Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

message eksplorasi.pf au demarage

diara

Par diara
dans Analyses et éradication malwares

 Partager

Messages recommandés

Invité Laurent_62

Invité Laurent_62

Posté(e)
Posté(e)

Bonjour diara,

 

Essaies comme ceci

Démarrer executer et tape

control folders

valide

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

AntiVir :

 

 

AntiVir PersonalEdition Classic

Report file date: mardi 11 juillet 2006 11:33

 

Scanning for 452510 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serial number: 0000149996-WURGE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Username: Malick sy

Computer name: MALICKSY

 

Version informations:

AVSCAN.EXE : 7.0.0.42 557096 11/07/2006 10:49:38

AVSCAN.DLL : 7.0.0.42 53288 11/07/2006 10:49:38

LUKE.DLL : 7.0.0.42 118824 11/07/2006 10:49:39

LUKERES.DLL : 7.0.0.42 25640 11/07/2006 10:49:39

ANTIVIR0.VDF : 6.35.0.1 7371264 11/07/2006 10:49:37

ANTIVIR1.VDF : 6.35.0.168 730112 11/07/2006 10:49:37

ANTIVIR2.VDF : 6.35.0.181 78336 11/07/2006 10:49:37

ANTIVIR3.VDF : 6.35.0.186 12800 11/07/2006 10:49:37

AVEWIN32.DLL : 7.1.0.21 1552896 11/07/2006 10:49:37

AVPREF.DLL : 7.0.0.1 49192 11/07/2006 10:49:37

AVREP.DLL : 6.35.0.154 708648 11/07/2006 10:49:37

AVRPBASE.DLL : 7.0.0.0 2162728 11/07/2006 10:49:37

AVPACK32.DLL : 7.1.0.1 335912 11/07/2006 10:49:37

AVREG.DLL : 6.31.0.90 27688 11/07/2006 10:49:37

NETNT.DLL : 6.32.0.0 6696 11/07/2006 10:49:39

NETNW.DLL : 6.32.0.0 9768 11/07/2006 10:49:39

RCIMAGE.DLL : 7.0.0.71 1642536 11/07/2006 10:49:41

RCTEXT.DLL : 7.0.0.75 77864 11/07/2006 10:49:41

 

Configuration settings for the scan:

Jobname: '%s'.................: Manual Selection

Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp

Boot sectors..................: C,D,F

Scan memory...................: 1

Process scan..................: 1

Scan all files................: 1

Scan archives.................: 1

Recursion depth...............: 20

Smart extensions..............: 1

Macro heuristic...............: 1

File heuristic................: -1

Primary action................: 1

Secondary action..............: 0

 

Start of the scan: mardi 11 juillet 2006 11:33

 

 

The scan over running processes will be started

13 Processes was scanned

 

Start scanning boot sectors:

 

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'D:\'

[NOTE] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( 34 files ).

 

 

Starting the file scan:

 

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\ntuser.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

The path F:\ could not be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: mardi 11 juillet 2006 12:35

Used time: 1:01:47 min

 

The scan has been done completely.

 

5025 Scanning directories

192431 Files were scanned

0 viruses and/or unwanted programs was found

0 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

6489 Archives were scanned

20 Warnings

1 Notes

 

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.

 

 

::Report end

 

 

Activescan:

 

Incident Statut Analyse

 

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\egaccess4_1063.dll

Dialer:dialer.b No Désinfecté hkey_current_user\software\egdhtml

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt

Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@xiti[1].txt

Dialer:Dialer.HGR No Désinfecté C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\0BCXMLQT\egaccess4_1063_XP[1].cab[egaccess4_1063.dll]

Hacktool:Hacktool/RegPatch.A No Désinfecté C:\Program Files\FileMaker\FileMaker Pro 7\Crack\filemakerprov7.0v1apatchfff.zip[Regpatch.exe]

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\EGACCESS.dll

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\HotTVPlayer.dll

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

AntiVir :

 

 

AntiVir PersonalEdition Classic

Report file date: mardi 11 juillet 2006 11:33

 

Scanning for 452510 virus strains and unwanted programs.

 

Licensed to: AntiVir PersonalEdition Classic

Serial number: 0000149996-WURGE-0001

Platform: Windows XP

Windows version: (Service Pack 2) [5.1.2600]

Username: Malick sy

Computer name: MALICKSY

 

Version informations:

AVSCAN.EXE : 7.0.0.42 557096 11/07/2006 10:49:38

AVSCAN.DLL : 7.0.0.42 53288 11/07/2006 10:49:38

LUKE.DLL : 7.0.0.42 118824 11/07/2006 10:49:39

LUKERES.DLL : 7.0.0.42 25640 11/07/2006 10:49:39

ANTIVIR0.VDF : 6.35.0.1 7371264 11/07/2006 10:49:37

ANTIVIR1.VDF : 6.35.0.168 730112 11/07/2006 10:49:37

ANTIVIR2.VDF : 6.35.0.181 78336 11/07/2006 10:49:37

ANTIVIR3.VDF : 6.35.0.186 12800 11/07/2006 10:49:37

AVEWIN32.DLL : 7.1.0.21 1552896 11/07/2006 10:49:37

AVPREF.DLL : 7.0.0.1 49192 11/07/2006 10:49:37

AVREP.DLL : 6.35.0.154 708648 11/07/2006 10:49:37

AVRPBASE.DLL : 7.0.0.0 2162728 11/07/2006 10:49:37

AVPACK32.DLL : 7.1.0.1 335912 11/07/2006 10:49:37

AVREG.DLL : 6.31.0.90 27688 11/07/2006 10:49:37

NETNT.DLL : 6.32.0.0 6696 11/07/2006 10:49:39

NETNW.DLL : 6.32.0.0 9768 11/07/2006 10:49:39

RCIMAGE.DLL : 7.0.0.71 1642536 11/07/2006 10:49:41

RCTEXT.DLL : 7.0.0.75 77864 11/07/2006 10:49:41

 

Configuration settings for the scan:

Jobname: '%s'.................: Manual Selection

Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp

Boot sectors..................: C,D,F

Scan memory...................: 1

Process scan..................: 1

Scan all files................: 1

Scan archives.................: 1

Recursion depth...............: 20

Smart extensions..............: 1

Macro heuristic...............: 1

File heuristic................: -1

Primary action................: 1

Secondary action..............: 0

 

Start of the scan: mardi 11 juillet 2006 11:33

 

 

The scan over running processes will be started

13 Processes was scanned

 

Start scanning boot sectors:

 

Boot sector 'C:\'

[NOTE] No virus was found!

Boot sector 'D:\'

[NOTE] No virus was found!

 

Starting to scan the registry.

The registry was scanned ( 34 files ).

 

 

Starting the file scan:

 

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\ntuser.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\Malick sy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\NTUSER.DAT

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\ntuser.dat.LOG

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

[WARNING] The file could not be opened!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\default.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SAM.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\SECURITY.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\software.LOG

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system

[WARNING] The file could not be opened!

C:\WINDOWS\system32\config\system.LOG

[WARNING] The file could not be opened!

The path F:\ could not be found!

Le périphérique n'est pas prêt.

 

 

 

End of the scan: mardi 11 juillet 2006 12:35

Used time: 1:01:47 min

 

The scan has been done completely.

 

5025 Scanning directories

192431 Files were scanned

0 viruses and/or unwanted programs was found

0 files were deleted

0 files were repaired

0 files were moved to quarantine

0 files were renamed

6489 Archives were scanned

20 Warnings

1 Notes

 

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.

 

 

::Report end

 

 

Activescan:

 

Incident Statut Analyse

 

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\egaccess4_1063.dll

Dialer:dialer.b No Désinfecté hkey_current_user\software\egdhtml

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt

Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@xiti[1].txt

Dialer:Dialer.HGR No Désinfecté C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\0BCXMLQT\egaccess4_1063_XP[1].cab[egaccess4_1063.dll]

Hacktool:Hacktool/RegPatch.A No Désinfecté C:\Program Files\FileMaker\FileMaker Pro 7\Crack\filemakerprov7.0v1apatchfff.zip[Regpatch.exe]

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\EGACCESS.dll

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\HotTVPlayer.dll

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.

 

 

::Report end

 

 

Activescan:

 

Incident Statut Analyse

 

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\egaccess4_1063.dll

Dialer:dialer.b No Désinfecté hkey_current_user\software\egdhtml

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt

Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@xiti[1].txt

Dialer:Dialer.HGR No Désinfecté C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\0BCXMLQT\egaccess4_1063_XP[1].cab[egaccess4_1063.dll]

Hacktool:Hacktool/RegPatch.A No Désinfecté C:\Program Files\FileMaker\FileMaker Pro 7\Crack\filemakerprov7.0v1apatchfff.zip[Regpatch.exe]

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\EGACCESS.dll

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\HotTVPlayer.dll

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.

 

 

::Report end

 

 

Activescan:

 

Incident Statut Analyse

 

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\egaccess4_1063.dll

Dialer:dialer.b No Désinfecté hkey_current_user\software\egdhtml

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt

Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@xiti[1].txt

Dialer:Dialer.HGR No Désinfecté C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\0BCXMLQT\egaccess4_1063_XP[1].cab[egaccess4_1063.dll]

Hacktool:Hacktool/RegPatch.A No Désinfecté C:\Program Files\FileMaker\FileMaker Pro 7\Crack\filemakerprov7.0v1apatchfff.zip[Regpatch.exe]

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\EGACCESS.dll

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\HotTVPlayer.dll

 

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.

 

 

::Report end

 

 

Activescan:

 

Incident Statut Analyse

 

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\egaccess4_1063.dll

Dialer:dialer.b No Désinfecté hkey_current_user\software\egdhtml

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt

Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@xiti[1].txt

Dialer:Dialer.HGR No Désinfecté C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\0BCXMLQT\egaccess4_1063_XP[1].cab[egaccess4_1063.dll]

Hacktool:Hacktool/RegPatch.A No Désinfecté C:\Program Files\FileMaker\FileMaker Pro 7\Crack\filemakerprov7.0v1apatchfff.zip[Regpatch.exe]

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\EGACCESS.dll

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\HotTVPlayer.dll

 

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

Bonjour, pour le control folders c'était bloquer par l'administrateur donc je me suis connecté en admin pour cela. J'ai fait comme tu as expliquer et voici tous les rapports demandés.

 

Hijack :

Logfile of HijackThis v1.99.1

Scan saved at 16:04:58, on 10/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

ewido:

 

ewido anti-spyware - Scan Report

---------------------------------------------------------

 

+ Created at: 14:49:24 10/07/2006

 

+ Scan result:

 

 

 

C:\Program Files\MGI\MGI PhotoSuite II\System\Randomize.dll -> Backdoor.Ralpha : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\Q3YJK9YN\egaccess4_1063_XP[1].cab/egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\EGACCESS.dll -> Dialer.EgroupDial.x : No action taken.

C:\WINDOWS\system32\egaccess4_1063.dll -> Dialer.EgroupDial.x : No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : No action taken.

HKU\S-1-5-21-3202095355-1377152729-1595993436-1006\Software\egdhtml -> Dialer.Generic : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\SFKHSNE7\SystemDoctor2006FreeInstall_fr[1].cab/USDR6V_0001_D08M1005NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@2o7[1].txt -> TrackingCookie.2o7 : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@advertising[1].txt -> TrackingCookie.Advertising : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@estat[1].txt -> TrackingCookie.Estat : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@overture[2].txt -> TrackingCookie.Overture : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Local Settings\Temp\Cookies\malick sy@weborama[1].txt -> TrackingCookie.Weborama : No action taken.

C:\Documents and Settings\Malick sy\Cookies\malick sy@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.

 

 

::Report end

 

 

Activescan:

 

Incident Statut Analyse

 

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\egaccess4_1063.dll

Dialer:dialer.b No Désinfecté hkey_current_user\software\egdhtml

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@doubleclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@mediaplex[1].txt

Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@stats1.reliablestats[1].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Malick sy\Cookies\malick sy@xiti[1].txt

Dialer:Dialer.HGR No Désinfecté C:\Documents and Settings\Malick sy\Local Settings\Temporary Internet Files\Content.IE5\0BCXMLQT\egaccess4_1063_XP[1].cab[egaccess4_1063.dll]

Hacktool:Hacktool/RegPatch.A No Désinfecté C:\Program Files\FileMaker\FileMaker Pro 7\Crack\filemakerprov7.0v1apatchfff.zip[Regpatch.exe]

Dialer:Dialer.HGR No Désinfecté C:\WINDOWS\system32\EGACCESS.dll

Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\HotTVPlayer.dll

Invité Laurent_62

Invité Laurent_62

Posté(e)
Posté(e)

oula il y a eu de l'echo..

 

Si un modérateur pouvais faire un peu de ménage je lui en serais tres reconnaissant.

Merci

 

En attendant j'analyse ces rapports.

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

oula il y a eu de l'echo..

 

Si un modérateur pouvais faire un peu de ménage je lui en serais tres reconnaissant.

Merci

 

En attendant j'analyse ces rapports.

 

 

hoho..... je suis vraiment désolé, à l'aide le modérateur si non toutes mes excuses :P

Invité Laurent_62

Invité Laurent_62

Posté(e)
Posté(e)

Aux vues de ces rapports nous allons donc procéder par étapes en traitant l'infection par Edgaccess visible puis suivra un nettoyage des dossiers et fichiers temporaires ou inutiles pour enfin terminer par quelques scans complémentaires notement pour controler qu'il n'y ai pas eu d'infection type "systemdoctor" ou "winfixer".

 

Au cas ou tu rencontre une publicité pour ces sois disant logiciel de sécurité en aucun cas tu ne dois les télécharger ou cliquer dessus.

 

Tu as deux antivirus actifs Antivir et Avast.

Désinstalle antivir comme indiqué dans la procédure de prénettoyage

 

Ton rapport ne fais pas état de par feu actif. confirme ce point afin de savoir si il faut y remédier ou éventuellement si tu untilises un parfeu matériel ou autre solution de ce type.

 

 

Télécharge

 

ATF-Cleaner (Attribune) : http://www.atribune.org/ccount/click.php?id=1

 

Brute Force Uninstaller (BFU) (de Merijn). http://www.merijn.org/files/bfu.zip

* Décompresse-le dans un dossier à la racine du disque systeme (c:\BFU)

 

EGDACCESS.bfu http://metallica.geekstogo.com/EGDACCESS.bfu (Metallica)

* Fais un click droit sur ce lien puis choisis enregistrer sous ou enregistrer la cible sous

* enregistre le dans le même dossier que BFU (c:\BFU)

 

 

 

- Redémarre ton PC en mode sans échec Impératif !!!

 

 

- Lance Brute Force Uninstaller en double-cliquant BFU.exe

 

Sous scriptline to execute fais un copier coller de c:\bfu\EGDACCESS.bfu

Clique sur execute

/!\ Si tu as enregistrer les fichiers dans un autre dossier il faudra mettre le bon chemin d'acces /!\

 

- Attendre que complete script execution apparaîsse et clique sur OK

Quitte BFU

 

 

Relances hijackthis (scanner seulement ou do a system scan only)

coche les cases devant ces lignes (si présentes)

 

O4 - HKLM\..\Run: [wsfnth] c:\windows\system32\wsfnth.exe wsfnth

O16 - DPF: {0878F049-D33E-45E0-A157-C36A6683CF25} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1063_XP.cab

 

clique sur fixer objet ou fix checked

 

Recherche et supprime ces fichiers (si encore présent)

 

c:\windows\system32\wsfnth.exe

C:\WINDOWS\system32\EGACCESS.dll

 

 

Lance ATF-Cleaner :

 

Coche ceci :

* Windows Temp

* Current User Temp

* All Users Temp

* Cookies

* Temporary Internet Files

* Prefetch

* Java Cache

* Recycle Bin

 

Clique sur Empty Selected et au message "Done Cleaning" sur Ok

 

 

Redémarre en mode normal

 

 

Télécharge F-Secure Blacklight :(F-Secure) https://europe.f-secure.com/blacklight/try.shtml

Un tuto: http://www.malekal.com/tutorial_f-secure_BlackLight.html

- Clic en bas sur I accept

- Dans la nouvelle fenêtre, clic sur le bouton en haut du tableau Download.

- Lance-le en double-cliquant sur le fichier blbeta.exe

- Accepte la licence, et clique enfin sur Scan puis sur next

- Poste le rapport qui a été créé sur ton bureau dans le fichier fsbl-bxxxx.log (les xxxx sont des chiffres).

 

/!\ NE PAS choisir l'option Rename: nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe /!\

 

- Télécharge smitfraudfix (S!Ri) http://siri.urz.free.fr/Fix/SmitfraudFix.zip

* Décompresse le sur ton bureau

* lance smitfraudfix.cmd et choisis l'option 1 et Entrée

/!\ ne touches surtout pas aux autres options pour le moment /!\

* Un rapport sera généré sauvegarde le

*Quitte smitfraudfix

 

/!\ process.exe est détecté par certains antivirus comme étant un virus ce qui bien evidement n'est pas le cas mais un utilitaire destiné à mettre fin à des processus. /!\

 

 

Post ensuite les rapports

 

Le rapport smitfraudfix

le rapport F-Secure Blacklight

Un nouveau log hijackthis

diara Member

diara

Posté(e)
  • Auteur
Posté(e)

Voici les rapports :

smitfraudfix

 

SmitFraudFix v2.70

 

Rapport fait à 14:35:11,53, 13/07/2006

Executé à partir de C:\Documents and Settings\Malick sy\Bureau\SmitfraudFix

OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT

Fix executé en mode normal

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Malick sy\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\MALICK~1\Favoris

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

"Source"="About:Home"

"SubscribedURL"="About:Home"

"FriendlyName"="Ma page d'accueil"

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin

 

F-Secure Blacklight

 

07/13/06 14:25:53 [info]: BlackLight Engine 1.0.42 initialized

07/13/06 14:25:53 [info]: OS: 5.1 build 2600 (Service Pack 2)

07/13/06 14:25:53 [Note]: 7019 4

07/13/06 14:25:53 [Note]: 7005 0

07/13/06 14:25:57 [Note]: 7006 0

07/13/06 14:25:57 [Note]: 7011 1664

07/13/06 14:25:58 [Note]: 7026 0

07/13/06 14:25:58 [Note]: 7026 0

07/13/06 14:26:11 [Note]: FSRAW library version 1.7.1019

07/13/06 14:32:52 [Note]: 7007 0

hijackthis

 

Logfile of HijackThis v1.99.1

Scan saved at 14:45:23, on 13/07/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\WINDOWS\system32\ICO.EXE

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Apoint\Apoint.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

C:\WINDOWS\System32\alg.exe

C:\Documents and Settings\Malick sy\Bureau\FOXMAIL FOLDER\Foxmail.exe

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enda.sn/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.vaio-link.com/vu.asp?l=fr&u=a&h=040C

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Systran40premi.IEPlugIn - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe

O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

 

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...