 [Note]: 2000 1012

10/26/06 01:53:27 [Note]: 7007 0

 

*****************************************************

---------------------------------------------------------

AVG Anti-Spyware - Rapport d'analyse

---------------------------------------------------------

 

+ Créé à: 00:54:08 26/10/2006

 

+ Résultat de l'analyse:

 

 

 

F:\DivX\DivX Pro Codec\Gain_Trickler.exe -> Adware.Gator : Ignoré.

C:\Documents and Settings\El Khattabi\Cookies\el khattabi@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el khattabi@adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][2].txt -> TrackingCookie.Adjuggler : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][1].txt -> TrackingCookie.Adocean : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][2].txt -> TrackingCookie.Bpath : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][2].txt -> TrackingCookie.Euroclick : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][1].txt -> TrackingCookie.Planetactive : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][1].txt -> TrackingCookie.Realcastmedia : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][2].txt -> TrackingCookie.Realcastmedia : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][1].txt -> TrackingCookie.Reliablestats : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el khattabi@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el khattabi@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el khattabi@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.

C:\Documents and Settings\El Khattabi\Cookies\el [email protected][2].txt -> TrackingCookie.Yieldmanager : Nettoyé.

 

 

Fin du rapport

 

**********************************************************

Logfile of HijackThis v1.99.1

Scan saved at 01:55:43, on 26/10/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

F:\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

C:\WINDOWS\system32\CTsvcCDA.exe

F:\Logitech\Easy Synchronization\servicestub.exe

F:\Logitech\Easy Synchronization\LogitechEasySync.exe

C:\PROGRA~1\PHILIP~1\VProperty.exe

F:\Logitech\SetPoint\LBTWiz.exe

F:\Logitech\Easy Synchronization\LogitechEasySync.exe

F:\Logitech\MediaLife\MediaLifeService.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Canon\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe

F:\Zone Labs\ZoneAlarm\zlclient.exe

F:\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

F:\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

F:\Raxco\PerfectDisk\PDSched.exe

C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe

L:\TLCHAR~1\Magic\Magic.exe

C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE

F:\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\WINDOWS\System32\svchost.exe

L:\Téléchargement\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] F:\Creative\SBLive\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent

O4 - HKLM\..\Run: [Easy Synchronization] F:\Logitech\Easy Synchronization\LogitechEasySync.exe

O4 - HKLM\..\Run: [MediaLifeService] "F:\Logitech\MediaLife\MediaLifeService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\Canon\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [Zone Labs Client] "F:\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "F:\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\RunOnce: [Easy Synchronization] F:\Logitech\Easy Synchronization\LogitechEasySync.exe --ports

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [LDM] F:\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Free.magic

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,19/mcgdmgr.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: GhostStartService - Symantec Corporation - F:\Symantec\Norton Ghost 2003\GhostStartService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE

O23 - Service: Logitech Easy Synchronization - Unknown owner - F:\Logitech\Easy Synchronization\servicestub.exe

O23 - Service: PDEngine - Raxco Software, Inc. - F:\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - F:\Raxco\PerfectDisk\PDSched.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

O23 - Service: SoftGuard Service (SG_Service) - Unknown owner - C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

Merci d'avance

[Jedivador]

J'ai oublié d'ajouter ceci :

pendant le scan de blacklight, le PC a planté et j'ai eu droit a 1 ecran bleu avec le message :IRQL NOT EQUAL OR LESS...

Une fois le PC redemarre, le journal des evenements signalait une erreur systeme concernant WIA (Windows Images Acquisition)

 

Voilà

 

A+

[regis56]

Bonsoir Jedivador !

 

Tiens étonnant ce problème avec blacklight jamais vu auparavant ?

 

AVG a détecté un fichier on va le supprimer !

 

Ensuite fais ceci STP

Télécharge SpySweeper - Télécharge SpySweeper - Aide SpySweeper

- Clic sur sur le lien "Free Trial" pour le télécharger tout à droite

- Installe le et démare le

- Il va te demander de télécharger la dernière définition, accepte

- Ensuite, clic sur le bouton Options à gauche

- Clic sur l'onglet Options

- Assure toi que les options suivantes sont cochées :

o Windows Registery

o Memory Object

o Cookies

o System Restore Folder

o Plus bas :

o Sweep all users accounts

o Sweep for rootkis

 

-- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci

 

Clique sur démarrer/executer/

Copie/colle

Rentre le chemin indiqué en rouge F:\DivX\DivX Pro Codec\

Le dossier va s'ouvrir

Supprime le fichier indiqué en gras si présent:

Gain_Trickler.exe(clique droit /supprimer)

 

- Démarre SpySweeper

- Clic sur "Sweep Now" à gauche

- Clic sur le bouton "Start"

- Quand le scan est terminé, clic sur le bouton "Next"

- Assure toi que tout est coché et clic sur le bouton "Next"

- Lorsque tous les éléments trouvés ont été supprimés

- Clic sur "Session Log" en haut à droite, copie tous les élements du log.

- Ferme les fenêtres et colle tout le log ici ainsi qu'un log HijackThis

 

A plus.

[Jedivador]

voila :

 

00:35: Removal process completed. Elapsed time 00:00:27

00:35: Quarantining All Traces: xren_cj cookie

00:35: Quarantining All Traces: xiti cookie

00:35: Quarantining All Traces: seeq cookie

00:35: Quarantining All Traces: happyhippo cookie

00:35: Quarantining All Traces: sexsearch cookie

00:35: Quarantining All Traces: sympaticoca cookie

00:35: Quarantining All Traces: rn11 cookie

00:35: Quarantining All Traces: pub cookie

00:35: Quarantining All Traces: mircx cookie

00:35: Quarantining All Traces: ugo cookie

00:35: Quarantining All Traces: webtrends cookie

00:35: Quarantining All Traces: fe.lea.lycos.com cookie

00:35: Quarantining All Traces: touchclarity cookie

00:35: Quarantining All Traces: belnk cookie

00:35: Quarantining All Traces: dealtime cookie

00:35: Quarantining All Traces: columbiahouse cookie

00:35: Quarantining All Traces: bluestreak cookie

00:35: Quarantining All Traces: a cookie

00:35: Quarantining All Traces: hbmediapro cookie

00:35: Quarantining All Traces: websponsors cookie

00:35: Quarantining All Traces: trojan-backdoor-flyyu

00:35: Quarantining All Traces: koowo lyrics software

00:35: Removal process initiated

00:33: Traces Found: 42

00:33: Custom Sweep has completed. Elapsed time 00:48:26

00:33: File Sweep Complete, Elapsed Time: 00:47:08

00:23: Warning: Failed to access drive M:

00:22: Warning: Failed to access drive K:

00:22: Warning: Failed to access drive J:

00:22: Warning: Failed to access drive I:

00:22: Warning: Failed to access drive H:

00:06: Warning: Failed to access drive E:

00:06: Warning: Failed to access drive D:

23:46: Starting File Sweep

23:46: Warning: Failed to access drive A:

23:46: Cookie Sweep Complete, Elapsed Time: 00:00:00

23:46: el khattabi@xren_cj[1].txt (ID = 3723)

23:46: Found Spy Cookie: xren_cj cookie

23:46: el khattabi@xiti[1].txt (ID = 3717)

23:46: Found Spy Cookie: xiti cookie

23:46: el [email protected][1].txt (ID = 3332)

23:46: el [email protected][1].txt (ID = 3332)

23:46: Found Spy Cookie: seeq cookie

23:46: el [email protected][1].txt (ID = 2761)

23:46: Found Spy Cookie: happyhippo cookie

23:46: el [email protected][1].txt (ID = 3484)

23:46: el [email protected][1].txt (ID = 3358)

23:46: Found Spy Cookie: sexsearch cookie

23:46: el khattabi@sympatico[1].txt (ID = 3483)

23:46: Found Spy Cookie: sympaticoca cookie

23:46: el [email protected][2].txt (ID = 2506)

23:46: el khattabi@rn11[2].txt (ID = 3261)

23:46: Found Spy Cookie: rn11 cookie

23:46: el [email protected][1].txt (ID = 3566)

23:46: el khattabi@pub[2].txt (ID = 3205)

23:46: el khattabi@pub[1].txt (ID = 3205)

23:46: Found Spy Cookie: pub cookie

23:46: el [email protected][2].txt (ID = 2998)

23:46: Found Spy Cookie: mircx cookie

23:46: el [email protected][2].txt (ID = 3609)

23:46: Found Spy Cookie: ugo cookie

23:46: el [email protected][2].txt (ID = 3669)

23:46: Found Spy Cookie: webtrends cookie

23:46: el [email protected][3].txt (ID = 2660)

23:46: el [email protected][1].txt (ID = 2660)

23:46: Found Spy Cookie: fe.lea.lycos.com cookie

23:46: el [email protected][1].txt (ID = 3566)

23:46: Found Spy Cookie: touchclarity cookie

23:46: el [email protected][2].txt (ID = 2293)

23:46: Found Spy Cookie: belnk cookie

23:46: el khattabi@dealtime[1].txt (ID = 2505)

23:46: Found Spy Cookie: dealtime cookie

23:46: el khattabi@columbiahouse[1].txt (ID = 2443)

23:46: Found Spy Cookie: columbiahouse cookie

23:46: el khattabi@bluestreak[1].txt (ID = 2314)

23:46: Found Spy Cookie: bluestreak cookie

23:46: el khattabi@a[1].txt (ID = 2027)

23:46: Found Spy Cookie: a cookie

23:46: el [email protected][2].txt (ID = 2768)

23:46: Found Spy Cookie: hbmediapro cookie

23:46: el [email protected][1].txt (ID = 3665)

23:46: Found Spy Cookie: websponsors cookie

23:46: Starting Cookie Sweep

23:46: Registry Sweep Complete, Elapsed Time:00:00:17

23:45: HKU\S-1-5-21-1974565712-3207847200-2110211254-1006\software\microsoft\mediaplayer\player\extensions\.rm\ (ID = 1766382)

23:45: Found Trojan Horse: trojan-backdoor-flyyu

23:45: HKLM\software\classes\clsid\{e21be468-5c18-43eb-b0cc-db93a847d769}\ (ID = 1637841)

23:45: HKLM\software\classes\clsid\{941a4793-a705-4312-8dfc-c11ca05f397e}\ (ID = 1637826)

23:45: HKLM\software\classes\clsid\{765035b3-5944-4a94-806b-20ee3415f26f}\ (ID = 1637816)

23:45: HKLM\software\classes\clsid\{238d0f23-5dc9-45a6-9be2-666160c324dd}\ (ID = 1637806)

23:45: HKLM\software\classes\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{e21be468-5c18-43eb-b0cc-db93a847d769}\ (ID = 1637802)

23:45: HKLM\software\classes\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{941a4793-a705-4312-8dfc-c11ca05f397e}\ (ID = 1637790)

23:45: HKLM\software\classes\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{765035b3-5944-4a94-806b-20ee3415f26f}\ (ID = 1637782)

23:45: HKLM\software\classes\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{238d0f23-5dc9-45a6-9be2-666160c324dd}\ (ID = 1637774)

23:45: HKCR\clsid\{e21be468-5c18-43eb-b0cc-db93a847d769}\ (ID = 1637719)

23:45: HKCR\clsid\{941a4793-a705-4312-8dfc-c11ca05f397e}\ (ID = 1637704)

23:45: HKCR\clsid\{765035b3-5944-4a94-806b-20ee3415f26f}\ (ID = 1637694)

23:45: HKCR\clsid\{238d0f23-5dc9-45a6-9be2-666160c324dd}\ (ID = 1637684)

23:45: HKCR\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{e21be468-5c18-43eb-b0cc-db93a847d769}\ (ID = 1637680)

23:45: HKCR\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{941a4793-a705-4312-8dfc-c11ca05f397e}\ (ID = 1637668)

23:45: HKCR\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{238d0f23-5dc9-45a6-9be2-666160c324dd}\ (ID = 1637652)

23:45: Found Adware: koowo lyrics software

23:45: Starting Registry Sweep

23:45: Memory Sweep Complete, Elapsed Time: 00:00:50

23:44: Starting Memory Sweep

23:44: Warning: Files are not scanned for viruses because AV engine failed to load.

23:44: Sweep initiated using definitions version 789

23:44: Spy Sweeper 5.2.3.2120 started

23:44: | Start of Session, jeudi 26 octobre 2006 |

********

23:44: | End of Session, jeudi 26 octobre 2006 |

23:44: Program Version 5.2.3.2120 Using Spyware Definitions 789

23:44: Warning: Virus definitions files are invalid, please update your virus definitions. 220

23:30: Your spyware definitions have been updated.

Keylogger: Off

BHO Shield: On

IE Security Shield: On

Alternate Data Stream (ADS) Execution Shield: On

Startup Shield: On

Common Ad Sites: Off

Hosts File Shield: On

Internet Communication Shield: On

ActiveX Shield: On

Windows Messenger Service Shield: On

IE Favorites Shield: On

Spy Installation Shield: On

Memory Shield: On

IE Hijack Shield: On

IE Tracking Cookies Shield: Off

23:22: Shield States

23:22: Spyware Definitions: 783

23:22: Warning: Virus definitions files are invalid, please update your virus definitions. 220

23:22: Spy Sweeper 5.2.3.2120 started

23:22: Spy Sweeper 5.2.3.2120 started

23:22: | Start of Session, jeudi 26 octobre 2006 |

********

 

Logfile of HijackThis v1.99.1

Scan saved at 00:41:46, on 27/10/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

F:\Webroot\Spy Sweeper\SpySweeper.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

L:\Téléchargement\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll

O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe" /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /SYNC

O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE" /IMEName

O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [Jet Detection] F:\Creative\SBLive\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [CTStartup] "C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent

O4 - HKLM\..\Run: [Easy Synchronization] "F:\Logitech\Easy Synchronization\LogitechEasySync.exe"

O4 - HKLM\..\Run: [MediaLifeService] "F:\Logitech\MediaLife\MediaLifeService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\Canon\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

O4 - HKLM\..\Run: [Zone Labs Client] "F:\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunOnce: [Easy Synchronization] "F:\Logitech\Easy Synchronization\LogitechEasySync.exe" --ports

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [LDM] "F:\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Free.magic

O4 - Global Startup: Logitech Desktop Messenger.lnk = F:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logitech SetPoint.lnk = F:\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,19/mcgdmgr.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: GhostStartService - Symantec Corporation - F:\Symantec\Norton Ghost 2003\GhostStartService.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTSERV.EXE

O23 - Service: Logitech Easy Synchronization - Unknown owner - F:\Logitech\Easy Synchronization\servicestub.exe

O23 - Service: PDEngine - Raxco Software, Inc. - F:\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - F:\Raxco\PerfectDisk\PDSched.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe

O23 - Service: SoftGuard Service (SG_Service) - Unknown owner - C:\Program Files\Fichiers communs\RbtProt\sgsrv.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - F:\Webroot\Spy Sweeper\SpySweeper.exe

 

 

 

A+ et merci

[Jedivador]

La question que je me pose c'est pourquoi Avast ne detecte rien !!

alors que Spy Sweeper en detecte plein ?

je pense que je vais passer à Antivir (gratuit aussi, mais english)

 

Qu'en pensez vous ?

 

 

Merci

[Jedivador]

Actuellement j'ai ZA free + Avast + SpyBot + Adware

Peux tu me conseiller une meilleure combinaison.

 

Merci A+

[regis56]

Bonjour Jedivador !

 

La solution que tu as déjà est bonne je te dirai quoi faire de plus à la fin

 

Fais ceci STP

Un scan en ligne ici et colle le rapport ici

http://www.kaspersky.com/virusscanner

tuto d'aide ici

http://www.malekal.com/scan_Av_en_ligne.html

 

A plus.

 

Je part en vacances quelques jours si quelqu'un passe par là il peu prendre la suite.

Merci.

 

Régis.