Votre question

rapport HijackThis pour voir si j ai rien

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Décembre 2006 12:04:56

bonjour,est ce possible de verifier mon rapport pas envie d avoir des petites bebettes sur mon orid moi lol

merci

Logfile of HijackThis v1.99.1-
Scan saved at 11:51:24, on 9/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\msiexec.exe
C:\PROGRA~1\Yahoo!\Common\unyt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ACD Systems\ACDSee\6.0\ACDSee6.exe
C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ogame.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {03733AEC-1A45-E742-4F5D-9544EFE63FE9} - (no file)
O2 - BHO: (no name) - {04A2CA19-69CB-6234-29E3-85CCFE6F5405} - (no file)
O2 - BHO: (no name) - {0654286F-861C-D256-AA45-D626029CD074} - (no file)
O2 - BHO: (no name) - {089ABD91-26C6-7AA0-2AB0-C46C5C3AF77F} - (no file)
O2 - BHO: (no name) - {0AC5D5FC-CDEA-D4D6-2A99-1B6A091210B5} - (no file)
O2 - BHO: (no name) - {0ADEDB63-B002-AD03-B35E-50A7032C9436} - (no file)
O2 - BHO: (no name) - {0E94A448-F010-22AC-4627-6BCC175C147B} - (no file)
O2 - BHO: (no name) - {0F97ADD7-AD8D-6BF8-1F9C-07FA16D0FFA3} - (no file)
O2 - BHO: (no name) - {10FEB7E7-4A2D-6D1F-3B9F-8F9FEE32D825} - (no file)
O2 - BHO: (no name) - {12899B2B-DA72-DAA3-33E7-18D55F24E119} - (no file)
O2 - BHO: (no name) - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - (no file)
O2 - BHO: (no name) - {153AF5DA-EFD3-6F8C-0B4C-4FB02091E83D} - (no file)
O2 - BHO: (no name) - {16BD821E-5751-423E-4850-6CC5D07FECD8} - (no file)
O2 - BHO: (no name) - {197A8D26-DFA5-F761-1F4B-4A8703447597} - (no file)
O2 - BHO: (no name) - {1A478816-E063-0971-D763-1BABBFD87872} - (no file)
O2 - BHO: (no name) - {1BD58A3D-D84D-3006-CA07-81714822BEDB} - (no file)
O2 - BHO: (no name) - {1BF1DFBE-EFEE-094D-4B4A-A1B0633959B8} - (no file)
O2 - BHO: (no name) - {1EA1894C-86D6-8970-CC33-F7AD038B13C4} - (no file)
O2 - BHO: (no name) - {1EC115CF-1A9E-A037-A1A3-661E0F314632} - (no file)
O2 - BHO: (no name) - {229D2295-EABB-729C-CF01-0FEA1A13D1A2} - (no file)
O2 - BHO: (no name) - {2344D7E7-CE38-897A-FF8F-1D623F27EA1C} - (no file)
O2 - BHO: (no name) - {2536C943-1153-AD4C-300A-B4B7FF0DA8BA} - (no file)
O2 - BHO: (no name) - {29EF042A-706D-0056-6884-957B324286BA} - (no file)
O2 - BHO: (no name) - {2B2B2C0A-8F1B-89F0-6D9F-8F53718E5709} - (no file)
O2 - BHO: (no name) - {2C0AA1C9-EAD1-6D31-F171-F004D9CAEAF3} - (no file)
O2 - BHO: (no name) - {2C3AC6BD-184A-72AA-AA76-FD625963E408} - (no file)
O2 - BHO: (no name) - {2D9FBBF6-B32B-BF80-0139-69FF4513F4FE} - (no file)
O2 - BHO: (no name) - {2ECE8A5F-7B88-0E3A-7B26-178AA424B2CF} - (no file)
O2 - BHO: (no name) - {2FC63E7D-B1AD-A15E-08BB-3F44B89C3C38} - (no file)
O2 - BHO: (no name) - {30CF258B-877E-D68F-75DB-04254FA4477D} - (no file)
O2 - BHO: (no name) - {36FD485F-4C65-E8D5-204F-7B909FA681D2} - (no file)
O2 - BHO: (no name) - {3BAC722D-3B91-92A8-0FE9-3C20566A242D} - (no file)
O2 - BHO: (no name) - {3C690BC2-7682-8F6C-CC10-E64826571544} - (no file)
O2 - BHO: (no name) - {41DD2595-D499-DD4F-B411-6E2F986521EA} - (no file)
O2 - BHO: (no name) - {41F19720-1BDB-49B4-8199-77C3C47E4D01} - (no file)
O2 - BHO: (no name) - {44B14A5D-EF05-8A73-645F-321A1D3DA204} - (no file)
O2 - BHO: (no name) - {44E48825-9CDA-8A48-8D27-1A169942AC4E} - (no file)
O2 - BHO: (no name) - {450A0139-EE98-149B-D4CA-65522E7424A7} - (no file)
O2 - BHO: (no name) - {45BE5D9D-A13A-9FA6-68C3-7E04D9D89E5B} - (no file)
O2 - BHO: (no name) - {4855AACF-1F8F-710E-EFAF-19B0F8EE4D1C} - (no file)
O2 - BHO: (no name) - {4CF3F22B-5DA9-5DE0-5DEB-EE4100912572} - (no file)
O2 - BHO: (no name) - {4D0ED6BF-D64D-884B-351B-E924C175C0E1} - (no file)
O2 - BHO: (no name) - {4EC009E1-A0FC-D8EC-3236-F2F50D9D6FD3} - (no file)
O2 - BHO: (no name) - {4EDC72D6-1677-BA8E-A3E9-F6CD337060DB} - (no file)
O2 - BHO: (no name) - {4FD3C147-41DE-1F3D-33EC-2D9B34788A22} - (no file)
O2 - BHO: (no name) - {507C083A-E88D-27DA-C5FD-F626D1AF475A} - (no file)
O2 - BHO: (no name) - {57D786B2-F19C-B77F-7E6B-D102D52C94FD} - (no file)
O2 - BHO: (no name) - {58A38705-CB9F-7B61-F5FA-A70899B04378} - (no file)
O2 - BHO: (no name) - {5AE87369-A8F4-B1D6-ED81-BB42DB32D81B} - (no file)
O2 - BHO: (no name) - {610207BA-E8D7-9260-B756-291184C1BFB4} - (no file)
O2 - BHO: (no name) - {62ADEB62-FF97-1F48-A5D0-543177178FB0} - (no file)
O2 - BHO: (no name) - {68EDD3F4-E8AE-FD59-74FA-262316976262} - (no file)
O2 - BHO: (no name) - {6A3DED5F-EAD0-BCC5-FEE2-722A35C44A8C} - (no file)
O2 - BHO: (no name) - {6A71EC6C-B4CA-3F01-A0DA-FA3F7B759912} - (no file)
O2 - BHO: (no name) - {6E904118-91B8-3F31-2ED7-1F02C7E6CF6E} - (no file)
O2 - BHO: (no name) - {6FCBBEF2-5ADB-ECE5-F01E-7664EE3BE486} - (no file)
O2 - BHO: (no name) - {7115B539-BB04-24CC-2B23-6827E7FC740F} - (no file)
O2 - BHO: (no name) - {76558A55-90AE-81AD-3B53-B36989DABBC7} - (no file)
O2 - BHO: (no name) - {77D6A3EB-35E9-C062-5ADD-F1EC137D83E6} - (no file)
O2 - BHO: (no name) - {7970E706-D02D-A73A-7C76-6016BB2C1460} - (no file)
O2 - BHO: (no name) - {7D04D26C-C5D0-B880-1491-9D484DA65FEC} - (no file)
O2 - BHO: (no name) - {7E2B26C6-E6A8-572A-26C8-F00ACBFAF0DA} - (no file)
O2 - BHO: (no name) - {7E2E424C-CA3E-2380-8EDE-6E1143E54FD8} - (no file)
O2 - BHO: (no name) - {8431D630-BFFA-E427-E86A-AD42E33BE040} - (no file)
O2 - BHO: (no name) - {8674F6CD-EB6E-CD07-FBE1-506F82436CC8} - (no file)
O2 - BHO: (no name) - {89ADEF4E-3F32-427D-B343-75CD9B63CFF6} - (no file)
O2 - BHO: (no name) - {8F3008A1-7126-63E7-0B58-6CB6D22878A1} - (no file)
O2 - BHO: (no name) - {908769E2-4A81-1229-AF77-095E926EDFCB} - (no file)
O2 - BHO: (no name) - {9125713D-ABCD-6F47-1A15-550E5B5622AF} - (no file)
O2 - BHO: (no name) - {9283B90B-6824-9F8C-CDEE-A26195750B35} - (no file)
O2 - BHO: (no name) - {93587622-0E15-2933-A432-4FC8AFF51981} - (no file)
O2 - BHO: (no name) - {93708BF8-2057-AA22-138B-2C7F00B78D7B} - (no file)
O2 - BHO: (no name) - {943544B1-5A24-1DF9-55CE-89DC02154188} - (no file)
O2 - BHO: (no name) - {95B60120-83F3-6EE8-F150-763CFEC0137D} - (no file)
O2 - BHO: (no name) - {972C70DC-3F58-38DC-719C-265704EEF8A0} - (no file)
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: (no name) - {9DB2564C-B368-0DA1-BB00-6F46F0DD9CD2} - (no file)
O2 - BHO: (no name) - {9FDEC173-21F7-980A-124F-9D55C74F77FE} - (no file)
O2 - BHO: (no name) - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - (no file)
O2 - BHO: (no name) - {A3C660FF-DEAB-ECF0-02FE-C8DC9874C708} - (no file)
O2 - BHO: (no name) - {A493684E-9B4F-2C08-E3D3-1677B7786D2B} - (no file)
O2 - BHO: (no name) - {A5173620-80DD-1801-61F5-64E05A1BC94E} - (no file)
O2 - BHO: (no name) - {A5D041F1-3116-D1DA-4877-515DA73CA3B5} - (no file)
O2 - BHO: (no name) - {A5F02AA1-E33B-02E2-EE38-6C66F5363B53} - (no file)
O2 - BHO: (no name) - {A7463545-A0D8-73A1-95B5-1803A21D325B} - (no file)
O2 - BHO: (no name) - {A77FEE92-1430-913D-80DE-70C0D45457FE} - (no file)
O2 - BHO: (no name) - {A9C2FD6D-46F4-42AA-9928-C3DEE310A934} - (no file)
O2 - BHO: (no name) - {AA3DFBA3-794F-4010-B3F3-C48392777851} - (no file)
O2 - BHO: (no name) - {AAEAF0EF-4CCD-6801-830D-30AC3AB7C39B} - (no file)
O2 - BHO: (no name) - {AEF31B04-E4D2-E8D3-9366-37404CC10854} - (no file)
O2 - BHO: (no name) - {AF451484-05EA-655A-4EE7-4B4F9A677388} - (no file)
O2 - BHO: (no name) - {B04ECF18-A7FE-A8BD-02D3-D4A77E6732EF} - (no file)
O2 - BHO: (no name) - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - (no file)
O2 - BHO: (no name) - {B4A89AC1-01DB-2590-AA18-58102CF0CE73} - (no file)
O2 - BHO: (no name) - {B6EFF8ED-FE91-D486-61D0-EF55DD5220AC} - (no file)
O2 - BHO: (no name) - {B86BEFD1-FD7B-BF76-1007-90B9084541C0} - (no file)
O2 - BHO: (no name) - {BD6D3515-13C8-89DB-38D3-4630B615B324} - (no file)
O2 - BHO: (no name) - {C0B6C5F3-C5FC-DCC2-FD6D-1F16A65205BA} - (no file)
O2 - BHO: (no name) - {C17630F0-44D4-91C7-ECCD-5C43EB80D769} - (no file)
O2 - BHO: (no name) - {C1A41FA6-75A9-208D-8DC5-1020AE6270B6} - (no file)
O2 - BHO: (no name) - {C69B1F3A-4663-8432-FEB2-965058C8B817} - (no file)
O2 - BHO: (no name) - {D40716D3-6A48-428B-C2E2-B255F3EB8167} - (no file)
O2 - BHO: (no name) - {D544B225-4B6F-E902-1009-572A992C0C2D} - (no file)
O2 - BHO: (no name) - {D82EE588-4BCA-D64F-594D-C86A9AAE64BF} - (no file)
O2 - BHO: (no name) - {D83E8454-F737-08C7-6BBB-9567C0B82257} - (no file)
O2 - BHO: (no name) - {DABFF8C3-DF48-F11C-290D-D7CD732B35CC} - (no file)
O2 - BHO: (no name) - {DD044C97-E237-CDA4-B4E1-F2933683BE38} - (no file)
O2 - BHO: (no name) - {E235E7F2-50B6-8BB5-7373-BEF349F0423C} - (no file)
O2 - BHO: (no name) - {E2EFAFF5-340E-A0DE-D25A-7AF4C9F82536} - (no file)
O2 - BHO: (no name) - {E3A394DC-5804-B13F-0871-B5BBEB258C5E} - (no file)
O2 - BHO: (no name) - {E4619879-B07F-005E-F203-9FEE8EA8D4A8} - (no file)
O2 - BHO: (no name) - {E5AEC6A2-E0DA-BCCF-46E8-C8D57F1BAB09} - (no file)
O2 - BHO: (no name) - {E744D294-2AA6-B5FC-A3C2-48601F4CDCDD} - (no file)
O2 - BHO: (no name) - {EAB92D78-0DD3-8A5E-CA0A-36AA7566EC41} - (no file)
O2 - BHO: (no name) - {EDA47566-FF22-C6CB-022E-9E5BA4649C49} - (no file)
O2 - BHO: (no name) - {EE2A819A-7B6D-3396-6030-52CEC509153A} - (no file)
O2 - BHO: (no name) - {EE5C5E5D-1391-F15D-C214-27CF50897C22} - (no file)
O2 - BHO: (no name) - {EE7D83AF-7B9D-6B09-3E59-713C735C30F9} - (no file)
O2 - BHO: (no name) - {EF575F1A-1A18-7B87-F4D8-13A1763ADD3C} - (no file)
O2 - BHO: (no name) - {EFF0DA76-9796-3B9F-3EC2-35A88D1F24F6} - (no file)
O2 - BHO: (no name) - {F1895589-F7BC-679C-6B28-F8543FF20375} - (no file)
O2 - BHO: (no name) - {F2AEE8C6-488F-FB83-41DC-7207FA4758DF} - (no file)
O2 - BHO: (no name) - {F30D52D3-63DC-8C5D-5F20-2855D0649A73} - (no file)
O2 - BHO: (no name) - {F9CE4E9E-3BBE-0D76-2070-5593678A3953} - (no file)
O2 - BHO: (no name) - {FA239BAA-E441-30B6-0ABB-3EAAF567B877} - (no file)
O2 - BHO: (no name) - {FBA75B83-8BB1-572B-E746-D7AA2D568491} - (no file)
O2 - BHO: (no name) - {FF455AC6-FB2E-6A66-8E0D-2CA0A8C97D68} - (no file)
O2 - BHO: (no name) - {FF56B561-EE03-788D-F628-1F9CD8262ABA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll (file missing)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\System32\Utility.exe \1008
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] "C:\Program Files\AGEIA Technologies\TrayIcon.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scann...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{88FE243E-25A8-44EA-B225-D609041F6A6D}: NameServer = 85.255.115.236,85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{8EE3D44D-46EA-4D63-9FEB-E6DD2EBFDE8F}: NameServer = 85.255.115.236 85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{C225EA0D-20D5-4CDF-BAC6-7DDDE2F2AE01}: NameServer = 85.255.115.236,85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6F3C3D3-7A0E-493F-BFF0-8F3423C00AFF}: NameServer = 85.255.115.236,85.255.112.186
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.236 85.255.112.186
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.236 85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.236 85.255.112.186
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Autres pages sur : rapport hijackthis rien

9 Décembre 2006 12:08:26

Salut, je sais pas du tout t'aidé mais je voudrais savoir si tu pouvais me dire comment tu fais ce truc (toute la liste) car j'ai un spyware sur mon ordi et je voudrais m'en débarasser...merci ;) 
9 Décembre 2006 12:10:06

avec un programme HijackThis tu le fais la recherche sur ce site et tu trouve puis tu le lance et tu fais un copier coller du rapport
Contenus similaires
9 Décembre 2006 12:11:09

ok, merci bcp!!
bonne chance pour toi!! :) 
9 Décembre 2006 13:44:11

up^^
9 Décembre 2006 15:40:34

reup :( 
a b 8 Sécurité
9 Décembre 2006 15:43:45

Bonjour,

Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.

Télécharge le FixWareout d'un de ces deux sites sur le bureau:
Lien n°1
Lien n°2

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

Quand ton système aura redémarré, suis les invites des messages. Ensuite lance HijackThis. Clique sur Do a System Only puis coche les lignes suivantes :

O2 - BHO: (no name) - {03733AEC-1A45-E742-4F5D-9544EFE63FE9} - (no file)
O2 - BHO: (no name) - {04A2CA19-69CB-6234-29E3-85CCFE6F5405} - (no file)
O2 - BHO: (no name) - {0654286F-861C-D256-AA45-D626029CD074} - (no file)
O2 - BHO: (no name) - {089ABD91-26C6-7AA0-2AB0-C46C5C3AF77F} - (no file)
O2 - BHO: (no name) - {0AC5D5FC-CDEA-D4D6-2A99-1B6A091210B5} - (no file)
O2 - BHO: (no name) - {0ADEDB63-B002-AD03-B35E-50A7032C9436} - (no file)
O2 - BHO: (no name) - {0E94A448-F010-22AC-4627-6BCC175C147B} - (no file)
O2 - BHO: (no name) - {0F97ADD7-AD8D-6BF8-1F9C-07FA16D0FFA3} - (no file)
O2 - BHO: (no name) - {10FEB7E7-4A2D-6D1F-3B9F-8F9FEE32D825} - (no file)
O2 - BHO: (no name) - {12899B2B-DA72-DAA3-33E7-18D55F24E119} - (no file)
O2 - BHO: (no name) - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - (no file)
O2 - BHO: (no name) - {153AF5DA-EFD3-6F8C-0B4C-4FB02091E83D} - (no file)
O2 - BHO: (no name) - {16BD821E-5751-423E-4850-6CC5D07FECD8} - (no file)
O2 - BHO: (no name) - {197A8D26-DFA5-F761-1F4B-4A8703447597} - (no file)
O2 - BHO: (no name) - {1A478816-E063-0971-D763-1BABBFD87872} - (no file)
O2 - BHO: (no name) - {1BD58A3D-D84D-3006-CA07-81714822BEDB} - (no file)
O2 - BHO: (no name) - {1BF1DFBE-EFEE-094D-4B4A-A1B0633959B8} - (no file)
O2 - BHO: (no name) - {1EA1894C-86D6-8970-CC33-F7AD038B13C4} - (no file)
O2 - BHO: (no name) - {1EC115CF-1A9E-A037-A1A3-661E0F314632} - (no file)
O2 - BHO: (no name) - {229D2295-EABB-729C-CF01-0FEA1A13D1A2} - (no file)
O2 - BHO: (no name) - {2344D7E7-CE38-897A-FF8F-1D623F27EA1C} - (no file)
O2 - BHO: (no name) - {2536C943-1153-AD4C-300A-B4B7FF0DA8BA} - (no file)
O2 - BHO: (no name) - {29EF042A-706D-0056-6884-957B324286BA} - (no file)
O2 - BHO: (no name) - {2B2B2C0A-8F1B-89F0-6D9F-8F53718E5709} - (no file)
O2 - BHO: (no name) - {2C0AA1C9-EAD1-6D31-F171-F004D9CAEAF3} - (no file)
O2 - BHO: (no name) - {2C3AC6BD-184A-72AA-AA76-FD625963E408} - (no file)
O2 - BHO: (no name) - {2D9FBBF6-B32B-BF80-0139-69FF4513F4FE} - (no file)
O2 - BHO: (no name) - {2ECE8A5F-7B88-0E3A-7B26-178AA424B2CF} - (no file)
O2 - BHO: (no name) - {2FC63E7D-B1AD-A15E-08BB-3F44B89C3C38} - (no file)
O2 - BHO: (no name) - {30CF258B-877E-D68F-75DB-04254FA4477D} - (no file)
O2 - BHO: (no name) - {36FD485F-4C65-E8D5-204F-7B909FA681D2} - (no file)
O2 - BHO: (no name) - {3BAC722D-3B91-92A8-0FE9-3C20566A242D} - (no file)
O2 - BHO: (no name) - {3C690BC2-7682-8F6C-CC10-E64826571544} - (no file)
O2 - BHO: (no name) - {41DD2595-D499-DD4F-B411-6E2F986521EA} - (no file)
O2 - BHO: (no name) - {41F19720-1BDB-49B4-8199-77C3C47E4D01} - (no file)
O2 - BHO: (no name) - {44B14A5D-EF05-8A73-645F-321A1D3DA204} - (no file)
O2 - BHO: (no name) - {44E48825-9CDA-8A48-8D27-1A169942AC4E} - (no file)
O2 - BHO: (no name) - {450A0139-EE98-149B-D4CA-65522E7424A7} - (no file)
O2 - BHO: (no name) - {45BE5D9D-A13A-9FA6-68C3-7E04D9D89E5B} - (no file)
O2 - BHO: (no name) - {4855AACF-1F8F-710E-EFAF-19B0F8EE4D1C} - (no file)
O2 - BHO: (no name) - {4CF3F22B-5DA9-5DE0-5DEB-EE4100912572} - (no file)
O2 - BHO: (no name) - {4D0ED6BF-D64D-884B-351B-E924C175C0E1} - (no file)
O2 - BHO: (no name) - {4EC009E1-A0FC-D8EC-3236-F2F50D9D6FD3} - (no file)
O2 - BHO: (no name) - {4EDC72D6-1677-BA8E-A3E9-F6CD337060DB} - (no file)
O2 - BHO: (no name) - {4FD3C147-41DE-1F3D-33EC-2D9B34788A22} - (no file)
O2 - BHO: (no name) - {507C083A-E88D-27DA-C5FD-F626D1AF475A} - (no file)
O2 - BHO: (no name) - {57D786B2-F19C-B77F-7E6B-D102D52C94FD} - (no file)
O2 - BHO: (no name) - {58A38705-CB9F-7B61-F5FA-A70899B04378} - (no file)
O2 - BHO: (no name) - {5AE87369-A8F4-B1D6-ED81-BB42DB32D81B} - (no file)
O2 - BHO: (no name) - {610207BA-E8D7-9260-B756-291184C1BFB4} - (no file)
O2 - BHO: (no name) - {62ADEB62-FF97-1F48-A5D0-543177178FB0} - (no file)
O2 - BHO: (no name) - {68EDD3F4-E8AE-FD59-74FA-262316976262} - (no file)
O2 - BHO: (no name) - {6A3DED5F-EAD0-BCC5-FEE2-722A35C44A8C} - (no file)
O2 - BHO: (no name) - {6A71EC6C-B4CA-3F01-A0DA-FA3F7B759912} - (no file)
O2 - BHO: (no name) - {6E904118-91B8-3F31-2ED7-1F02C7E6CF6E} - (no file)
O2 - BHO: (no name) - {6FCBBEF2-5ADB-ECE5-F01E-7664EE3BE486} - (no file)
O2 - BHO: (no name) - {7115B539-BB04-24CC-2B23-6827E7FC740F} - (no file)
O2 - BHO: (no name) - {76558A55-90AE-81AD-3B53-B36989DABBC7} - (no file)
O2 - BHO: (no name) - {77D6A3EB-35E9-C062-5ADD-F1EC137D83E6} - (no file)
O2 - BHO: (no name) - {7970E706-D02D-A73A-7C76-6016BB2C1460} - (no file)
O2 - BHO: (no name) - {7D04D26C-C5D0-B880-1491-9D484DA65FEC} - (no file)
O2 - BHO: (no name) - {7E2B26C6-E6A8-572A-26C8-F00ACBFAF0DA} - (no file)
O2 - BHO: (no name) - {7E2E424C-CA3E-2380-8EDE-6E1143E54FD8} - (no file)
O2 - BHO: (no name) - {8431D630-BFFA-E427-E86A-AD42E33BE040} - (no file)
O2 - BHO: (no name) - {8674F6CD-EB6E-CD07-FBE1-506F82436CC8} - (no file)
O2 - BHO: (no name) - {89ADEF4E-3F32-427D-B343-75CD9B63CFF6} - (no file)
O2 - BHO: (no name) - {8F3008A1-7126-63E7-0B58-6CB6D22878A1} - (no file)
O2 - BHO: (no name) - {908769E2-4A81-1229-AF77-095E926EDFCB} - (no file)
O2 - BHO: (no name) - {9125713D-ABCD-6F47-1A15-550E5B5622AF} - (no file)
O2 - BHO: (no name) - {9283B90B-6824-9F8C-CDEE-A26195750B35} - (no file)
O2 - BHO: (no name) - {93587622-0E15-2933-A432-4FC8AFF51981} - (no file)
O2 - BHO: (no name) - {93708BF8-2057-AA22-138B-2C7F00B78D7B} - (no file)
O2 - BHO: (no name) - {943544B1-5A24-1DF9-55CE-89DC02154188} - (no file)
O2 - BHO: (no name) - {95B60120-83F3-6EE8-F150-763CFEC0137D} - (no file)
O2 - BHO: (no name) - {972C70DC-3F58-38DC-719C-265704EEF8A0} - (no file)
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: (no name) - {9DB2564C-B368-0DA1-BB00-6F46F0DD9CD2} - (no file)
O2 - BHO: (no name) - {9FDEC173-21F7-980A-124F-9D55C74F77FE} - (no file)
O2 - BHO: (no name) - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - (no file)
O2 - BHO: (no name) - {A3C660FF-DEAB-ECF0-02FE-C8DC9874C708} - (no file)
O2 - BHO: (no name) - {A493684E-9B4F-2C08-E3D3-1677B7786D2B} - (no file)
O2 - BHO: (no name) - {A5173620-80DD-1801-61F5-64E05A1BC94E} - (no file)
O2 - BHO: (no name) - {A5D041F1-3116-D1DA-4877-515DA73CA3B5} - (no file)
O2 - BHO: (no name) - {A5F02AA1-E33B-02E2-EE38-6C66F5363B53} - (no file)
O2 - BHO: (no name) - {A7463545-A0D8-73A1-95B5-1803A21D325B} - (no file)
O2 - BHO: (no name) - {A77FEE92-1430-913D-80DE-70C0D45457FE} - (no file)
O2 - BHO: (no name) - {A9C2FD6D-46F4-42AA-9928-C3DEE310A934} - (no file)
O2 - BHO: (no name) - {AA3DFBA3-794F-4010-B3F3-C48392777851} - (no file)
O2 - BHO: (no name) - {AAEAF0EF-4CCD-6801-830D-30AC3AB7C39B} - (no file)
O2 - BHO: (no name) - {AEF31B04-E4D2-E8D3-9366-37404CC10854} - (no file)
O2 - BHO: (no name) - {AF451484-05EA-655A-4EE7-4B4F9A677388} - (no file)
O2 - BHO: (no name) - {B04ECF18-A7FE-A8BD-02D3-D4A77E6732EF} - (no file)
O2 - BHO: (no name) - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - (no file)
O2 - BHO: (no name) - {B4A89AC1-01DB-2590-AA18-58102CF0CE73} - (no file)
O2 - BHO: (no name) - {B6EFF8ED-FE91-D486-61D0-EF55DD5220AC} - (no file)
O2 - BHO: (no name) - {B86BEFD1-FD7B-BF76-1007-90B9084541C0} - (no file)
O2 - BHO: (no name) - {BD6D3515-13C8-89DB-38D3-4630B615B324} - (no file)
O2 - BHO: (no name) - {C0B6C5F3-C5FC-DCC2-FD6D-1F16A65205BA} - (no file)
O2 - BHO: (no name) - {C17630F0-44D4-91C7-ECCD-5C43EB80D769} - (no file)
O2 - BHO: (no name) - {C1A41FA6-75A9-208D-8DC5-1020AE6270B6} - (no file)
O2 - BHO: (no name) - {C69B1F3A-4663-8432-FEB2-965058C8B817} - (no file)
O2 - BHO: (no name) - {D40716D3-6A48-428B-C2E2-B255F3EB8167} - (no file)
O2 - BHO: (no name) - {D544B225-4B6F-E902-1009-572A992C0C2D} - (no file)
O2 - BHO: (no name) - {D82EE588-4BCA-D64F-594D-C86A9AAE64BF} - (no file)
O2 - BHO: (no name) - {D83E8454-F737-08C7-6BBB-9567C0B82257} - (no file)
O2 - BHO: (no name) - {DABFF8C3-DF48-F11C-290D-D7CD732B35CC} - (no file)
O2 - BHO: (no name) - {DD044C97-E237-CDA4-B4E1-F2933683BE38} - (no file)
O2 - BHO: (no name) - {E235E7F2-50B6-8BB5-7373-BEF349F0423C} - (no file)
O2 - BHO: (no name) - {E2EFAFF5-340E-A0DE-D25A-7AF4C9F82536} - (no file)
O2 - BHO: (no name) - {E3A394DC-5804-B13F-0871-B5BBEB258C5E} - (no file)
O2 - BHO: (no name) - {E4619879-B07F-005E-F203-9FEE8EA8D4A8} - (no file)
O2 - BHO: (no name) - {E5AEC6A2-E0DA-BCCF-46E8-C8D57F1BAB09} - (no file)
O2 - BHO: (no name) - {E744D294-2AA6-B5FC-A3C2-48601F4CDCDD} - (no file)
O2 - BHO: (no name) - {EAB92D78-0DD3-8A5E-CA0A-36AA7566EC41} - (no file)
O2 - BHO: (no name) - {EDA47566-FF22-C6CB-022E-9E5BA4649C49} - (no file)
O2 - BHO: (no name) - {EE2A819A-7B6D-3396-6030-52CEC509153A} - (no file)
O2 - BHO: (no name) - {EE5C5E5D-1391-F15D-C214-27CF50897C22} - (no file)
O2 - BHO: (no name) - {EE7D83AF-7B9D-6B09-3E59-713C735C30F9} - (no file)
O2 - BHO: (no name) - {EF575F1A-1A18-7B87-F4D8-13A1763ADD3C} - (no file)
O2 - BHO: (no name) - {EFF0DA76-9796-3B9F-3EC2-35A88D1F24F6} - (no file)
O2 - BHO: (no name) - {F1895589-F7BC-679C-6B28-F8543FF20375} - (no file)
O2 - BHO: (no name) - {F2AEE8C6-488F-FB83-41DC-7207FA4758DF} - (no file)
O2 - BHO: (no name) - {F30D52D3-63DC-8C5D-5F20-2855D0649A73} - (no file)
O2 - BHO: (no name) - {F9CE4E9E-3BBE-0D76-2070-5593678A3953} - (no file)
O2 - BHO: (no name) - {FA239BAA-E441-30B6-0ABB-3EAAF567B877} - (no file)
O2 - BHO: (no name) - {FBA75B83-8BB1-572B-E746-D7AA2D568491} - (no file)
O2 - BHO: (no name) - {FF455AC6-FB2E-6A66-8E0D-2CA0A8C97D68} - (no file)
O2 - BHO: (no name) - {FF56B561-EE03-788D-F628-1F9CD8262ABA} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll (file missing)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{88FE243E-25A8-44EA-B225-D609041F6A6D}: NameServer = 85.255.115.236,85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{8EE3D44D-46EA-4D63-9FEB-E6DD2EBFDE8F}: NameServer = 85.255.115.236 85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{C225EA0D-20D5-4CDF-BAC6-7DDDE2F2AE01}: NameServer = 85.255.115.236,85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6F3C3D3-7A0E-493F-BFF0-8F3423C00AFF}: NameServer = 85.255.115.236,85.255.112.186
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.236 85.255.112.186
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.236 85.255.112.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.236 85.255.112.186


Clique sur Fix Checked. Ferme HijackThis et clique sur OK pour continuer la procédure.

A la fin du fix, tu auras peut-être encore besoin de redémarrer le PC.

Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HijackThis.
9 Décembre 2006 16:00:21


Fixwareout
Last edited 12/06/2006
Post this report in the forums please
...
Prerun check
[HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"="kdwoy.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
@=""
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00

...
...
Reg Entries that were deleted
...

Random Runs removed from HKLM
...
...

PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

»»»»» Searching by size/names...

»»»»»
Search five digit cs, dm kd and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\KDWOY.EXE 63.561 2004-08-20

Other suspects.

»»»»» Misc files.

»»»»» Checking for older varients covered by the Rem3 tool.
...

Logfile of HijackThis v1.99.1
Scan saved at 15:56:11, on 9/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {03733AEC-1A45-E742-4F5D-9544EFE63FE9} - (no file)
O2 - BHO: (no name) - {04A2CA19-69CB-6234-29E3-85CCFE6F5405} - (no file)
O2 - BHO: (no name) - {0654286F-861C-D256-AA45-D626029CD074} - (no file)
O2 - BHO: (no name) - {089ABD91-26C6-7AA0-2AB0-C46C5C3AF77F} - (no file)
O2 - BHO: (no name) - {0AC5D5FC-CDEA-D4D6-2A99-1B6A091210B5} - (no file)
O2 - BHO: (no name) - {0ADEDB63-B002-AD03-B35E-50A7032C9436} - (no file)
O2 - BHO: (no name) - {0E94A448-F010-22AC-4627-6BCC175C147B} - (no file)
O2 - BHO: (no name) - {0F97ADD7-AD8D-6BF8-1F9C-07FA16D0FFA3} - (no file)
O2 - BHO: (no name) - {10FEB7E7-4A2D-6D1F-3B9F-8F9FEE32D825} - (no file)
O2 - BHO: (no name) - {12899B2B-DA72-DAA3-33E7-18D55F24E119} - (no file)
O2 - BHO: (no name) - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - (no file)
O2 - BHO: (no name) - {153AF5DA-EFD3-6F8C-0B4C-4FB02091E83D} - (no file)
O2 - BHO: (no name) - {16BD821E-5751-423E-4850-6CC5D07FECD8} - (no file)
O2 - BHO: (no name) - {197A8D26-DFA5-F761-1F4B-4A8703447597} - (no file)
O2 - BHO: (no name) - {1A478816-E063-0971-D763-1BABBFD87872} - (no file)
O2 - BHO: (no name) - {1BD58A3D-D84D-3006-CA07-81714822BEDB} - (no file)
O2 - BHO: (no name) - {1BF1DFBE-EFEE-094D-4B4A-A1B0633959B8} - (no file)
O2 - BHO: (no name) - {1EA1894C-86D6-8970-CC33-F7AD038B13C4} - (no file)
O2 - BHO: (no name) - {1EC115CF-1A9E-A037-A1A3-661E0F314632} - (no file)
O2 - BHO: (no name) - {229D2295-EABB-729C-CF01-0FEA1A13D1A2} - (no file)
O2 - BHO: (no name) - {2344D7E7-CE38-897A-FF8F-1D623F27EA1C} - (no file)
O2 - BHO: (no name) - {2536C943-1153-AD4C-300A-B4B7FF0DA8BA} - (no file)
O2 - BHO: (no name) - {29EF042A-706D-0056-6884-957B324286BA} - (no file)
O2 - BHO: (no name) - {2B2B2C0A-8F1B-89F0-6D9F-8F53718E5709} - (no file)
O2 - BHO: (no name) - {2C0AA1C9-EAD1-6D31-F171-F004D9CAEAF3} - (no file)
O2 - BHO: (no name) - {2C3AC6BD-184A-72AA-AA76-FD625963E408} - (no file)
O2 - BHO: (no name) - {2D9FBBF6-B32B-BF80-0139-69FF4513F4FE} - (no file)
O2 - BHO: (no name) - {2ECE8A5F-7B88-0E3A-7B26-178AA424B2CF} - (no file)
O2 - BHO: (no name) - {2FC63E7D-B1AD-A15E-08BB-3F44B89C3C38} - (no file)
O2 - BHO: (no name) - {30CF258B-877E-D68F-75DB-04254FA4477D} - (no file)
O2 - BHO: (no name) - {36FD485F-4C65-E8D5-204F-7B909FA681D2} - (no file)
O2 - BHO: (no name) - {3BAC722D-3B91-92A8-0FE9-3C20566A242D} - (no file)
O2 - BHO: (no name) - {3C690BC2-7682-8F6C-CC10-E64826571544} - (no file)
O2 - BHO: (no name) - {41DD2595-D499-DD4F-B411-6E2F986521EA} - (no file)
O2 - BHO: (no name) - {41F19720-1BDB-49B4-8199-77C3C47E4D01} - (no file)
O2 - BHO: (no name) - {44B14A5D-EF05-8A73-645F-321A1D3DA204} - (no file)
O2 - BHO: (no name) - {44E48825-9CDA-8A48-8D27-1A169942AC4E} - (no file)
O2 - BHO: (no name) - {450A0139-EE98-149B-D4CA-65522E7424A7} - (no file)
O2 - BHO: (no name) - {45BE5D9D-A13A-9FA6-68C3-7E04D9D89E5B} - (no file)
O2 - BHO: (no name) - {4855AACF-1F8F-710E-EFAF-19B0F8EE4D1C} - (no file)
O2 - BHO: (no name) - {4CF3F22B-5DA9-5DE0-5DEB-EE4100912572} - (no file)
O2 - BHO: (no name) - {4D0ED6BF-D64D-884B-351B-E924C175C0E1} - (no file)
O2 - BHO: (no name) - {4EC009E1-A0FC-D8EC-3236-F2F50D9D6FD3} - (no file)
O2 - BHO: (no name) - {4EDC72D6-1677-BA8E-A3E9-F6CD337060DB} - (no file)
O2 - BHO: (no name) - {4FD3C147-41DE-1F3D-33EC-2D9B34788A22} - (no file)
O2 - BHO: (no name) - {507C083A-E88D-27DA-C5FD-F626D1AF475A} - (no file)
O2 - BHO: (no name) - {57D786B2-F19C-B77F-7E6B-D102D52C94FD} - (no file)
O2 - BHO: (no name) - {58A38705-CB9F-7B61-F5FA-A70899B04378} - (no file)
O2 - BHO: (no name) - {5AE87369-A8F4-B1D6-ED81-BB42DB32D81B} - (no file)
O2 - BHO: (no name) - {610207BA-E8D7-9260-B756-291184C1BFB4} - (no file)
O2 - BHO: (no name) - {62ADEB62-FF97-1F48-A5D0-543177178FB0} - (no file)
O2 - BHO: (no name) - {68EDD3F4-E8AE-FD59-74FA-262316976262} - (no file)
O2 - BHO: (no name) - {6A3DED5F-EAD0-BCC5-FEE2-722A35C44A8C} - (no file)
O2 - BHO: (no name) - {6A71EC6C-B4CA-3F01-A0DA-FA3F7B759912} - (no file)
O2 - BHO: (no name) - {6E904118-91B8-3F31-2ED7-1F02C7E6CF6E} - (no file)
O2 - BHO: (no name) - {6FCBBEF2-5ADB-ECE5-F01E-7664EE3BE486} - (no file)
O2 - BHO: (no name) - {7115B539-BB04-24CC-2B23-6827E7FC740F} - (no file)
O2 - BHO: (no name) - {76558A55-90AE-81AD-3B53-B36989DABBC7} - (no file)
O2 - BHO: (no name) - {77D6A3EB-35E9-C062-5ADD-F1EC137D83E6} - (no file)
O2 - BHO: (no name) - {7970E706-D02D-A73A-7C76-6016BB2C1460} - (no file)
O2 - BHO: (no name) - {7D04D26C-C5D0-B880-1491-9D484DA65FEC} - (no file)
O2 - BHO: (no name) - {7E2B26C6-E6A8-572A-26C8-F00ACBFAF0DA} - (no file)
O2 - BHO: (no name) - {7E2E424C-CA3E-2380-8EDE-6E1143E54FD8} - (no file)
O2 - BHO: (no name) - {8431D630-BFFA-E427-E86A-AD42E33BE040} - (no file)
O2 - BHO: (no name) - {8674F6CD-EB6E-CD07-FBE1-506F82436CC8} - (no file)
O2 - BHO: (no name) - {89ADEF4E-3F32-427D-B343-75CD9B63CFF6} - (no file)
O2 - BHO: (no name) - {8F3008A1-7126-63E7-0B58-6CB6D22878A1} - (no file)
O2 - BHO: (no name) - {908769E2-4A81-1229-AF77-095E926EDFCB} - (no file)
O2 - BHO: (no name) - {9125713D-ABCD-6F47-1A15-550E5B5622AF} - (no file)
O2 - BHO: (no name) - {9283B90B-6824-9F8C-CDEE-A26195750B35} - (no file)
O2 - BHO: (no name) - {93587622-0E15-2933-A432-4FC8AFF51981} - (no file)
O2 - BHO: (no name) - {93708BF8-2057-AA22-138B-2C7F00B78D7B} - (no file)
O2 - BHO: (no name) - {943544B1-5A24-1DF9-55CE-89DC02154188} - (no file)
O2 - BHO: (no name) - {95B60120-83F3-6EE8-F150-763CFEC0137D} - (no file)
O2 - BHO: (no name) - {972C70DC-3F58-38DC-719C-265704EEF8A0} - (no file)
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: (no name) - {9DB2564C-B368-0DA1-BB00-6F46F0DD9CD2} - (no file)
O2 - BHO: (no name) - {9FDEC173-21F7-980A-124F-9D55C74F77FE} - (no file)
O2 - BHO: (no name) - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - (no file)
O2 - BHO: (no name) - {A3C660FF-DEAB-ECF0-02FE-C8DC9874C708} - (no file)
O2 - BHO: (no name) - {A493684E-9B4F-2C08-E3D3-1677B7786D2B} - (no file)
O2 - BHO: (no name) - {A5173620-80DD-1801-61F5-64E05A1BC94E} - (no file)
O2 - BHO: (no name) - {A5D041F1-3116-D1DA-4877-515DA73CA3B5} - (no file)
O2 - BHO: (no name) - {A5F02AA1-E33B-02E2-EE38-6C66F5363B53} - (no file)
O2 - BHO: (no name) - {A7463545-A0D8-73A1-95B5-1803A21D325B} - (no file)
O2 - BHO: (no name) - {A77FEE92-1430-913D-80DE-70C0D45457FE} - (no file)
O2 - BHO: (no name) - {A9C2FD6D-46F4-42AA-9928-C3DEE310A934} - (no file)
O2 - BHO: (no name) - {AA3DFBA3-794F-4010-B3F3-C48392777851} - (no file)
O2 - BHO: (no name) - {AAEAF0EF-4CCD-6801-830D-30AC3AB7C39B} - (no file)
O2 - BHO: (no name) - {AEF31B04-E4D2-E8D3-9366-37404CC10854} - (no file)
O2 - BHO: (no name) - {AF451484-05EA-655A-4EE7-4B4F9A677388} - (no file)
O2 - BHO: (no name) - {B04ECF18-A7FE-A8BD-02D3-D4A77E6732EF} - (no file)
O2 - BHO: (no name) - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - (no file)
O2 - BHO: (no name) - {B4A89AC1-01DB-2590-AA18-58102CF0CE73} - (no file)
O2 - BHO: (no name) - {B6EFF8ED-FE91-D486-61D0-EF55DD5220AC} - (no file)
O2 - BHO: (no name) - {B86BEFD1-FD7B-BF76-1007-90B9084541C0} - (no file)
O2 - BHO: (no name) - {BD6D3515-13C8-89DB-38D3-4630B615B324} - (no file)
O2 - BHO: (no name) - {C0B6C5F3-C5FC-DCC2-FD6D-1F16A65205BA} - (no file)
O2 - BHO: (no name) - {C17630F0-44D4-91C7-ECCD-5C43EB80D769} - (no file)
O2 - BHO: (no name) - {C1A41FA6-75A9-208D-8DC5-1020AE6270B6} - (no file)
O2 - BHO: (no name) - {C69B1F3A-4663-8432-FEB2-965058C8B817} - (no file)
O2 - BHO: (no name) - {D40716D3-6A48-428B-C2E2-B255F3EB8167} - (no file)
O2 - BHO: (no name) - {D544B225-4B6F-E902-1009-572A992C0C2D} - (no file)
O2 - BHO: (no name) - {D82EE588-4BCA-D64F-594D-C86A9AAE64BF} - (no file)
O2 - BHO: (no name) - {D83E8454-F737-08C7-6BBB-9567C0B82257} - (no file)
O2 - BHO: (no name) - {DABFF8C3-DF48-F11C-290D-D7CD732B35CC} - (no file)
O2 - BHO: (no name) - {DD044C97-E237-CDA4-B4E1-F2933683BE38} - (no file)
O2 - BHO: (no name) - {E235E7F2-50B6-8BB5-7373-BEF349F0423C} - (no file)
O2 - BHO: (no name) - {E2EFAFF5-340E-A0DE-D25A-7AF4C9F82536} - (no file)
O2 - BHO: (no name) - {E3A394DC-5804-B13F-0871-B5BBEB258C5E} - (no file)
O2 - BHO: (no name) - {E4619879-B07F-005E-F203-9FEE8EA8D4A8} - (no file)
O2 - BHO: (no name) - {E5AEC6A2-E0DA-BCCF-46E8-C8D57F1BAB09} - (no file)
O2 - BHO: (no name) - {E744D294-2AA6-B5FC-A3C2-48601F4CDCDD} - (no file)
O2 - BHO: (no name) - {EAB92D78-0DD3-8A5E-CA0A-36AA7566EC41} - (no file)
O2 - BHO: (no name) - {EDA47566-FF22-C6CB-022E-9E5BA4649C49} - (no file)
O2 - BHO: (no name) - {EE2A819A-7B6D-3396-6030-52CEC509153A} - (no file)
O2 - BHO: (no name) - {EE5C5E5D-1391-F15D-C214-27CF50897C22} - (no file)
O2 - BHO: (no name) - {EE7D83AF-7B9D-6B09-3E59-713C735C30F9} - (no file)
O2 - BHO: (no name) - {EF575F1A-1A18-7B87-F4D8-13A1763ADD3C} - (no file)
O2 - BHO: (no name) - {EFF0DA76-9796-3B9F-3EC2-35A88D1F24F6} - (no file)
O2 - BHO: (no name) - {F1895589-F7BC-679C-6B28-F8543FF20375} - (no file)
O2 - BHO: (no name) - {F2AEE8C6-488F-FB83-41DC-7207FA4758DF} - (no file)
O2 - BHO: (no name) - {F30D52D3-63DC-8C5D-5F20-2855D0649A73} - (no file)
O2 - BHO: (no name) - {F9CE4E9E-3BBE-0D76-2070-5593678A3953} - (no file)
O2 - BHO: (no name) - {FA239BAA-E441-30B6-0ABB-3EAAF567B877} - (no file)
O2 - BHO: (no name) - {FBA75B83-8BB1-572B-E746-D7AA2D568491} - (no file)
O2 - BHO: (no name) - {FF455AC6-FB2E-6A66-8E0D-2CA0A8C97D68} - (no file)
O2 - BHO: (no name) - {FF56B561-EE03-788D-F628-1F9CD8262ABA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\System32\Utility.exe \1008
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] "C:\Program Files\AGEIA Technologies\TrayIcon.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scann...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

a b 8 Sécurité
9 Décembre 2006 16:02:45

Re,

Télécharge Smitfraudfix
Enregistre-le sur la racine de ton disque dur C:.
Lance SmitfraudFix.exe (le .exe peut ne pas apparaitre).
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.

NOTE :
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Citation :
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation


Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:

C:\WINDOWS\SYSTEM32\KDWOY.EXE

Clique ensuite sur Send
Poste le rapport en fin d'analyse.

Si tu vois ce message:
" Your file " ***.*** " is queued in position: ***. Estimated start time is between *** and *** minutes. "
Il te faudra patienter.

9 Décembre 2006 16:13:58

SmitFraudFix v2.128

Rapport fait à 16:02:52,15, sam. 09/12/2006
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Pierre


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Pierre\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Pierre\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

omplete scanning result of "KDWOY.EXE", received in VirusTotal at 12.09.2006, 16:07:50 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.49 12.08.2006 TR/Dldr.DNSChanger.Gen
Authentium 4.93.8 12.08.2006 could be a corrupted executable file
Avast 4.7.892.0 12.08.2006 no virus found
AVG 386 12.08.2006 no virus found
BitDefender 7.2 12.09.2006 MemScan:Trojan.Downloader.Zlob.RO
CAT-QuickHeal 8.00 12.09.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 12.09.2006 no virus found
DrWeb 4.33 12.09.2006 Trojan.DnsChange
eSafe 7.0.14.0 12.07.2006 Win32.Polipos.sus
eTrust-InoculateIT 23.73.81 12.09.2006 no virus found
eTrust-Vet 30.3.3238 12.08.2006 Win32/Alureon!generic
Ewido 4.0 12.09.2006 Downloader.Zlob.aty
Fortinet 2.82.0.0 12.09.2006 W32/Zlob.GI!tr
F-Prot 3.16f 12.08.2006 Possibly a new variant of W32/new-malware!Maximus
F-Prot4 4.2.1.29 12.08.2006 W32/new-malware!Maximus
Ikarus T3.1.0.26 12.07.2006 Trojan.DnsChange
Kaspersky 4.0.2.24 12.09.2006 Trojan.Win32.DNSChanger.gi
McAfee 4914 12.08.2006 no virus found
Microsoft 1.1804 12.09.2006 no virus found
NOD32v2 1912 12.09.2006 a variant of Win32/TrojanDownloader.Zlob
Norman 5.80.02 12.08.2006 no virus found
Panda 9.0.0.4 12.09.2006 Suspicious file
Prevx1 V2 12.09.2006 no virus found
Sophos 4.12.0 12.08.2006 Troj/Zlob-VH
Sunbelt 2.2.907.0 11.30.2006 VIPRE.Suspicious
TheHacker 6.0.3.130 12.06.2006 no virus found
UNA 1.83 12.08.2006 Trojan.Win32.DNSChanger.81EA
VBA32 3.11.1 12.08.2006 Trojan.DnsChange
VirusBuster 4.3.15:9 12.09.2006 no virus found

Aditional Information
File size: 63561 bytes
MD5: 6e27fc60734be1b3fec3bd11a4448ca5
SHA1: 424cb32138093a6c6cc8270a957906dc1562ce92
packers: PECRYPT
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.
9 Décembre 2006 16:14:17

merci pour ton aide ;) 
a b 8 Sécurité
9 Décembre 2006 17:03:16

Re,

Supprime ce fichier :
C:\WINDOWS\SYSTEM32\KDWOY.EXE

Puis fixe ces lignes :

O2 - BHO: (no name) - {03733AEC-1A45-E742-4F5D-9544EFE63FE9} - (no file)
O2 - BHO: (no name) - {04A2CA19-69CB-6234-29E3-85CCFE6F5405} - (no file)
O2 - BHO: (no name) - {0654286F-861C-D256-AA45-D626029CD074} - (no file)
O2 - BHO: (no name) - {089ABD91-26C6-7AA0-2AB0-C46C5C3AF77F} - (no file)
O2 - BHO: (no name) - {0AC5D5FC-CDEA-D4D6-2A99-1B6A091210B5} - (no file)
O2 - BHO: (no name) - {0ADEDB63-B002-AD03-B35E-50A7032C9436} - (no file)
O2 - BHO: (no name) - {0E94A448-F010-22AC-4627-6BCC175C147B} - (no file)
O2 - BHO: (no name) - {0F97ADD7-AD8D-6BF8-1F9C-07FA16D0FFA3} - (no file)
O2 - BHO: (no name) - {10FEB7E7-4A2D-6D1F-3B9F-8F9FEE32D825} - (no file)
O2 - BHO: (no name) - {12899B2B-DA72-DAA3-33E7-18D55F24E119} - (no file)
O2 - BHO: (no name) - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - (no file)
O2 - BHO: (no name) - {153AF5DA-EFD3-6F8C-0B4C-4FB02091E83D} - (no file)
O2 - BHO: (no name) - {16BD821E-5751-423E-4850-6CC5D07FECD8} - (no file)
O2 - BHO: (no name) - {197A8D26-DFA5-F761-1F4B-4A8703447597} - (no file)
O2 - BHO: (no name) - {1A478816-E063-0971-D763-1BABBFD87872} - (no file)
O2 - BHO: (no name) - {1BD58A3D-D84D-3006-CA07-81714822BEDB} - (no file)
O2 - BHO: (no name) - {1BF1DFBE-EFEE-094D-4B4A-A1B0633959B8} - (no file)
O2 - BHO: (no name) - {1EA1894C-86D6-8970-CC33-F7AD038B13C4} - (no file)
O2 - BHO: (no name) - {1EC115CF-1A9E-A037-A1A3-661E0F314632} - (no file)
O2 - BHO: (no name) - {229D2295-EABB-729C-CF01-0FEA1A13D1A2} - (no file)
O2 - BHO: (no name) - {2344D7E7-CE38-897A-FF8F-1D623F27EA1C} - (no file)
O2 - BHO: (no name) - {2536C943-1153-AD4C-300A-B4B7FF0DA8BA} - (no file)
O2 - BHO: (no name) - {29EF042A-706D-0056-6884-957B324286BA} - (no file)
O2 - BHO: (no name) - {2B2B2C0A-8F1B-89F0-6D9F-8F53718E5709} - (no file)
O2 - BHO: (no name) - {2C0AA1C9-EAD1-6D31-F171-F004D9CAEAF3} - (no file)
O2 - BHO: (no name) - {2C3AC6BD-184A-72AA-AA76-FD625963E408} - (no file)
O2 - BHO: (no name) - {2D9FBBF6-B32B-BF80-0139-69FF4513F4FE} - (no file)
O2 - BHO: (no name) - {2ECE8A5F-7B88-0E3A-7B26-178AA424B2CF} - (no file)
O2 - BHO: (no name) - {2FC63E7D-B1AD-A15E-08BB-3F44B89C3C38} - (no file)
O2 - BHO: (no name) - {30CF258B-877E-D68F-75DB-04254FA4477D} - (no file)
O2 - BHO: (no name) - {36FD485F-4C65-E8D5-204F-7B909FA681D2} - (no file)
O2 - BHO: (no name) - {3BAC722D-3B91-92A8-0FE9-3C20566A242D} - (no file)
O2 - BHO: (no name) - {3C690BC2-7682-8F6C-CC10-E64826571544} - (no file)
O2 - BHO: (no name) - {41DD2595-D499-DD4F-B411-6E2F986521EA} - (no file)
O2 - BHO: (no name) - {41F19720-1BDB-49B4-8199-77C3C47E4D01} - (no file)
O2 - BHO: (no name) - {44B14A5D-EF05-8A73-645F-321A1D3DA204} - (no file)
O2 - BHO: (no name) - {44E48825-9CDA-8A48-8D27-1A169942AC4E} - (no file)
O2 - BHO: (no name) - {450A0139-EE98-149B-D4CA-65522E7424A7} - (no file)
O2 - BHO: (no name) - {45BE5D9D-A13A-9FA6-68C3-7E04D9D89E5B} - (no file)
O2 - BHO: (no name) - {4855AACF-1F8F-710E-EFAF-19B0F8EE4D1C} - (no file)
O2 - BHO: (no name) - {4CF3F22B-5DA9-5DE0-5DEB-EE4100912572} - (no file)
O2 - BHO: (no name) - {4D0ED6BF-D64D-884B-351B-E924C175C0E1} - (no file)
O2 - BHO: (no name) - {4EC009E1-A0FC-D8EC-3236-F2F50D9D6FD3} - (no file)
O2 - BHO: (no name) - {4EDC72D6-1677-BA8E-A3E9-F6CD337060DB} - (no file)
O2 - BHO: (no name) - {4FD3C147-41DE-1F3D-33EC-2D9B34788A22} - (no file)
O2 - BHO: (no name) - {507C083A-E88D-27DA-C5FD-F626D1AF475A} - (no file)
O2 - BHO: (no name) - {57D786B2-F19C-B77F-7E6B-D102D52C94FD} - (no file)
O2 - BHO: (no name) - {58A38705-CB9F-7B61-F5FA-A70899B04378} - (no file)
O2 - BHO: (no name) - {5AE87369-A8F4-B1D6-ED81-BB42DB32D81B} - (no file)
O2 - BHO: (no name) - {610207BA-E8D7-9260-B756-291184C1BFB4} - (no file)
O2 - BHO: (no name) - {62ADEB62-FF97-1F48-A5D0-543177178FB0} - (no file)
O2 - BHO: (no name) - {68EDD3F4-E8AE-FD59-74FA-262316976262} - (no file)
O2 - BHO: (no name) - {6A3DED5F-EAD0-BCC5-FEE2-722A35C44A8C} - (no file)
O2 - BHO: (no name) - {6A71EC6C-B4CA-3F01-A0DA-FA3F7B759912} - (no file)
O2 - BHO: (no name) - {6E904118-91B8-3F31-2ED7-1F02C7E6CF6E} - (no file)
O2 - BHO: (no name) - {6FCBBEF2-5ADB-ECE5-F01E-7664EE3BE486} - (no file)
O2 - BHO: (no name) - {7115B539-BB04-24CC-2B23-6827E7FC740F} - (no file)
O2 - BHO: (no name) - {76558A55-90AE-81AD-3B53-B36989DABBC7} - (no file)
O2 - BHO: (no name) - {77D6A3EB-35E9-C062-5ADD-F1EC137D83E6} - (no file)
O2 - BHO: (no name) - {7970E706-D02D-A73A-7C76-6016BB2C1460} - (no file)
O2 - BHO: (no name) - {7D04D26C-C5D0-B880-1491-9D484DA65FEC} - (no file)
O2 - BHO: (no name) - {7E2B26C6-E6A8-572A-26C8-F00ACBFAF0DA} - (no file)
O2 - BHO: (no name) - {7E2E424C-CA3E-2380-8EDE-6E1143E54FD8} - (no file)
O2 - BHO: (no name) - {8431D630-BFFA-E427-E86A-AD42E33BE040} - (no file)
O2 - BHO: (no name) - {8674F6CD-EB6E-CD07-FBE1-506F82436CC8} - (no file)
O2 - BHO: (no name) - {89ADEF4E-3F32-427D-B343-75CD9B63CFF6} - (no file)
O2 - BHO: (no name) - {8F3008A1-7126-63E7-0B58-6CB6D22878A1} - (no file)
O2 - BHO: (no name) - {908769E2-4A81-1229-AF77-095E926EDFCB} - (no file)
O2 - BHO: (no name) - {9125713D-ABCD-6F47-1A15-550E5B5622AF} - (no file)
O2 - BHO: (no name) - {9283B90B-6824-9F8C-CDEE-A26195750B35} - (no file)
O2 - BHO: (no name) - {93587622-0E15-2933-A432-4FC8AFF51981} - (no file)
O2 - BHO: (no name) - {93708BF8-2057-AA22-138B-2C7F00B78D7B} - (no file)
O2 - BHO: (no name) - {943544B1-5A24-1DF9-55CE-89DC02154188} - (no file)
O2 - BHO: (no name) - {95B60120-83F3-6EE8-F150-763CFEC0137D} - (no file)
O2 - BHO: (no name) - {972C70DC-3F58-38DC-719C-265704EEF8A0} - (no file)
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: (no name) - {9DB2564C-B368-0DA1-BB00-6F46F0DD9CD2} - (no file)
O2 - BHO: (no name) - {9FDEC173-21F7-980A-124F-9D55C74F77FE} - (no file)
O2 - BHO: (no name) - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - (no file)
O2 - BHO: (no name) - {A3C660FF-DEAB-ECF0-02FE-C8DC9874C708} - (no file)
O2 - BHO: (no name) - {A493684E-9B4F-2C08-E3D3-1677B7786D2B} - (no file)
O2 - BHO: (no name) - {A5173620-80DD-1801-61F5-64E05A1BC94E} - (no file)
O2 - BHO: (no name) - {A5D041F1-3116-D1DA-4877-515DA73CA3B5} - (no file)
O2 - BHO: (no name) - {A5F02AA1-E33B-02E2-EE38-6C66F5363B53} - (no file)
O2 - BHO: (no name) - {A7463545-A0D8-73A1-95B5-1803A21D325B} - (no file)
O2 - BHO: (no name) - {A77FEE92-1430-913D-80DE-70C0D45457FE} - (no file)
O2 - BHO: (no name) - {A9C2FD6D-46F4-42AA-9928-C3DEE310A934} - (no file)
O2 - BHO: (no name) - {AA3DFBA3-794F-4010-B3F3-C48392777851} - (no file)
O2 - BHO: (no name) - {AAEAF0EF-4CCD-6801-830D-30AC3AB7C39B} - (no file)
O2 - BHO: (no name) - {AEF31B04-E4D2-E8D3-9366-37404CC10854} - (no file)
O2 - BHO: (no name) - {AF451484-05EA-655A-4EE7-4B4F9A677388} - (no file)
O2 - BHO: (no name) - {B04ECF18-A7FE-A8BD-02D3-D4A77E6732EF} - (no file)
O2 - BHO: (no name) - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - (no file)
O2 - BHO: (no name) - {B4A89AC1-01DB-2590-AA18-58102CF0CE73} - (no file)
O2 - BHO: (no name) - {B6EFF8ED-FE91-D486-61D0-EF55DD5220AC} - (no file)
O2 - BHO: (no name) - {B86BEFD1-FD7B-BF76-1007-90B9084541C0} - (no file)
O2 - BHO: (no name) - {BD6D3515-13C8-89DB-38D3-4630B615B324} - (no file)
O2 - BHO: (no name) - {C0B6C5F3-C5FC-DCC2-FD6D-1F16A65205BA} - (no file)
O2 - BHO: (no name) - {C17630F0-44D4-91C7-ECCD-5C43EB80D769} - (no file)
O2 - BHO: (no name) - {C1A41FA6-75A9-208D-8DC5-1020AE6270B6} - (no file)
O2 - BHO: (no name) - {C69B1F3A-4663-8432-FEB2-965058C8B817} - (no file)
O2 - BHO: (no name) - {D40716D3-6A48-428B-C2E2-B255F3EB8167} - (no file)
O2 - BHO: (no name) - {D544B225-4B6F-E902-1009-572A992C0C2D} - (no file)
O2 - BHO: (no name) - {D82EE588-4BCA-D64F-594D-C86A9AAE64BF} - (no file)
O2 - BHO: (no name) - {D83E8454-F737-08C7-6BBB-9567C0B82257} - (no file)
O2 - BHO: (no name) - {DABFF8C3-DF48-F11C-290D-D7CD732B35CC} - (no file)
O2 - BHO: (no name) - {DD044C97-E237-CDA4-B4E1-F2933683BE38} - (no file)
O2 - BHO: (no name) - {E235E7F2-50B6-8BB5-7373-BEF349F0423C} - (no file)
O2 - BHO: (no name) - {E2EFAFF5-340E-A0DE-D25A-7AF4C9F82536} - (no file)
O2 - BHO: (no name) - {E3A394DC-5804-B13F-0871-B5BBEB258C5E} - (no file)
O2 - BHO: (no name) - {E4619879-B07F-005E-F203-9FEE8EA8D4A8} - (no file)
O2 - BHO: (no name) - {E5AEC6A2-E0DA-BCCF-46E8-C8D57F1BAB09} - (no file)
O2 - BHO: (no name) - {E744D294-2AA6-B5FC-A3C2-48601F4CDCDD} - (no file)
O2 - BHO: (no name) - {EAB92D78-0DD3-8A5E-CA0A-36AA7566EC41} - (no file)
O2 - BHO: (no name) - {EDA47566-FF22-C6CB-022E-9E5BA4649C49} - (no file)
O2 - BHO: (no name) - {EE2A819A-7B6D-3396-6030-52CEC509153A} - (no file)
O2 - BHO: (no name) - {EE5C5E5D-1391-F15D-C214-27CF50897C22} - (no file)
O2 - BHO: (no name) - {EE7D83AF-7B9D-6B09-3E59-713C735C30F9} - (no file)
O2 - BHO: (no name) - {EF575F1A-1A18-7B87-F4D8-13A1763ADD3C} - (no file)
O2 - BHO: (no name) - {EFF0DA76-9796-3B9F-3EC2-35A88D1F24F6} - (no file)
O2 - BHO: (no name) - {F1895589-F7BC-679C-6B28-F8543FF20375} - (no file)
O2 - BHO: (no name) - {F2AEE8C6-488F-FB83-41DC-7207FA4758DF} - (no file)
O2 - BHO: (no name) - {F30D52D3-63DC-8C5D-5F20-2855D0649A73} - (no file)
O2 - BHO: (no name) - {F9CE4E9E-3BBE-0D76-2070-5593678A3953} - (no file)
O2 - BHO: (no name) - {FA239BAA-E441-30B6-0ABB-3EAAF567B877} - (no file)
O2 - BHO: (no name) - {FBA75B83-8BB1-572B-E746-D7AA2D568491} - (no file)
O2 - BHO: (no name) - {FF455AC6-FB2E-6A66-8E0D-2CA0A8C97D68} - (no file)
O2 - BHO: (no name) - {FF56B561-EE03-788D-F628-1F9CD8262ABA} - (no file)
9 Décembre 2006 17:23:00

petit problme je trouve pas le fichier
a b 8 Sécurité
9 Décembre 2006 17:38:22

Tu l'as bien ouvert avec VirusTotal ?
Il est au même endroit.
9 Décembre 2006 17:44:10

je fais copier coller dans virus total mais quand je veux le cherche dans le system 32 il y est pas
a b 8 Sécurité
9 Décembre 2006 17:45:44

Re,

Télécharge KillBox d'Option^Explicit.

Dézippe le dans un dossier ou sur ton bureau (Clique droit puis Extraire Tout).
Selectionne le texte dans le cadre :

Citation :
C:\WINDOWS\SYSTEM32\KDWOY.EXE


---> Clique Droit puis Copier.
----------

-- Ouvre Killbox.exe
-- Choisis "Delete on reboot"
-- Clique sur :
- " File " -> " Paste from Clipboard "

Pour terminer clique sur [:angeldark:3].

Une question te sera alors posée :
" File will be Removed on Reboot, Do you want to reboot now ? "

-- Répond par OUI, un compte à rebour s'enclenche, ton PC va redémarrer.
-- Après redémarrage, relance Killbox puis clique sur le menu Files -> Logq -> Actions History Log :
Poste le rapport ici.

NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!"
Redémarre ton PC manuellement.

AIDE : Tuto sur KillBox (Jesses)
9 Décembre 2006 17:46:20

je fais copier coller dans virus total mais quand je veux le cherche dans le system 32 il y est pas
a b 8 Sécurité
9 Décembre 2006 17:46:52

Tu as raté mon message.
9 Décembre 2006 17:51:28

je fais copier coller dans virus total mais quand je veux le cherche dans le system 32 il y est pas
a b 8 Sécurité
9 Décembre 2006 17:54:27

Tu ne vois pas mon post sur KillBox ??
9 Décembre 2006 18:03:52

a oui excuse je fais ca
10 Décembre 2006 10:39:01

voila c fai mais j ai du mal je sais pas si j ai fai correctement
10 Décembre 2006 10:58:56

Juste pour vous dire, ça prend du temps, quand on s'y connais pas en plus ça peu fiche la trouille de se gourer mais c'est génial d'avoir des gens comme vous qui nous aident! Merci! ;) 

Bonne chance kahouna !
a b 8 Sécurité
10 Décembre 2006 18:31:35

Re,

Le rapport Killbox ?
10 Décembre 2006 18:36:54

Pocket Killbox version 2.0.0.648
Running on Windows XP as Pierre(Administrator)
was started @ samedi, décembre 09, 2006, 6:06 PM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\KDWOY.EXE


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 6:08:39 PM
Killbox Closed(Exit) @ 6:13:00 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as Pierre(Administrator)
was started @ samedi, décembre 09, 2006, 6:31 PM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\KDWOY.EX


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 6:32:52 PM
Killbox Closed(Exit) @ 6:32:53 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as Pierre(Administrator)
was started @ dimanche, décembre 10, 2006, 10:37 AM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\KDWOY.EXE


I Rebooted @ 10:40:37 AM
Killbox Closed(Exit) @ 10:40:40 AM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows XP as Pierre(Administrator)
was started @ dimanche, décembre 10, 2006, 6:32 PM

a b 8 Sécurité
10 Décembre 2006 18:41:31

Reposte un rapport Hijackthis.
10 Décembre 2006 18:42:53

Logfile of HijackThis v1.99.1
Scan saved at 18:38:38, on 10/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\divxsm.exe
C:\Documents and Settings\Pierre\Mes documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.be/0SEFRBE/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ogame.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {03733AEC-1A45-E742-4F5D-9544EFE63FE9} - (no file)
O2 - BHO: (no name) - {04A2CA19-69CB-6234-29E3-85CCFE6F5405} - (no file)
O2 - BHO: (no name) - {0654286F-861C-D256-AA45-D626029CD074} - (no file)
O2 - BHO: (no name) - {089ABD91-26C6-7AA0-2AB0-C46C5C3AF77F} - (no file)
O2 - BHO: (no name) - {0AC5D5FC-CDEA-D4D6-2A99-1B6A091210B5} - (no file)
O2 - BHO: (no name) - {0ADEDB63-B002-AD03-B35E-50A7032C9436} - (no file)
O2 - BHO: (no name) - {0E94A448-F010-22AC-4627-6BCC175C147B} - (no file)
O2 - BHO: (no name) - {0F97ADD7-AD8D-6BF8-1F9C-07FA16D0FFA3} - (no file)
O2 - BHO: (no name) - {10FEB7E7-4A2D-6D1F-3B9F-8F9FEE32D825} - (no file)
O2 - BHO: (no name) - {12899B2B-DA72-DAA3-33E7-18D55F24E119} - (no file)
O2 - BHO: (no name) - {137FBD76-C94E-29D8-CB88-FB29E07E3C8E} - (no file)
O2 - BHO: (no name) - {153AF5DA-EFD3-6F8C-0B4C-4FB02091E83D} - (no file)
O2 - BHO: (no name) - {16BD821E-5751-423E-4850-6CC5D07FECD8} - (no file)
O2 - BHO: (no name) - {197A8D26-DFA5-F761-1F4B-4A8703447597} - (no file)
O2 - BHO: (no name) - {1A478816-E063-0971-D763-1BABBFD87872} - (no file)
O2 - BHO: (no name) - {1BD58A3D-D84D-3006-CA07-81714822BEDB} - (no file)
O2 - BHO: (no name) - {1BF1DFBE-EFEE-094D-4B4A-A1B0633959B8} - (no file)
O2 - BHO: (no name) - {1EA1894C-86D6-8970-CC33-F7AD038B13C4} - (no file)
O2 - BHO: (no name) - {1EC115CF-1A9E-A037-A1A3-661E0F314632} - (no file)
O2 - BHO: (no name) - {229D2295-EABB-729C-CF01-0FEA1A13D1A2} - (no file)
O2 - BHO: (no name) - {2344D7E7-CE38-897A-FF8F-1D623F27EA1C} - (no file)
O2 - BHO: (no name) - {2536C943-1153-AD4C-300A-B4B7FF0DA8BA} - (no file)
O2 - BHO: (no name) - {29EF042A-706D-0056-6884-957B324286BA} - (no file)
O2 - BHO: (no name) - {2B2B2C0A-8F1B-89F0-6D9F-8F53718E5709} - (no file)
O2 - BHO: (no name) - {2C0AA1C9-EAD1-6D31-F171-F004D9CAEAF3} - (no file)
O2 - BHO: (no name) - {2C3AC6BD-184A-72AA-AA76-FD625963E408} - (no file)
O2 - BHO: (no name) - {2D9FBBF6-B32B-BF80-0139-69FF4513F4FE} - (no file)
O2 - BHO: (no name) - {2ECE8A5F-7B88-0E3A-7B26-178AA424B2CF} - (no file)
O2 - BHO: (no name) - {2FC63E7D-B1AD-A15E-08BB-3F44B89C3C38} - (no file)
O2 - BHO: (no name) - {30CF258B-877E-D68F-75DB-04254FA4477D} - (no file)
O2 - BHO: (no name) - {36FD485F-4C65-E8D5-204F-7B909FA681D2} - (no file)
O2 - BHO: (no name) - {3BAC722D-3B91-92A8-0FE9-3C20566A242D} - (no file)
O2 - BHO: (no name) - {3C690BC2-7682-8F6C-CC10-E64826571544} - (no file)
O2 - BHO: (no name) - {41DD2595-D499-DD4F-B411-6E2F986521EA} - (no file)
O2 - BHO: (no name) - {41F19720-1BDB-49B4-8199-77C3C47E4D01} - (no file)
O2 - BHO: (no name) - {44B14A5D-EF05-8A73-645F-321A1D3DA204} - (no file)
O2 - BHO: (no name) - {44E48825-9CDA-8A48-8D27-1A169942AC4E} - (no file)
O2 - BHO: (no name) - {450A0139-EE98-149B-D4CA-65522E7424A7} - (no file)
O2 - BHO: (no name) - {45BE5D9D-A13A-9FA6-68C3-7E04D9D89E5B} - (no file)
O2 - BHO: (no name) - {4855AACF-1F8F-710E-EFAF-19B0F8EE4D1C} - (no file)
O2 - BHO: (no name) - {4CF3F22B-5DA9-5DE0-5DEB-EE4100912572} - (no file)
O2 - BHO: (no name) - {4D0ED6BF-D64D-884B-351B-E924C175C0E1} - (no file)
O2 - BHO: (no name) - {4EC009E1-A0FC-D8EC-3236-F2F50D9D6FD3} - (no file)
O2 - BHO: (no name) - {4EDC72D6-1677-BA8E-A3E9-F6CD337060DB} - (no file)
O2 - BHO: (no name) - {4FD3C147-41DE-1F3D-33EC-2D9B34788A22} - (no file)
O2 - BHO: (no name) - {507C083A-E88D-27DA-C5FD-F626D1AF475A} - (no file)
O2 - BHO: (no name) - {57D786B2-F19C-B77F-7E6B-D102D52C94FD} - (no file)
O2 - BHO: (no name) - {58A38705-CB9F-7B61-F5FA-A70899B04378} - (no file)
O2 - BHO: (no name) - {5AE87369-A8F4-B1D6-ED81-BB42DB32D81B} - (no file)
O2 - BHO: (no name) - {610207BA-E8D7-9260-B756-291184C1BFB4} - (no file)
O2 - BHO: (no name) - {62ADEB62-FF97-1F48-A5D0-543177178FB0} - (no file)
O2 - BHO: (no name) - {68EDD3F4-E8AE-FD59-74FA-262316976262} - (no file)
O2 - BHO: (no name) - {6A3DED5F-EAD0-BCC5-FEE2-722A35C44A8C} - (no file)
O2 - BHO: (no name) - {6A71EC6C-B4CA-3F01-A0DA-FA3F7B759912} - (no file)
O2 - BHO: (no name) - {6E904118-91B8-3F31-2ED7-1F02C7E6CF6E} - (no file)
O2 - BHO: (no name) - {6FCBBEF2-5ADB-ECE5-F01E-7664EE3BE486} - (no file)
O2 - BHO: (no name) - {7115B539-BB04-24CC-2B23-6827E7FC740F} - (no file)
O2 - BHO: (no name) - {76558A55-90AE-81AD-3B53-B36989DABBC7} - (no file)
O2 - BHO: (no name) - {77D6A3EB-35E9-C062-5ADD-F1EC137D83E6} - (no file)
O2 - BHO: (no name) - {7970E706-D02D-A73A-7C76-6016BB2C1460} - (no file)
O2 - BHO: (no name) - {7D04D26C-C5D0-B880-1491-9D484DA65FEC} - (no file)
O2 - BHO: (no name) - {7E2B26C6-E6A8-572A-26C8-F00ACBFAF0DA} - (no file)
O2 - BHO: (no name) - {7E2E424C-CA3E-2380-8EDE-6E1143E54FD8} - (no file)
O2 - BHO: (no name) - {8431D630-BFFA-E427-E86A-AD42E33BE040} - (no file)
O2 - BHO: (no name) - {8674F6CD-EB6E-CD07-FBE1-506F82436CC8} - (no file)
O2 - BHO: (no name) - {89ADEF4E-3F32-427D-B343-75CD9B63CFF6} - (no file)
O2 - BHO: (no name) - {8F3008A1-7126-63E7-0B58-6CB6D22878A1} - (no file)
O2 - BHO: (no name) - {908769E2-4A81-1229-AF77-095E926EDFCB} - (no file)
O2 - BHO: (no name) - {9125713D-ABCD-6F47-1A15-550E5B5622AF} - (no file)
O2 - BHO: (no name) - {9283B90B-6824-9F8C-CDEE-A26195750B35} - (no file)
O2 - BHO: (no name) - {93587622-0E15-2933-A432-4FC8AFF51981} - (no file)
O2 - BHO: (no name) - {93708BF8-2057-AA22-138B-2C7F00B78D7B} - (no file)
O2 - BHO: (no name) - {943544B1-5A24-1DF9-55CE-89DC02154188} - (no file)
O2 - BHO: (no name) - {95B60120-83F3-6EE8-F150-763CFEC0137D} - (no file)
O2 - BHO: (no name) - {972C70DC-3F58-38DC-719C-265704EEF8A0} - (no file)
O2 - BHO: (no name) - {9AC37E11-63C7-D3E6-8EAE-1319DCCFBDC1} - (no file)
O2 - BHO: (no name) - {9DB2564C-B368-0DA1-BB00-6F46F0DD9CD2} - (no file)
O2 - BHO: (no name) - {9FDEC173-21F7-980A-124F-9D55C74F77FE} - (no file)
O2 - BHO: (no name) - {A39786E1-B3F2-5AA0-9792-D30FF78E0B7B} - (no file)
O2 - BHO: (no name) - {A3C660FF-DEAB-ECF0-02FE-C8DC9874C708} - (no file)
O2 - BHO: (no name) - {A493684E-9B4F-2C08-E3D3-1677B7786D2B} - (no file)
O2 - BHO: (no name) - {A5173620-80DD-1801-61F5-64E05A1BC94E} - (no file)
O2 - BHO: (no name) - {A5D041F1-3116-D1DA-4877-515DA73CA3B5} - (no file)
O2 - BHO: (no name) - {A5F02AA1-E33B-02E2-EE38-6C66F5363B53} - (no file)
O2 - BHO: (no name) - {A7463545-A0D8-73A1-95B5-1803A21D325B} - (no file)
O2 - BHO: (no name) - {A77FEE92-1430-913D-80DE-70C0D45457FE} - (no file)
O2 - BHO: (no name) - {A9C2FD6D-46F4-42AA-9928-C3DEE310A934} - (no file)
O2 - BHO: (no name) - {AA3DFBA3-794F-4010-B3F3-C48392777851} - (no file)
O2 - BHO: (no name) - {AAEAF0EF-4CCD-6801-830D-30AC3AB7C39B} - (no file)
O2 - BHO: (no name) - {AEF31B04-E4D2-E8D3-9366-37404CC10854} - (no file)
O2 - BHO: (no name) - {AF451484-05EA-655A-4EE7-4B4F9A677388} - (no file)
O2 - BHO: (no name) - {B04ECF18-A7FE-A8BD-02D3-D4A77E6732EF} - (no file)
O2 - BHO: (no name) - {B1C3A465-BE37-C89D-C0DE-5220C1228514} - (no file)
O2 - BHO: (no name) - {B4A89AC1-01DB-2590-AA18-58102CF0CE73} - (no file)
O2 - BHO: (no name) - {B6EFF8ED-FE91-D486-61D0-EF55DD5220AC} - (no file)
O2 - BHO: (no name) - {B86BEFD1-FD7B-BF76-1007-90B9084541C0} - (no file)
O2 - BHO: (no name) - {BD6D3515-13C8-89DB-38D3-4630B615B324} - (no file)
O2 - BHO: (no name) - {C0B6C5F3-C5FC-DCC2-FD6D-1F16A65205BA} - (no file)
O2 - BHO: (no name) - {C17630F0-44D4-91C7-ECCD-5C43EB80D769} - (no file)
O2 - BHO: (no name) - {C1A41FA6-75A9-208D-8DC5-1020AE6270B6} - (no file)
O2 - BHO: (no name) - {C69B1F3A-4663-8432-FEB2-965058C8B817} - (no file)
O2 - BHO: (no name) - {D40716D3-6A48-428B-C2E2-B255F3EB8167} - (no file)
O2 - BHO: (no name) - {D544B225-4B6F-E902-1009-572A992C0C2D} - (no file)
O2 - BHO: (no name) - {D82EE588-4BCA-D64F-594D-C86A9AAE64BF} - (no file)
O2 - BHO: (no name) - {D83E8454-F737-08C7-6BBB-9567C0B82257} - (no file)
O2 - BHO: (no name) - {DABFF8C3-DF48-F11C-290D-D7CD732B35CC} - (no file)
O2 - BHO: (no name) - {DD044C97-E237-CDA4-B4E1-F2933683BE38} - (no file)
O2 - BHO: (no name) - {E235E7F2-50B6-8BB5-7373-BEF349F0423C} - (no file)
O2 - BHO: (no name) - {E2EFAFF5-340E-A0DE-D25A-7AF4C9F82536} - (no file)
O2 - BHO: (no name) - {E3A394DC-5804-B13F-0871-B5BBEB258C5E} - (no file)
O2 - BHO: (no name) - {E4619879-B07F-005E-F203-9FEE8EA8D4A8} - (no file)
O2 - BHO: (no name) - {E5AEC6A2-E0DA-BCCF-46E8-C8D57F1BAB09} - (no file)
O2 - BHO: (no name) - {E744D294-2AA6-B5FC-A3C2-48601F4CDCDD} - (no file)
O2 - BHO: (no name) - {EAB92D78-0DD3-8A5E-CA0A-36AA7566EC41} - (no file)
O2 - BHO: (no name) - {EDA47566-FF22-C6CB-022E-9E5BA4649C49} - (no file)
O2 - BHO: (no name) - {EE2A819A-7B6D-3396-6030-52CEC509153A} - (no file)
O2 - BHO: (no name) - {EE5C5E5D-1391-F15D-C214-27CF50897C22} - (no file)
O2 - BHO: (no name) - {EE7D83AF-7B9D-6B09-3E59-713C735C30F9} - (no file)
O2 - BHO: (no name) - {EF575F1A-1A18-7B87-F4D8-13A1763ADD3C} - (no file)
O2 - BHO: (no name) - {EFF0DA76-9796-3B9F-3EC2-35A88D1F24F6} - (no file)
O2 - BHO: (no name) - {F1895589-F7BC-679C-6B28-F8543FF20375} - (no file)
O2 - BHO: (no name) - {F2AEE8C6-488F-FB83-41DC-7207FA4758DF} - (no file)
O2 - BHO: (no name) - {F30D52D3-63DC-8C5D-5F20-2855D0649A73} - (no file)
O2 - BHO: (no name) - {F9CE4E9E-3BBE-0D76-2070-5593678A3953} - (no file)
O2 - BHO: (no name) - {FA239BAA-E441-30B6-0ABB-3EAAF567B877} - (no file)
O2 - BHO: (no name) - {FBA75B83-8BB1-572B-E746-D7AA2D568491} - (no file)
O2 - BHO: (no name) - {FF455AC6-FB2E-6A66-8E0D-2CA0A8C97D68} - (no file)
O2 - BHO: (no name) - {FF56B561-EE03-788D-F628-1F9CD8262ABA} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CloseDNF] C:\WINDOWS\System32\Utility.exe \1008
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] "C:\Program Files\AGEIA Technologies\TrayIcon.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scann...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS