Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Pouvez vous analyser mon Highjack


steillo
 Partager

Messages recommandés

Bonsoir<---édité par angelique

Mon pc est super lent

 

Logfile of HijackThis v1.99.1

Scan saved at 23:53:54, on 08/04/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\WINDOWS\htpatch.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\Softwin\BitDefender9\bdmcon.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\program files\softwin\bitdefender9\bdnagent.exe

C:\program files\softwin\bitdefender9\bdswitch.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Documents and Settings\doudou\Mes documents\logiciel\analyse du pc\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali -

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\WINDOWS\System32\msacmx.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunServices: [Microsoft Windows Update] svmhost.exe

O4 - HKLM\..\RunServices: [Registry Checkup System32c Monitor] Winregs32cd.exe

O4 - HKLM\..\RunServices: [Mashine Personal Firewall] Update-Box.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O15 - Trusted Zone: *.newiframe.biz

O15 - Trusted Zone: *.oranger.biz

O15 - Trusted Zone: *.sp2admin.biz

O15 - Trusted Zone: *.sp2fucked.biz

O15 - Trusted Zone: *.traff4sale.biz

O15 - Trusted IP range: 206.161.125.149

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)

O16 - DPF: {17E7DE1A-E636-46E2-B626-E928F7966A2F} (hWebPass Control) - http://www.internetpayant.com/kit/ctrl/hWebPass.ocx

O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_4fr.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136242007652

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx

O17 - HKLM\System\CCS\Services\Tcpip\..\{9CD8A346-08B3-4687-A319-5248B2BA6F70}: NameServer = 212.27.39.134

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Lien vers le commentaire
Partager sur d’autres sites

bonsoir steillo,

 

joliement infecté le pc!

 

télécharge ewido :

 

http://www.ewido.net/fr/

 

installes le, met le à jour et scan

(Important: pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu").

 

 

Télécharge SpySweeper (de Webroot)

(c'est une version d'essai de 14 jours)

 

http://www.webroot.com/consumer/products/s...ode=af1&rc=3597

 

· clique sur le lien Free Trial sous la rubrique "SpySweeper"

· installe le programme. Une fois installé, il va se lancer.

· L'option de le mettre à jour va s'afficher, clique sur Yes

· Une fois les mises à jour faites, clique Options sur la gauche

· Clique sur l'onglet Sweep Options

· Sous What to Sweep tu coches les options suivantes :

 

Sweep Memory

Sweep Registry

Sweep Cookies

Sweep All User Accounts

Enable Direct Disk Sweeping

Sweep Contents of Compressed Files

Sweep for Rootkits

Décoche Do not Sweep System Restore Folder

 

· clique sur Sweep Now sur la gauche

· clique sur Start

· quand le scan est terminé, clique sur Next

· assure toi que tous les items sont cochés, puis clique sur Next

· Tous les items cochés seront éliminés

· Si SpySweeper veut redémarrer pour terminer le nettoyage : ACCEPTE

· Clique Session Log en haut à droite, et copie tout ce qu'il y a dans la fenêtre

· Clique sur l'onglet Summary, puis clique sur Finish

· Colle enfin le contenu de "session log" ici

 

poste le rapport ewido, spysweeper et un nouveau hijackthis

 

a+

Lien vers le commentaire
Partager sur d’autres sites

voila j'ai tout fais

 

********

01:15: | Start of Session, dimanche 9 avril 2006 |

01:15: Spy Sweeper started

01:15: Sweep initiated using definitions version 652

01:15: Starting Memory Sweep

01:19: Memory Sweep Complete, Elapsed Time: 00:04:22

01:19: Starting Registry Sweep

01:19: Found Adware: cws_ns3

01:19: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\webdlg32.dll (ID = 123378)

01:19: Found Adware: falsealert

01:19: HKLM\software\microsoft\windows\currentversion\ms4hd\ (48 subtraces) (ID = 126394)

01:19: Found Adware: logih adware

01:19: HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload\ || systemcheck2 (ID = 129814)

01:19: Found Trojan Horse: sdbot

01:19: HKU\.default\software\microsoft\windows\currentversion\run\ || microsoft windows update (ID = 140586)

01:19: HKU\.default\software\microsoft\windows\currentversion\runonce\ || microsoft windows update (ID = 140592)

01:19: HKLM\software\microsoft\windows\currentversion\runservices\ || microsoft windows update (ID = 140645)

01:19: Found Adware: ist software

01:19: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/ysbactivex.dll\ (2 subtraces) (ID = 147854)

01:19: Found Adware: cnsmin

01:19: HKCR\clsid\{d449eb58-55af-4695-b216-895d546aed89}\ (11 subtraces) (ID = 393334)

01:19: HKCR\typelib\{b7db519e-7131-47b1-a9f5-da8d061c2611}\ (9 subtraces) (ID = 393356)

01:19: HKLM\software\classes\clsid\{d449eb58-55af-4695-b216-895d546aed89}\ (11 subtraces) (ID = 393465)

01:19: HKLM\software\classes\typelib\{b7db519e-7131-47b1-a9f5-da8d061c2611}\ (9 subtraces) (ID = 393487)

01:19: Found Adware: cws-aboutblank

01:19: HKU\WRSS_Profile_S-1-5-21-1715567821-746137067-854245398-500\software\microsoft\internet explorer\main\ || homeoldsp (ID = 115923)

01:19: Found Adware: fastwebfinder hijacker

01:19: HKU\WRSS_Profile_S-1-5-21-1715567821-746137067-854245398-500\software\microsoft\internet explorer\main\ || search bar (ID = 117193)

01:19: HKU\WRSS_Profile_S-1-5-21-1715567821-746137067-854245398-500\software\microsoft\internet explorer\main\ || search page (ID = 117194)

01:19: HKU\WRSS_Profile_S-1-5-21-1715567821-746137067-854245398-500\software\microsoft\internet explorer\ || searchurl (ID = 117199)

01:19: Found Adware: cydoor

01:19: HKU\WRSS_Profile_S-1-5-21-1715567821-746137067-854245398-500\software\cydoor\ (1317 subtraces) (ID = 639126)

01:19: HKU\S-1-5-21-1715567821-746137067-854245398-1006\software\microsoft\internet explorer\toolbar\shellbrowser\ || {0e1230f8-ea50-42a9-983c-d22abc2eed3b} (ID = 121295)

01:19: Found Adware: dapsol dialer

01:19: HKU\S-1-5-21-1715567821-746137067-854245398-1006\software\microsoft\internet explorer\main\ || conc (ID = 124673)

01:19: HKU\S-1-5-18\software\microsoft\windows\currentversion\run\ || microsoft windows update (ID = 140604)

01:19: HKU\S-1-5-18\software\microsoft\windows\currentversion\runonce\ || microsoft windows update (ID = 140628)

01:19: Registry Sweep Complete, Elapsed Time:00:00:20

01:19: Starting Cookie Sweep

01:19: Cookie Sweep Complete, Elapsed Time: 00:00:00

01:20: Starting File Sweep

01:20: Found Adware: whenu savenow

01:20: c:\program files\vvsn (ID = -2147480376)

01:22: Found Adware: altnet

01:22: peer points manager.lnk (ID = 49852)

01:28: Found Adware: webhancer

01:28: whagent.inf (ID = 83821)

01:36: Found Adware: tibs dialer

01:36: dktibs.exe (ID = 79262)

01:36: Found Adware: ez-finder toolbar

01:36: webdlg32.inf (ID = 60327)

01:38: Warning: Unhandled Archive Type

01:40: File Sweep Complete, Elapsed Time: 00:20:31

01:40: Full Sweep has completed. Elapsed time 00:25:22

01:40: Traces Found: 1432

01:46: Removal process initiated

01:46: Quarantining All Traces: cws_ns3

01:46: Quarantining All Traces: cws-aboutblank

01:46: Quarantining All Traces: sdbot

01:46: Quarantining All Traces: cnsmin

01:46: Quarantining All Traces: ez-finder toolbar

01:46: Quarantining All Traces: tibs dialer

01:46: Quarantining All Traces: altnet

01:46: Quarantining All Traces: cydoor

01:46: Quarantining All Traces: dapsol dialer

01:46: Quarantining All Traces: falsealert

01:46: Quarantining All Traces: fastwebfinder hijacker

01:46: Quarantining All Traces: ist software

01:46: Quarantining All Traces: logih adware

01:46: Quarantining All Traces: webhancer

01:46: Quarantining All Traces: whenu savenow

01:47: Removal process completed. Elapsed time 00:00:36

********

01:12: | Start of Session, dimanche 9 avril 2006 |

01:12: Spy Sweeper started

01:13: Your spyware definitions have been updated.

01:15: | End of Session, dimanche 9 avril 2006 |

 

 

---------------------------------------------------------

ewido anti-malware - Rapport de scan

---------------------------------------------------------

 

+ Créé le: 01:09:20, 09/04/2006

+ Somme de contrôle: 43FF4845

 

+ Résultats du scan:

 

:mozilla.28:C:\Documents and Settings\doudou\Application Data\Mozilla\Firefox\Profiles\f8ub5nap.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder

:mozilla.36:C:\Documents and Settings\doudou\Application Data\Mozilla\Firefox\Profiles\f8ub5nap.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder

:mozilla.6:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder

:mozilla.7:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder

:mozilla.17:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder

:mozilla.18:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder

:mozilla.19:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder

:mozilla.23:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder

:mozilla.26:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder

:mozilla.29:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder

:mozilla.32:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder

:mozilla.33:C:\Documents and Settings\doudou\Application Data\Thunderbird\Profiles\dg4aoszo.default\cookies.txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder

C:\Program Files\RealVNC\VNC4\vncconfig.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4 : Nettoyer et sauvegarder

C:\Program Files\RealVNC\VNC4\vncviewer.exe -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4 : Nettoyer et sauvegarder

C:\WINDOWS\LastGood\webhdll.dll -> Adware.WebHancer : Nettoyer et sauvegarder

C:\WINDOWS\LastGood\whInstaller.exe -> Adware.WebHancer : Nettoyer et sauvegarder

 

 

::Fin du rapport

 

Logfile of HijackThis v1.99.1

Scan saved at 01:50:10, on 09/04/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\WINDOWS\htpatch.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

C:\program files\softwin\bitdefender9\bdnagent.exe

C:\program files\softwin\bitdefender9\bdswitch.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

c:\program files\softwin\bitdefender9\bdmcon.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\doudou\Mes documents\logiciel\analyse du pc\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali -

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\WINDOWS\System32\msacmx.dll (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"

O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"

O4 - HKLM\..\Run: [bDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray

O4 - HKLM\..\RunServices: [Registry Checkup System32c Monitor] Winregs32cd.exe

O4 - HKLM\..\RunServices: [Mashine Personal Firewall] Update-Box.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O15 - Trusted Zone: *.newiframe.biz

O15 - Trusted Zone: *.oranger.biz

O15 - Trusted Zone: *.sp2admin.biz

O15 - Trusted Zone: *.sp2fucked.biz

O15 - Trusted Zone: *.traff4sale.biz

O15 - Trusted IP range: 206.161.125.149

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone

O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)

O16 - DPF: {17E7DE1A-E636-46E2-B626-E928F7966A2F} (hWebPass Control) - http://www.internetpayant.com/kit/ctrl/hWebPass.ocx

O16 - DPF: {5CE7A7AF-8C5E-48CF-AE30-8FC6F01C27E3} (Yahoo! Photos - Outil de publication Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_4fr.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136242007652

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.bellapix.com/XUpload.ocx

O17 - HKLM\System\CCS\Services\Tcpip\..\{9CD8A346-08B3-4687-A319-5248B2BA6F70}: NameServer = 212.27.39.134

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Lien vers le commentaire
Partager sur d’autres sites

Bonjour,

 

Réponse et analyse de ce rapport sur cette discussion :

http://forum.zebulon.fr/index.php?showtopic=92214

 

Si la modération passe, peut elle regrouper les 2 discussions? Merci

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

 Partager

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...