Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

rapport hijack this

à la dérive

Par à la dérive
dans Analyses et éradication malwares

 Partager

Messages recommandés

à la dérive Junior Member

à la dérive

Posté(e)
Posté(e)

Bonjour, depuis 3 jours, j'ai un virus dans mon ordinateur dont je n'arrive pas à me faire quitte.

 

Il apparait uniquement avec panda en ligne et ad-aware: "spywareno" - misc - HKEY_USERS:s-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\ext\stats\{72267f6a-a6f9-11d0-bc94-00c04fb67863}\

 

Il réapparait à chaque redémarrage et je ne sais plus quoi faire. Je vous joins le compte rendu de hijackthis.

 

que dois-je faire?

 

Un tout grand merci d'avance

 

Logfile of HijackThis v1.99.1

Scan saved at 17:28:02, on 10/02/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\EXPLORER.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TMPROXY.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\hijackthis\HijackThis.exe

C:\WINDOWS\system32\wuauclt.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - <default> - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O18 - Protocol: bw+0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Lien vers le commentaire
Partager sur d’autres sites

Jack_Burton Godlike Member

Jack_Burton

Posté(e)
Posté(e)

Bonjour et bienvenu sur le forum sécurité de zebulon,

 

Peux tu refaire un scan en ligne chez panda puis me poster le résultat exact du rapport, merci.

 

Ensuite tu vas faire ceci :

 

Relance un scan HijackThis, clique sur "Do a system scan only" et coche les lignes ci-dessous (si présentes) :

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

 

R3 - URLSearchHook: (no name) - <default> - (no file)

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

 

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientIn...2/OCI/setup.exe

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

 

O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab

 

O18 - Protocol: bw+0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {799C9620-57A6-4B93-A3DC-379A644F5D9C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

Ferme toutes les fenêtres sauf HijackThis et "Fix Checked".

 

Quel est ton fournisseur d acces a Internet? Es tu en Slovaquie?

Ton serveur DNS renvoie a cette adresse :

inetnum: 195.168.0.0 - 195.168.255.255

org: ORG-TIS6-RIPE

netname: SK-NEXTRA-960927

descr: PROVIDER

descr: Telenor Internet, Slovakia

Lien vers le commentaire
Partager sur d’autres sites
à la dérive Junior Member

à la dérive

Posté(e)
  • Auteur
Posté(e)

Voilà déjà les résultats de panda,

 

Incident Statut Analyse

 

Spyware:application/bestoffer No Désinfecté C:\WINDOWS\smdat32m.sys

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@bluestreak[1].txt

Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@metriweb[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@xiti[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.xiti.com/]

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.mediaplex.com/]

Spyware:Cookie/24/7 Realmedia No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.247realmedia.com/]

Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.bluestreak.com/]

Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.adtech.de/]

Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.tradedoubler.com/]

Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[.com.com/]

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Virginie\Application Data\Mozilla\Firefox\Profiles\s27x3ebj.default\cookies.txt[]

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@bluestreak[1].txt

Spyware:Cookie/MetriWeb No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@metriweb[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Virginie\Cookies\virginie@xiti[1].txt

Hacktool:Hacktool/VTestTool No Désinfecté C:\Program Files\AxBx\PC Security Test 2006\files\virus1.txt

 

Je fais les modifications avec hijackthis desuite ...

Lien vers le commentaire
Partager sur d’autres sites
Jack_Burton Godlike Member

Jack_Burton

Posté(e)
Posté(e)

Sur ce rapport je ne vois pas l infection dont tu parlais sur ton 1er post :

Il apparait uniquement avec panda en ligne et ad-aware: "spywareno" - misc - HKEY_USERS:s-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\ext\stats\{72267f6a-a6f9-11d0-bc94-00c04fb67863}\

 

1/ Télécharge et installe EasyCleaner de Toni Helenius: http://personal.inet.fi/business/toniarts/ecleane.htm

 

2/ Redémarre en mode sans échec.

(au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuyer sur la touche [F8] ou [F5] jusqu'à l'affichage du menu des options avancées de Windows. Sélectionner "Mode sans échec" et appuyer sur [Entrée].)

 

3/ Vérifie d'avoir accès à tous les fichiers

Démarrer, Poste de travail ou autre dossier, Menu Outils, Option des dossiers, onglet Affichage :

Activer la case : Afficher les fichiers et dossiers cachés

Désactiver la case : Masquer les extensions des fichiers dont le type est connu

Désactiver la case : Masquer les fichiers protégés du système d'exploitation

Puis Appliquer

 

4/ Supprime le(s) fichier(s) et dossier(s) incriminé(s) [s'il(s) existe(nt) encore] par l'Explorateur Windows :

 

-C:\WINDOWS\smdat32m.sys

 

5/ Execute EasyCleaner: Utilise les fonctions "Inutiles" et "Registre" seulement. Ne touche pas à la fonction "doublons".

 

6/ Redémarre l'ordinateur en mode normal

 

Qu en est il de ton alerte initiale mentionnait sur ton 1er post?

Lien vers le commentaire
Partager sur d’autres sites
à la dérive Junior Member

à la dérive

Posté(e)
  • Auteur
Posté(e)

Voilà les résultats de hijackthis

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:41:38, on 10/02/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\EXPLORER.EXE

C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TMPROXY.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\TMPFW.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

 

Excuse-moi, je n'ai pas été assez dans le détail: panda trouve une "intrusion" et c'est ad-aware qui trouve le misc.

 

Je vais faire un easycleaner.

Je dois malheureusement y aller, mais je reviens dès ce soir, avec des nouvelles fraîches du scan de easycleaner.

 

A tout à l'heure j'espère ou à bientôt

 

Bonne soirée.

 

Un tout grand merci encore,

Lien vers le commentaire
Partager sur d’autres sites
à la dérive Junior Member

à la dérive

Posté(e)
  • Auteur
Posté(e)

Bonjour, ami Jack Burton,

 

J'ai fait tourner easycleaner et voilàle rapport que me donne ad-awre.

Le misc en Regkey qui est tojours là et j'ai 3 nouveaux trucs qui sont arrivés en keydata. J'ai collé le rapport...

 

Au secours, je ne sais plus quo faire... Je pense que le formatage me guette

 

 

Ad-Aware SE Build 1.06r1

Logfile Created on:samedi 11 février 2006 13:17:23

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R91 08.02.2006

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

MRU List(TAC index:0):10 total references

SpywareNo(TAC index:7):4 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Search for low-risk threats

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan within archives

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

11-02-2006 13:17:23 - Scan started. (Full System Scan)

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\Virginie\recent

Description : list of recently opened documents

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : software\microsoft\directdraw\mostrecentapplication

Description : most recent application to use microsoft directdraw

 

 

MRU List Object Recognized!

Location: : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

 

 

MRU List Object Recognized!

Location: : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\explorer\recentdocs

Description : list of recent documents opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\explorer\runmru

Description : mru list for items opened in start | run

 

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32\

ProcessID : 604

ThreadCreationTime : 11-02-2006 12:10:10

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32\

ProcessID : 668

ThreadCreationTime : 11-02-2006 12:10:12

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\system32\

ProcessID : 692

ThreadCreationTime : 11-02-2006 12:10:13

BasePriority : High

 

 

#:4 [services.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 736

ThreadCreationTime : 11-02-2006 12:10:13

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Système d'exploitation Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Applications Services et Contrôleur

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. Tous droits réservés.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 748

ThreadCreationTime : 11-02-2006 12:10:13

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [ati2evxx.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 940

ThreadCreationTime : 11-02-2006 12:10:14

BasePriority : Normal

FileVersion : 6.14.10.4110

ProductVersion : 6.14.10.4110.03

ProductName : ATI External Event Utility for WindowsNT and Windows9X

CompanyName : ATI Technologies Inc.

FileDescription : ATI External Event Utility EXE Module

InternalName : ATI2EVXX.EXE

LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.

OriginalFilename : ATI2EVXX.EXE

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 956

ThreadCreationTime : 11-02-2006 12:10:14

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1032

ThreadCreationTime : 11-02-2006 12:10:14

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : C:\WINDOWS\SYSTEM32\

ProcessID : 1128

ThreadCreationTime : 11-02-2006 12:10:14

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : C:\WINDOWS\SYSTEM32\

ProcessID : 1316

ThreadCreationTime : 11-02-2006 12:10:14

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [svchost.exe]

FilePath : C:\WINDOWS\SYSTEM32\

ProcessID : 1356

ThreadCreationTime : 11-02-2006 12:10:14

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:12 [spoolsv.exe]

FilePath : C:\WINDOWS\SYSTEM32\

ProcessID : 1580

ThreadCreationTime : 11-02-2006 12:10:15

BasePriority : Normal

FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)

ProductVersion : 5.1.2600.2696

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:13 [ati2evxx.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1920

ThreadCreationTime : 11-02-2006 12:10:17

BasePriority : Normal

FileVersion : 6.14.10.4110

ProductVersion : 6.14.10.4110.03

ProductName : ATI External Event Utility for WindowsNT and Windows9X

CompanyName : ATI Technologies Inc.

FileDescription : ATI External Event Utility EXE Module

InternalName : ATI2EVXX.EXE

LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.

OriginalFilename : ATI2EVXX.EXE

 

#:14 [explorer.exe]

FilePath : C:\WINDOWS\

ProcessID : 2000

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Système d'exploitation Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Explorateur Windows

InternalName : explorer

LegalCopyright : © Microsoft Corporation. Tous droits réservés.

OriginalFilename : EXPLORER.EXE

 

#:15 [smax4pnp.exe]

FilePath : C:\Program Files\Analog Devices\SoundMAX\

ProcessID : 188

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 5, 0, 1, 57

ProductVersion : 5, 0, 1, 57

ProductName : SMax4PNP Application

CompanyName : Analog Devices, Inc.

FileDescription : SMax4PNP MFC Application

InternalName : SMax4PNP

LegalCopyright : Copyright © 2002-2004 Analog Devices

OriginalFilename : SMax4PNP.EXE

 

#:16 [smax4.exe]

FilePath : C:\Program Files\Analog Devices\SoundMAX\

ProcessID : 196

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 5, 0, 0, 18

ProductVersion : 5, 0, 0, 18

ProductName : SoundMAX Control Panel

CompanyName : Analog Devices, Inc.

FileDescription : SoundMAX Control Center

InternalName : SMax4

LegalCopyright : Copyright © 2002-2004, Analog Devices

OriginalFilename : SMax4.EXE

 

#:17 [ituneshelper.exe]

FilePath : C:\Program Files\iTunes\

ProcessID : 240

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 6.0.2.23

ProductVersion : 6.0.2.23

ProductName : iTunes

CompanyName : Apple Computer, Inc.

FileDescription : iTunesHelper Module

InternalName : iTunesHelper

LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.

OriginalFilename : iTunesHelper.exe

 

#:18 [hpztsb07.exe]

FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\

ProcessID : 248

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 2,140,0,0

ProductVersion : 2,140,0,0

ProductName : HP DeskJet

CompanyName : HP

LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

 

#:19 [atiptaxx.exe]

FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\

ProcessID : 256

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 6.14.10.5134

ProductVersion : 6.14.10.5134

ProductName : ATI Desktop Component

CompanyName : ATI Technologies, Inc.

FileDescription : ATI Desktop Control Panel

InternalName : Atiptaxx.exe

LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc.

OriginalFilename : Atiptaxx.exe

 

#:20 [pccguide.exe]

FilePath : C:\Program Files\Trend Micro\Internet Security 14\

ProcessID : 264

ThreadCreationTime : 11-02-2006 12:10:18

BasePriority : Normal

FileVersion : 14.00.0.1487

ProductVersion : 14.00.0

ProductName : Trend Micro Internet Security

CompanyName : Trend Micro Incorporated.

FileDescription : PCCGuide

InternalName : PCCGuide

LegalCopyright : Copyright © 1995-2005 Trend Micro Incorporated. All rights reserved.

LegalTrademarks : Copyright © Trend Micro Incorporated.

OriginalFilename : PCCGuide

 

#:21 [pcctlcom.exe]

FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\

ProcessID : 876

ThreadCreationTime : 11-02-2006 12:10:24

BasePriority : Normal

FileVersion : 14.00.0.1487

ProductVersion : 14.00.0

ProductName : Trend Micro Internet Security

CompanyName : Trend Micro Incorporated.

FileDescription : PcCtlCom Module

InternalName : PcCtlCom

LegalCopyright : Copyright © 1995-2005 Trend Micro Incorporated. All rights reserved.

LegalTrademarks : Copyright © Trend Micro Incorporated.

OriginalFilename : PcCtlCom.EXE

 

#:22 [smagent.exe]

FilePath : C:\Program Files\Analog Devices\SoundMAX\

ProcessID : 1192

ThreadCreationTime : 11-02-2006 12:10:24

BasePriority : Normal

FileVersion : 3, 2, 6, 0

ProductVersion : 3, 2, 6, 0

ProductName : SoundMAX service agent

CompanyName : Analog Devices, Inc.

FileDescription : SoundMAX service agent component

InternalName : SMAgent

LegalCopyright : Copyright © 2002

OriginalFilename : SMAgent.exe

 

#:23 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1272

ThreadCreationTime : 11-02-2006 12:10:24

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:24 [tmntsrv.exe]

FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\

ProcessID : 1368

ThreadCreationTime : 11-02-2006 12:10:32

BasePriority : Normal

FileVersion : 14.00.0.1487

ProductVersion : 14.00.0

ProductName : Trend Micro Internet Security

CompanyName : Trend Micro Incorporated.

FileDescription : Tmntsrv

InternalName : Tmntsrv

LegalCopyright : Copyright © 1995-2005 Trend Micro Incorporated. All rights reserved.

LegalTrademarks : Copyright © Trend Micro Incorporated.

OriginalFilename : Tmntsrv.exe

 

#:25 [tmproxy.exe]

FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\

ProcessID : 1424

ThreadCreationTime : 11-02-2006 12:10:32

BasePriority : Normal

FileVersion : 2.0.0.1078

ProductVersion : 2.0.0

ProductName : Trend Micro Network Security Components 2.0

CompanyName : Trend Micro Inc.

FileDescription : TmProxy.exe

InternalName : TmProxy.exe

LegalCopyright : Copyright © 2001-2005 Trend Micro Inc. All rights reserved.

LegalTrademarks : Copyright © Trend Micro Inc.

OriginalFilename : TmProxy.exe

 

#:26 [wdfmgr.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1712

ThreadCreationTime : 11-02-2006 12:10:32

BasePriority : Normal

FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)

ProductVersion : 5.2.3790.1230

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows User Mode Driver Manager

InternalName : WdfMgr

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : WdfMgr.exe

 

#:27 [tmpfw.exe]

FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\

ProcessID : 1836

ThreadCreationTime : 11-02-2006 12:10:32

BasePriority : Normal

FileVersion : 2.5.0.1078

ProductVersion : 2.0.0

ProductName : Trend Micro Network Security Components 2.0

CompanyName : Trend Micro Inc.

FileDescription : TmPfw

InternalName : TmPfw

LegalCopyright : Copyright © 2001-2005 Trend Micro Inc. All rights reserved.

LegalTrademarks : Copyright © Trend Micro Inc.

OriginalFilename : TmPfw.exe

 

#:28 [ipodservice.exe]

FilePath : C:\Program Files\iPod\bin\

ProcessID : 1176

ThreadCreationTime : 11-02-2006 12:10:36

BasePriority : Normal

FileVersion : 6.0.2.23

ProductVersion : 6.0.2.23

ProductName : iTunes

CompanyName : Apple Computer, Inc.

FileDescription : iPodService Module

InternalName : iPodService

LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.

OriginalFilename : iPodService.exe

 

#:29 [alg.exe]

FilePath : C:\WINDOWS\System32\

ProcessID : 2064

ThreadCreationTime : 11-02-2006 12:10:36

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:30 [ad-aware.exe]

FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\

ProcessID : 3300

ThreadCreationTime : 11-02-2006 12:10:58

BasePriority : Normal

FileVersion : 6.2.0.236

ProductVersion : SE 106

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft AB Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

#:31 [firefox.exe]

FilePath : C:\PROGRAM FILES\MOZILLA FIREFOX\

ProcessID : 2696

ThreadCreationTime : 11-02-2006 12:11:50

BasePriority : Normal

 

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 10

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

SpywareNo Object Recognized!

Type : Regkey

Data :

TAC Rating : 7

Category : Misc

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-725345543-1409082233-839522115-1004\software\microsoft\windows\currentversion\ext\stats\{72267f6a-a6f9-11d0-bc94-00c04fb67863}

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 1

Objects found so far: 11

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 11

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 11

 

 

Disk Scan Result for C:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 11

 

 

Deep scanning and examining files (F:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for F:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 11

 

 

Deep scanning and examining files (G:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for G:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 11

 

 

Deep scanning and examining files (H:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for H:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 11

 

 

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 11

 

 

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

SpywareNo Object Recognized!

Type : RegData

Data : 2

TAC Rating : 7

Category : Misc

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\desktop\general

Value : WallpaperStyle

Data : 2

 

SpywareNo Object Recognized!

Type : RegData

Data : 2

TAC Rating : 7

Category : Misc

Comment :

Rootkey : HKEY_CURRENT_USER

Object : control panel\desktop

Value : WallpaperStyle

Data : 2

 

SpywareNo Object Recognized!

Type : RegData

Data : 2

TAC Rating : 7

Category : Misc

Comment :

Rootkey : HKEY_CURRENT_USER

Object : software\microsoft\internet explorer\desktop\general

Value : ComponentsPositioned

Data : 2

 

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 3

Objects found so far: 14

 

13:23:44 Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:06:21.141

Objects scanned:155001

Objects identified:4

Objects ignored:0

New critical objects:4

 

 

 

Voici mon nouveau rapport hijjack

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 13:50:53, on 11/02/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\EXPLORER.EXE

C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

C:\PROGRA~1\TRENDM~1\INTERN~1\TMPROXY.EXE

C:\PROGRA~1\TRENDM~1\INTERN~1\TMPFW.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE

C:\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{3C4E316E-5F06-4006-B576-865789C8456A}: NameServer = 195.168.0.1

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe

O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...