Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

firefox lent...

kormick1

Par kormick1
dans Analyses et éradication malwares

 Partager

Messages recommandés

eclypse Extrem Member

eclypse

Posté(e)
Posté(e)

Salut,

 

Désolé du retard mais j'ai pas mal de boulot en ce moment bon je te file la démarche pour adaware/comet

 

 

1°) Démarrer => executer => regedit

2°) Rends toi sur cette clef : HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run

3°) Si tu trouves "DM_Server" tu l'effaces

4°) Rends toi sur cette clef : HKEY_LOCAL_MACHINE \ SOFTWARE \ Comet Systems

5°) Fais Démarrer => executer => cmd puis tapes le texte ci dessous

 

cd C:\Program Files\Comet\Bin\

regsvr32 /u csbho.dll

regsvr32 /u comutil.dll

regsvr32 /u csapputil.dll

regsvr32 /u csband.dll

regsvr32 /u csbrange.dll

regsvr32 /u cscore.dll

regsvr32 /u csctx.dll

regsvr32 /u cseng.dll

regsvr32 /u csietb.dll

regsvr32 /u csinst.dll

 

6°) Redemarre ton PC

7°) Tu peux effacer c:\Program Files\Comet Systems ou c:\Program Files\Comet

kormick1 Power Member

kormick1

Posté(e)
  • Auteur
Posté(e)

SALUT pas grave pour le retard, j'avais juste peur que mon post soit perdu dans les fin fonds du forum...

résultats:

 

je n'ai pas de DM_Server

je n'ai pas de Comet Systems dans SOFTWARE..?!

 

Je fais qd meme la 5ème démarche?

 

merci, à plus

 

SALUT pas grave pour le retard, j'avais juste peur que mon post soit perdu dans les fin fonds du forum...

résultats:

 

je n'ai pas de DM_Server

je n'ai pas de Comet Systems dans SOFTWARE..?!

 

Je fais qd meme la 5ème démarche?

 

merci, à plus

eclypse Extrem Member

eclypse

Posté(e)
Posté(e)

Salut

 

1°) Télécharge RegSeeker

2°) Une fois lancé met le en francais en cliquant sur languages en haut

3°) Choisis Nettoyer le registre

4°) Télécharge FxIstbar

5°) Une fois l'application lancée clique sur start un rapport sera sur ton bureau post le

 

Amicalement Eclypse

kormick1 Power Member

kormick1

Posté(e)
  • Auteur
Posté(e)

Symantec Adware.Istbar / Trojan.ISTsvc Removal Tool 1.1.0

 

 

C:\Documents and Settings\Jean-Marc\Mes documents\Mes images\Art: (not scanned)

C:\Documents and Settings\Lidia: (not scanned)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\bammt_kat@hotmail.com\DFSR\Staging\CS{DE9EC157-86F0-1984-DC22-FB02C15F3908}1\28-{DE9EC157-86F0-1984-DC22-FB02C15F3908}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v28-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\beaty_angel15@hotmail.com\DFSR\Staging\CS{01200121-C465-F6A8-BE64-9D296844A070}1\15-{01200121-C465-F6A8-BE64-9D296844A070}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v15-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\catou_1990@hotmail.com\DFSR\Staging\CS{C7E74DCD-B70F-4E10-E131-23B240CD19E5}1\22-{C7E74DCD-B70F-4E10-E131-23B240CD19E5}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v22-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}1\18-{1202E4D2-B5CB-C2E3-0E65-7921974AA026}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v18-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\20\19-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v20-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v19-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\24\21-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v24-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v21-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\dafne_alves@hotmail.com\DFSR\Staging\CS{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}1\14-{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v14-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\joannie_f14@hotmail.com\DFSR\Staging\CS{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}1\17-{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v17-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\jobinjessica@hotmail.com\DFSR\Staging\CS{625B471D-5D54-EDFB-5B9E-9062D14E1803}1\29-{625B471D-5D54-EDFB-5B9E-9062D14E1803}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v29-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\may_maciel@hotmail.com\DFSR\Staging\CS{E44E1772-B21E-48DA-4B2D-B458E10C167E}1\26-{E44E1772-B21E-48DA-4B2D-B458E10C167E}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v26-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\mersutydruk@hotmail.com\DFSR\Staging\CS{710E3CCE-28EB-393B-9B47-290447DA2847}1\27-{710E3CCE-28EB-393B-9B47-290447DA2847}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v27-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\meyer_quentin@hotmail.com\DFSR\Staging\CS{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}1\30-{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v30-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\nigik2@hotmail.com\DFSR\Staging\CS{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}1\31-{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v31-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\pizbita@msn.com\DFSR\Staging\CS{BBC8724A-0859-A127-DE47-197F2575EFF0}1\76-{BBC8724A-0859-A127-DE47-197F2575EFF0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v76-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\sex_sexygen@hotmail.com\DFSR\Staging\CS{4C7944C9-216C-B394-0565-4159251F22F6}1\25-{4C7944C9-216C-B394-0565-4159251F22F6}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v25-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\supervananas@yahoo.fr\DFSR\Staging\CS{91B705A3-59B2-88FE-EC36-27B506E85F40}1\11-{91B705A3-59B2-88FE-EC36-27B506E85F40}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v11-Downloaded.frx (WARNING: not scanned, path to long)

C:\System Volume Information: (not scanned)

D:\System Volume Information: (not scanned)

E:\System Volume Information: (not scanned)

Adware.Istbar has not been found on your computer.

kormick1 Power Member

kormick1

Posté(e)
  • Auteur
Posté(e)

;***********************************************************************************************************************************************************************************

ANALYSIS: 2007-08-27 21:05:24

PROTECTIONS: 2

MALWARE: 9

SUSPECTS: 0

;***********************************************************************************************************************************************************************************

PROTECTIONS

Description Version Active Updated

;===================================================================================================================================================================================

AVG Anti-Virus 7.1.375 7.1.375 Yes No

avast! antivirus 4.7.1029 [VPS 000769-0] 4.7.1029 No Yes

;===================================================================================================================================================================================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===================================================================================================================================================================================

00000431 adware/ist.istbar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{386A771C-E96A-421F-8BA7-32F1B706892F}

00035722 adware/comet Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1678F7E1-C422-11D0-AD7D-00400515CAAA}

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@doubleclick[1].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@atdmt[2].txt

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@mediaplex[1].txt

00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@xiti[2].txt

00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@weborama[1].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@advertising[2].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@bluestreak[2].txt

;===================================================================================================================================================================================

SUSPECTS

Location

;===================================================================================================================================================================================

;===================================================================================================================================================================================

eclypse Extrem Member

eclypse

Posté(e)
Posté(e)

Salut

 

Fais démarrer executer regedit

 

Rends toi

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\

 

Supprime : {386A771C-E96A-421F-8BA7-32F1B706892F}

Supprime : {1678F7E1-C422-11D0-AD7D-00400515CAAA}

 

Refais un scan puis poste le rapport + un hijackthis stp

 

Amicalement

 

Eclypse

kormick1 Power Member

kormick1

Posté(e)
  • Auteur
Posté(e)

21:50 28.08.2007Symantec Adware.Istbar / Trojan.ISTsvc Removal Tool 1.1.0

 

 

C:\Documents and Settings\Jean-Marc\Mes documents\Mes images\Art: (not scanned)

C:\Documents and Settings\Lidia: (not scanned)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\bammt_kat@hotmail.com\DFSR\Staging\CS{DE9EC157-86F0-1984-DC22-FB02C15F3908}1\28-{DE9EC157-86F0-1984-DC22-FB02C15F3908}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v28-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\beaty_angel15@hotmail.com\DFSR\Staging\CS{01200121-C465-F6A8-BE64-9D296844A070}1\15-{01200121-C465-F6A8-BE64-9D296844A070}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v15-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\catou_1990@hotmail.com\DFSR\Staging\CS{C7E74DCD-B70F-4E10-E131-23B240CD19E5}1\22-{C7E74DCD-B70F-4E10-E131-23B240CD19E5}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v22-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}1\18-{1202E4D2-B5CB-C2E3-0E65-7921974AA026}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v18-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\20\19-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v20-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v19-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\24\21-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v24-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v21-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\dafne_alves@hotmail.com\DFSR\Staging\CS{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}1\14-{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v14-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\joannie_f14@hotmail.com\DFSR\Staging\CS{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}1\17-{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v17-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\jobinjessica@hotmail.com\DFSR\Staging\CS{625B471D-5D54-EDFB-5B9E-9062D14E1803}1\29-{625B471D-5D54-EDFB-5B9E-9062D14E1803}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v29-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\may_maciel@hotmail.com\DFSR\Staging\CS{E44E1772-B21E-48DA-4B2D-B458E10C167E}1\26-{E44E1772-B21E-48DA-4B2D-B458E10C167E}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v26-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\mersutydruk@hotmail.com\DFSR\Staging\CS{710E3CCE-28EB-393B-9B47-290447DA2847}1\27-{710E3CCE-28EB-393B-9B47-290447DA2847}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v27-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\meyer_quentin@hotmail.com\DFSR\Staging\CS{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}1\30-{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v30-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\nigik2@hotmail.com\DFSR\Staging\CS{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}1\31-{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v31-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\pizbita@msn.com\DFSR\Staging\CS{BBC8724A-0859-A127-DE47-197F2575EFF0}1\76-{BBC8724A-0859-A127-DE47-197F2575EFF0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v76-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\sex_sexygen@hotmail.com\DFSR\Staging\CS{4C7944C9-216C-B394-0565-4159251F22F6}1\25-{4C7944C9-216C-B394-0565-4159251F22F6}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v25-Downloaded.frx (WARNING: not scanned, path to long)

C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\supervananas@yahoo.fr\DFSR\Staging\CS{91B705A3-59B2-88FE-EC36-27B506E85F40}1\11-{91B705A3-59B2-88FE-EC36-27B506E85F40}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v11-Downloaded.frx (WARNING: not scanned, path to long)

C:\System Volume Information: (not scanned)

D:\System Volume Information: (not scanned)

E:\System Volume Information: (not scanned)

Adware.Istbar has not been found on your computer.

 

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 21:52:32, on 28.08.2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\winmine.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\HijackThis\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/index_d.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163785631265

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)

O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (file missing)

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

eclypse Extrem Member

eclypse

Posté(e)
Posté(e)

Salut

 

 

Comment marche le pc ?

 

Efface ton hijackthis et telecharge cette version

 

Refais un scan avec celle ci

 

Amicalement

 

Eclypse

kormick1 Power Member

kormick1

Posté(e)
  • Auteur
Posté(e)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:31:49, on 29.08.2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\DOCUME~1\Yannick\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/index_d.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163785631265

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)

O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (file missing)

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

 

--

End of file - 8312 bytes

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...