Se connecter / S'enregistrer
Votre question

infection divers ramage total

Tags :
  • Trend micro
  • Sécurité
Dernière réponse : dans Sécurité et virus
3 Décembre 2007 15:15:21

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:10:20, on 03/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\TEMP\win69E4.tmp.exe
C:\WINDOWS\etMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\mgrs.exe
C:\WINDOWS\TEMP\win7240.tmp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.34.253:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {08274350-6355-400D-A6AB-6886546B44BF} - (no file)
O2 - BHO: (no name) - {2265ABA8-972A-43F6-A5CB-6F5929CA114B} - C:\WINDOWS\system32\vtsqq.dll
O2 - BHO: (no name) - {4C843307-E5C8-46D0-B1F5-4E8965BB1F7B} - (no file)
O2 - BHO: (no name) - {60335418-717F-462C-AB4E-ED4BB8C3121B} - C:\DOCUME~1\prof\LOCALS~1\Temp\awtqn.dll
O2 - BHO: (no name) - {6BDC7929-5BE8-410A-8DBB-EC491808AC93} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8917FAA3-E9B3-4F28-983D-4E8E08C07C14} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {ADED436B-AEE8-48F1-8C62-5642707FAA53} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {C2D34762-EEE3-4E28-891E-39169DEF4878} - C:\WINDOWS\system32\fwuhybta.dll
O2 - BHO: (no name) - {D1B9DE0F-4C62-496C-81EC-B03862BFB84b} - C:\WINDOWS\system32\fwuhybta.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [{88BE20BD-09DF-1036-1013-0510021}] "C:\Program Files\Fichiers communs\{88BE20BD-09DF-1036-1013-0510021}\Update.exe" mc-110-12-0000272
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win69E4.tmp.exe
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvjec.dll,startup
O4 - HKLM\..\Run: [tehgnghe] rundll32.exe "C:\Program Files\tehgnghe\dwjunars.dll",Init
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
O17 - HKLM\Software\..\Telephony: DomainName = 220023f.ac-rennes.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
O20 - Winlogon Notify: instcat - instcat.dll (file missing)
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll
O20 - Winlogon Notify: winulg32 - C:\WINDOWS\SYSTEM32\winulg32.dll
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\hyceswys.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe

--
End of file - 8460 bytes

Autres pages sur : infection divers ramage total

a b 8 Sécurité
3 Décembre 2007 18:16:46

Un bonjour ? Une explication ?
4 Décembre 2007 09:16:32

bonjour

j'ai un ordinateur qui rame complètement
j'ai effectué un scan en ligne chez trend micro mais cela ne fonctionne pas chez kaspersky non plus

je voudrais bien un peu d'aide s'il vous plait si possible

merci d'avance

je poste un hijack this nouvelle mouture

a plus

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:12:52, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\TEMP\win7240.tmp.exe
C:\WINDOWS\etMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\mgrs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.34.253:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {08274350-6355-400D-A6AB-6886546B44BF} - (no file)
O2 - BHO: {ac760d9d-0230-03da-39d4-cbc88a1b47d0} - {0d74b1a8-8cbc-4d93-ad30-0320d9d067ca} - C:\WINDOWS\system32\oprxdosb.dll
O2 - BHO: (no name) - {2265ABA8-972A-43F6-A5CB-6F5929CA114B} - C:\WINDOWS\system32\vtsqq.dll (file missing)
O2 - BHO: (no name) - {2C6A052E-5AC0-486F-ACB9-F4CD30A8A22D} - C:\DOCUME~1\prof\LOCALS~1\Temp\awtqn.dll
O2 - BHO: (no name) - {4C843307-E5C8-46D0-B1F5-4E8965BB1F7B} - (no file)
O2 - BHO: (no name) - {6BDC7929-5BE8-410A-8DBB-EC491808AC93} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8917FAA3-E9B3-4F28-983D-4E8E08C07C14} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {ADED436B-AEE8-48F1-8C62-5642707FAA53} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {C2D34762-EEE3-4E28-891E-39169DEF4878} - C:\WINDOWS\system32\fwuhybta.dll
O2 - BHO: (no name) - {D1B9DE0F-4C62-496C-81EC-B03862BFB84b} - C:\WINDOWS\system32\fwuhybta.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [{88BE20BD-09DF-1036-1013-0510021}] "C:\Program Files\Fichiers communs\{88BE20BD-09DF-1036-1013-0510021}\Update.exe" mc-110-12-0000272
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win7240.tmp.exe
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvjec.dll,startup
O4 - HKLM\..\Run: [tehgnghe] rundll32.exe "C:\Program Files\tehgnghe\dwjunars.dll",Init
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
O17 - HKLM\Software\..\Telephony: DomainName = 220023f.ac-rennes.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0037FAD.dat
O20 - Winlogon Notify: instcat - instcat.dll (file missing)
O20 - Winlogon Notify: rpcc - C:\WINDOWS\system32\rpcc.dll (file missing)
O20 - Winlogon Notify: winulg32 - C:\WINDOWS\SYSTEM32\winulg32.dll
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\hyceswys.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe

--
End of file - 8657 bytes


bonne journée

Contenus similaires
4 Décembre 2007 11:33:34

re bonjour up merci ;-)
a b 8 Sécurité
4 Décembre 2007 12:02:12

Re,

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    7 Décembre 2007 10:05:07

    bonjour voici mon rapport
    merci angel dark

    ComboFix 07-12-07.3 - adme013 2007-12-07 9:42:37.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.648 [GMT 1:00]
    Running from: C:\Documents and Settings\adme013\Bureau\ComboFix.exe
    * Created a new restore point
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\check_LSA7.txt
    C:\Program Files\ipwindows
    C:\Program Files\tehgnghe
    C:\Program Files\tehgnghe\dwjunars.dll
    C:\Program Files\vsadd-in
    C:\Program Files\ymante~1
    C:\Program Files\ymante~1\?ymantec\
    C:\Program Files\ymante~1\dvdplay.exe
    C:\Program Files\ystem3~1
    C:\temp\tn3
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\fnts~1
    C:\WINDOWS\mgrs.exe
    C:\WINDOWS\system32\__c003F9EF.dat
    C:\WINDOWS\system32\__c007414.dat
    C:\WINDOWS\system32\dboyggio.dll
    C:\WINDOWS\system32\disjdwut.dll
    C:\WINDOWS\system32\drivers\core.cache.dsk
    C:\WINDOWS\system32\drivers\core.sys
    C:\WINDOWS\system32\fwuhybta.dll
    C:\WINDOWS\system32\glwpbpau.dll
    C:\WINDOWS\system32\hkpudhje.dll
    C:\WINDOWS\system32\jvytvaar.dll
    C:\WINDOWS\system32\ktmhorft.dll
    C:\WINDOWS\system32\lqhwcfly.dll
    C:\WINDOWS\system32\mdncmaap.dll
    C:\WINDOWS\system32\oprxdosb.dll
    C:\WINDOWS\system32\qakbdykw.dll
    C:\WINDOWS\system32\qqstv.bak1
    C:\WINDOWS\system32\qqstv.bak2
    C:\WINDOWS\system32\qqstv.ini
    C:\WINDOWS\system32\raavtyvj.ini
    C:\WINDOWS\system32\rhxekryr.dll
    C:\WINDOWS\system32\ryrkexhr.ini
    C:\WINDOWS\system32\tuwdjsid.ini
    C:\WINDOWS\system32\uapbpwlg.ini
    C:\WINDOWS\system32\unsvchosts.lzma
    C:\WINDOWS\system32\ursrsro.dll
    C:\WINDOWS\system32\winulg32.dll
    C:\WINDOWS\wr.txt

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_CORE
    -------\LEGACY_DOMAINSERVICE
    -------\LEGACY_NPF
    -------\core
    -------\DomainService


    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))))))))
    .

    2007-12-06 09:11 . 2007-12-06 09:11 <REP> d-------- C:\WINDOWS\report
    2007-12-06 09:10 . 2007-12-06 09:10 <REP> d-------- C:\WINDOWS\AU_Backup
    2007-12-06 09:10 . 2007-12-06 09:10 39,886,277 --a------ C:\WINDOWS\LPT$VPN.865
    2007-12-06 09:10 . 2007-12-06 09:10 1,902,547 --a------ C:\WINDOWS\tsc.ptn
    2007-12-06 09:10 . 2007-12-06 09:10 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
    2007-12-06 09:10 . 2007-12-06 09:10 267,845 --a------ C:\WINDOWS\tsc.exe
    2007-12-06 09:10 . 2007-12-06 09:10 86,094 --a------ C:\WINDOWS\BPMNT.dll
    2007-12-06 09:10 . 2007-12-06 09:10 71,749 --a------ C:\WINDOWS\hcextoutput.dll
    2007-12-06 09:10 . 2007-12-06 09:55 823 --a------ C:\WINDOWS\tsc.ini
    2007-12-06 09:09 . 2007-12-06 09:10 <REP> d-------- C:\WINDOWS\AU_Temp
    2007-12-06 09:09 . 2007-12-06 09:09 <REP> d-------- C:\WINDOWS\AU_Log
    2007-12-06 09:09 . 2007-12-06 09:10 39,886,277 --a------ C:\WINDOWS\VPTNFILE.865
    2007-12-06 09:09 . 2007-12-06 09:09 170 --a------ C:\WINDOWS\GetServer.ini
    2007-12-06 09:08 . 2007-12-06 09:08 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
    2007-12-06 09:08 . 2007-12-06 09:08 286,720 --a------ C:\WINDOWS\PATCH.EXE
    2007-12-06 09:08 . 2007-12-06 09:08 69,689 --a------ C:\WINDOWS\UNZIP.DLL
    2007-12-05 22:42 . 2007-12-05 22:42 74,304 --a------ C:\WINDOWS\system32\qojsccpn.exe
    2007-12-04 10:43 . 2007-12-04 10:50 791,938 ---hs---- C:\WINDOWS\system32\dtdimtib.ini
    2007-12-04 09:49 . 2007-12-04 09:49 0 --a------ C:\Install
    2007-12-04 09:46 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2007-12-04 09:46 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2007-12-04 09:46 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2007-12-04 09:46 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2007-12-04 09:46 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2007-12-04 09:24 . 2007-12-04 11:21 <REP> d-------- C:\Program Files\Panda Security
    2007-12-04 08:38 . 2007-12-04 09:07 2,405,102 ---hs---- C:\WINDOWS\system32\utoirnfn.ini
    2007-12-03 15:09 . 2007-12-03 15:09 <REP> d-------- C:\Program Files\Trend Micro
    2007-12-03 14:52 . 2007-12-04 09:04 <REP> d-------- C:\Documents and Settings\adme013\.housecall6.6
    2007-12-03 11:28 . 2005-10-14 14:50 147,456 --a------ C:\WINDOWS\system32\igfxres.dll
    2007-12-03 10:53 . 2007-12-03 10:53 <REP> d-------- C:\Program Files\MSXML 6.0
    2007-12-03 10:51 . 2007-12-03 10:51 <REP> d-------- C:\Program Files\MSBuild
    2007-12-03 10:46 . 2007-12-04 10:42 <REP> d-------- C:\WINDOWS\system32\XPSViewer
    2007-12-03 10:45 . 2007-12-03 10:45 <REP> d-------- C:\Program Files\Reference Assemblies
    2007-12-03 10:44 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
    2007-12-03 10:26 . 2007-12-03 10:26 <REP> d-------- C:\Documents and Settings\prigent5\Mes documents
    2007-12-03 07:48 . 2007-12-03 07:48 <REP> d-------- C:\Documents and Settings\terrie1\Mes documents
    2007-11-23 08:14 . 2007-12-03 11:31 2,335,790 ---hs---- C:\WINDOWS\system32\rkionayo.ini
    2007-11-21 20:14 . 2007-11-21 20:14 982,736 ---hs---- C:\WINDOWS\system32\kvyiiyln.ini
    2007-11-14 19:45 . 2007-11-21 08:22 913,184 ---hs---- C:\WINDOWS\system32\wjnyfcmy.ini
    2007-11-08 15:22 . 2004-08-04 00:55 91,648 --a------ C:\WINDOWS\system32\kswdmcap.ax
    2007-11-08 15:22 . 2004-08-04 00:55 91,648 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
    2007-11-08 15:22 . 2004-08-04 00:55 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
    2007-11-08 15:22 . 2004-08-04 00:55 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
    2007-11-08 15:22 . 2004-08-04 00:54 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
    2007-11-08 15:22 . 2004-08-04 00:54 54,784 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
    2007-11-08 15:22 . 2004-08-04 00:55 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
    2007-11-08 15:22 . 2004-08-04 00:55 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
    2007-11-08 15:22 . 2004-08-04 00:55 28,672 --a------ C:\WINDOWS\system32\vidcap.ax
    2007-11-08 15:22 . 2004-08-04 00:55 28,672 --a--c--- C:\WINDOWS\system32\dllcache\vidcap.ax
    2007-11-08 15:06 . 2007-11-08 15:06 <REP> d-------- C:\Program Files\Optika Vision
    2007-11-08 15:06 . 2007-11-08 15:06 <REP> d-------- C:\Program Files\No‰l Danjou
    2007-11-08 15:06 . 2007-11-08 15:06 <REP> d-------- C:\Program Files\ETUSB2.0
    2007-11-08 15:06 . 2007-11-08 15:06 <REP> d-------- C:\Program Files\eMPIA-ET

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-07 08:38 --------- d-----w C:\Documents and Settings\adme013\Application Data\OpenOffice.org2
    2007-12-04 10:25 --------- d-----w C:\Program Files\Hijackthis Version Française
    2007-12-04 10:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-12-04 10:24 --------- d-----w C:\Program Files\CyberLink DVD Solution
    2007-11-30 09:03 --------- d-----w C:\Documents and Settings\prof\Application Data\OpenOffice.org2
    2007-11-27 13:26 --------- d-----w C:\Documents and Settings\prof\Application Data\Canon
    2007-11-22 10:26 --------- d-----w C:\Documents and Settings\prof\Application Data\HP
    2007-11-12 14:30 --------- d-----w C:\Documents and Settings\prof\Application Data\U3
    2007-11-12 11:31 --------- d-----w C:\Documents and Settings\prof\Application Data\Image Zone Express
    2007-11-08 14:06 --------- d-----w C:\Program Files\Noël Danjou
    2007-10-26 06:07 --------- d-----w C:\Documents and Settings\prof\Application Data\ArcSoft
    2007-10-24 08:29 19,520 ----a-w C:\Documents and Settings\prof\Application Data\__c004480E.dat
    2007-10-22 15:41 --------- d-----w C:\Documents and Settings\adme013\Application Data\Canon
    2007-10-22 13:46 --------- d-----w C:\Documents and Settings\adme013\Application Data\HP
    2007-10-18 08:09 --------- d-----w C:\Documents and Settings\prof\Application Data\Printer Info Cache
    2007-10-16 14:10 --------- d-----w C:\Program Files\ClamWin
    2007-10-12 14:39 --------- d-----w C:\Program Files\ArcSoft
    2007-10-12 14:38 --------- d-----w C:\Program Files\Canon
    2007-10-12 13:53 --------- d-----w C:\Program Files\HP
    2007-10-12 13:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
    2007-10-12 13:52 --------- d-----w C:\Program Files\Fichiers communs\HP
    2007-10-12 13:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2007-10-12 13:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
    2004-10-01 14:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2265ABA8-972A-43F6-A5CB-6F5929CA114B}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4C843307-E5C8-46D0-B1F5-4E8965BB1F7B}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6BDC7929-5BE8-410A-8DBB-EC491808AC93}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8917FAA3-E9B3-4F28-983D-4E8E08C07C14}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ADED436B-AEE8-48F1-8C62-5642707FAA53}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C9C769D7-017C-4F9D-B606-C0334EAC26EF}]
    C:\DOCUME~1\prof\LOCALS~1\Temp\awtqn.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-18 14:11]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-05-09 16:06]
    "PMXInit"="C:\WINDOWS\system32\pmxinit.exe" [2001-09-04 00:00]
    "{88BE20BD-09DF-1036-1013-0510021}"="C:\Program Files\Fichiers communs\{88BE20BD-09DF-1036-1013-0510021}\Update.exe" []
    "ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [2007-08-21 20:05]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52]
    "etMonitor"="C:\WINDOWS\etMon.exe" [2005-10-11 17:57]
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-14 14:49]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-14 14:46]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-10-14 14:50]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "RunLogonScriptSync"= 1 (0x1)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoViewOnDrive"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Ahead\InCD\InCD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    2003-12-08 17:35 32768 --a------ C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

    R2 HPSLPSVC;HP Network Devices Support;C:\WINDOWS\system32\svchost.exe -k HPService
    R3 powervr;powervr;C:\WINDOWS\system32\DRIVERS\powervr.sys
    S3 2cdfd3ba-6ea9-4c83-9251-272bf8b831f0;2cdfd3ba-6ea9-4c83-9251-272bf8b831f0;\??\D:\Player\cds300.dll
    S3 7bf552a9-582c-426e-a0c3-298d9efdfc9f;7bf552a9-582c-426e-a0c3-298d9efdfc9f;\??\E:\Player\cds300.dll
    S3 AIDA32Driver;AIDA32Driver;\??\C:\Program Files\AIDA32 - Enterprise System Information\aida32.sys
    S3 DCamUSBET;DCM130 USB2.0 CAMERA ;C:\WINDOWS\system32\DRIVERS\etDevice.sys
    S3 FiltUSBET;DCM USB Device Lower Filter;C:\WINDOWS\system32\DRIVERS\etFilter.sys
    S3 ScanUSBET;DCM USB Still Image Capture Device;C:\WINDOWS\system32\DRIVERS\etScan.sys

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    HPService REG_MULTI_SZ HPSLPSVC
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    \Shell\AutoRun\command - E:\LaunchU3.exe -a

    .
    **************************************************************************

    catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-07 09:48:37
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-12-07 9:50:17 - machine was rebooted
    C:\ComboFix2.txt ... 2006-12-07 12:24
    .
    --- E O F ---
    a b 8 Sécurité
    7 Décembre 2007 13:05:33

    Reposte un rapport Hijackthis.
    7 Décembre 2007 13:22:50

    re
    voila mon rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:17:11, on 07/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\ClamWin\bin\ClamTray.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\etMon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.34.253:3128
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {2265ABA8-972A-43F6-A5CB-6F5929CA114B} - (no file)
    O2 - BHO: (no name) - {4C843307-E5C8-46D0-B1F5-4E8965BB1F7B} - (no file)
    O2 - BHO: (no name) - {6BDC7929-5BE8-410A-8DBB-EC491808AC93} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {8917FAA3-E9B3-4F28-983D-4E8E08C07C14} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: (no name) - {ADED436B-AEE8-48F1-8C62-5642707FAA53} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {C9C769D7-017C-4F9D-B606-C0334EAC26EF} - C:\DOCUME~1\prof\LOCALS~1\Temp\awtqn.dll (file missing)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
    O4 - HKLM\..\Run: [{88BE20BD-09DF-1036-1013-0510021}] "C:\Program Files\Fichiers communs\{88BE20BD-09DF-1036-1013-0510021}\Update.exe" mc-110-12-0000272
    O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
    O17 - HKLM\Software\..\Telephony: DomainName = 220023f.ac-rennes.fr
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe

    --
    End of file - 7311 bytes


    merci
    a+
    a b 8 Sécurité
    7 Décembre 2007 13:31:41

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {2265ABA8-972A-43F6-A5CB-6F5929CA114B} - (no file)
    O2 - BHO: (no name) - {4C843307-E5C8-46D0-B1F5-4E8965BB1F7B} - (no file)
    O2 - BHO: (no name) - {6BDC7929-5BE8-410A-8DBB-EC491808AC93} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {8917FAA3-E9B3-4F28-983D-4E8E08C07C14} - (no file)
    O2 - BHO: (no name) - {ADED436B-AEE8-48F1-8C62-5642707FAA53} - (no file)
    O2 - BHO: (no name) - {C9C769D7-017C-4F9D-B606-C0334EAC26EF} - C:\DOCUME~1\prof\LOCALS~1\Temp\awtqn.dll (file missing)
    O4 - HKLM\..\Run: [{88BE20BD-09DF-1036-1013-0510021}] "C:\Program Files\Fichiers communs\{88BE20BD-09DF-1036-1013-0510021}\Update.exe" mc-110-12-0000272


    Reposte un rapport Hijackthis.
    7 Décembre 2007 15:19:41

    re
    voici mon nouveau rapport hijack

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:16:15, on 07/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\ClamWin\bin\ClamTray.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\etMon.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.34.253:3128
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe
    O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
    O17 - HKLM\Software\..\Telephony: DomainName = 220023f.ac-rennes.fr
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = 220023f.ac-rennes.fr
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe

    --
    End of file - 6591 bytes



    merci a+
    a b 8 Sécurité
    7 Décembre 2007 17:47:51

    Mieux ?
    10 Décembre 2007 16:58:30

    bonjour

    c'est beaucoup mieux
    les spams et faux antispams ont l'air partis

    merci pour ton aide précieuse

    avoir sur le long termes

    a bientot

    merci
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS