Hijack this probleme elit bar et connection
Fermé
jonathan
-
13 févr. 2005 à 21:30
balltrap34 Messages postés 16240 Date d'inscription jeudi 8 janvier 2004 Statut Contributeur sécurité Dernière intervention 28 novembre 2009 - 17 mars 2005 à 23:56
balltrap34 Messages postés 16240 Date d'inscription jeudi 8 janvier 2004 Statut Contributeur sécurité Dernière intervention 28 novembre 2009 - 17 mars 2005 à 23:56
A voir également:
- Hijack this probleme elit bar et connection
- Gmail connection - Guide
- Hotmail connection - Guide
- Facebook connection - Guide
- Google bar - Télécharger - Navigateurs
- Batterie bar - Télécharger - Informations & Diagnostic
5 réponses
salut
essaie déjà ceci
Désinstaller SearchMiracle
Aller sur http://www.searchmiracle.com/uninstall.exe dans le bas de page il y a l’uninstall
puis refais un log HijackThis
a+
essaie déjà ceci
Désinstaller SearchMiracle
Aller sur http://www.searchmiracle.com/uninstall.exe dans le bas de page il y a l’uninstall
puis refais un log HijackThis
a+
balltrap34
Messages postés
16240
Date d'inscription
jeudi 8 janvier 2004
Statut
Contributeur sécurité
Dernière intervention
28 novembre 2009
331
13 févr. 2005 à 21:51
13 févr. 2005 à 21:51
salut
telecharge ceci
http://www.majorgeeks.com/download4465.html
ont l utiliserat apres
ensuite relance hijack coche ces lignes et clik sur fix
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [sBGE] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [sssasas32] C:\WINDOWS\sssasas.exe32
O4 - HKLM\..\Run: [SheduIer] C:\WINDOWS\msexploren.exe /i
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [nvsvca32] C:\WINDOWS\nvsvca32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
recherche et vire tous les exe des lignes 04 que je t ai mis
lance le programme que je t ai fait telecharger
pour ceci c est toi qui a mis cela
O4 - HKLM\..\Run: [antiware] C:\windows\system32\elitezhb32.exe
O4 - HKLM\..\RunOnce: [DelIE4dir] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir2] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir3] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\internet explorer
O4 - HKLM\..\RunOnce: [DelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\uninstall information
O4 - HKLM\..\RunOnce: [DelCatrootdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\catroot
O4 - HKLM\..\RunOnce: [DelCookiesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cookies
O4 - HKLM\..\RunOnce: [DelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\history
O4 - HKLM\..\RunOnce: [DelDownloaddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\downloaded program files
O4 - HKLM\..\RunOnce: [DelSubscripdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\subscriptions
O4 - HKLM\..\RunOnce: [DelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\application data\microsoft\welcome
O4 - HKLM\..\RunOnce: [DelTempIFilesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\temporary internet files
O4 - HKLM\..\RunOnce: [DelJavadir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\java
O4 - HKLM\..\RunOnce: [DelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online services
O4 - HKLM\..\RunOnce: [DelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\online services
O4 - HKLM\..\RunOnce: [Deldownloadtmp] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\msdownld.tmp
O4 - HKLM\..\RunOnce: [DelMacromeddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\Macromed
O4 - HKLM\..\RunOnce: [Delcatroot] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\catroot
O4 - HKLM\..\RunOnce: [DelOccache] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\occache
O4 - HKLM\..\RunOnce: [DelTrieditdir] rundll32.exe advpack.dll,DelNodeRunDLL32 \triedit
O4 - HKLM\..\RunOnce: [GDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\uninstall information
O4 - HKLM\..\RunOnce: [GDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\verlauf
O4 - HKLM\..\RunOnce: [GDelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\anwendungsdaten\microsoft\welcome
O4 - HKLM\..\RunOnce: [GDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online-dienste
O4 - HKLM\..\RunOnce: [GDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\online-dienste
O4 - HKLM\..\RunOnce: [SDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\uninstall information
O4 - HKLM\..\RunOnce: [SDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\tidigare
O4 - HKLM\..\RunOnce: [SDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\skrivbord\onlinetjänster
O4 - HKLM\..\RunOnce: [SDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\onlinetjänster
O4 - HKLM\..\RunOnce: [IDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\uninstall information
O4 - HKLM\..\RunOnce: [IDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cronologia
O4 - HKLM\..\RunOnce: [IDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\onlinetjänster
O4 - HKLM\..\RunOnce: [DDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historique
O4 - HKLM\..\RunOnce: [SpDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\archivos de programa\uninstall information
O4 - HKLM\..\RunOnce: [SpDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\escritorio\servicios en línea
O4 - HKLM\..\RunOnce: [SpDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historial
O4 - HKLM\..\RunOnce: [DaDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmer\uninstall information
O4 - HKLM\..\RunOnce: [DaDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\oversigt
O4 - HKLM\..\RunOnce: [PbDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\arquivos de programas\internet explorer
O4 - HKLM\..\RunOnce: [Step_3] RunDll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\IErad.inf,Step_3
redemarre et refait un hijack
telecharge ceci
http://www.majorgeeks.com/download4465.html
ont l utiliserat apres
ensuite relance hijack coche ces lignes et clik sur fix
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [sBGE] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [sssasas32] C:\WINDOWS\sssasas.exe32
O4 - HKLM\..\Run: [SheduIer] C:\WINDOWS\msexploren.exe /i
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [nvsvca32] C:\WINDOWS\nvsvca32.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
recherche et vire tous les exe des lignes 04 que je t ai mis
lance le programme que je t ai fait telecharger
pour ceci c est toi qui a mis cela
O4 - HKLM\..\Run: [antiware] C:\windows\system32\elitezhb32.exe
O4 - HKLM\..\RunOnce: [DelIE4dir] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir2] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir3] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\internet explorer
O4 - HKLM\..\RunOnce: [DelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\uninstall information
O4 - HKLM\..\RunOnce: [DelCatrootdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\catroot
O4 - HKLM\..\RunOnce: [DelCookiesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cookies
O4 - HKLM\..\RunOnce: [DelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\history
O4 - HKLM\..\RunOnce: [DelDownloaddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\downloaded program files
O4 - HKLM\..\RunOnce: [DelSubscripdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\subscriptions
O4 - HKLM\..\RunOnce: [DelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\application data\microsoft\welcome
O4 - HKLM\..\RunOnce: [DelTempIFilesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\temporary internet files
O4 - HKLM\..\RunOnce: [DelJavadir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\java
O4 - HKLM\..\RunOnce: [DelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online services
O4 - HKLM\..\RunOnce: [DelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\online services
O4 - HKLM\..\RunOnce: [Deldownloadtmp] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\msdownld.tmp
O4 - HKLM\..\RunOnce: [DelMacromeddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\Macromed
O4 - HKLM\..\RunOnce: [Delcatroot] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\catroot
O4 - HKLM\..\RunOnce: [DelOccache] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\occache
O4 - HKLM\..\RunOnce: [DelTrieditdir] rundll32.exe advpack.dll,DelNodeRunDLL32 \triedit
O4 - HKLM\..\RunOnce: [GDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\uninstall information
O4 - HKLM\..\RunOnce: [GDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\verlauf
O4 - HKLM\..\RunOnce: [GDelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\anwendungsdaten\microsoft\welcome
O4 - HKLM\..\RunOnce: [GDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online-dienste
O4 - HKLM\..\RunOnce: [GDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\online-dienste
O4 - HKLM\..\RunOnce: [SDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\uninstall information
O4 - HKLM\..\RunOnce: [SDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\tidigare
O4 - HKLM\..\RunOnce: [SDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\skrivbord\onlinetjänster
O4 - HKLM\..\RunOnce: [SDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\onlinetjänster
O4 - HKLM\..\RunOnce: [IDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\uninstall information
O4 - HKLM\..\RunOnce: [IDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cronologia
O4 - HKLM\..\RunOnce: [IDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\onlinetjänster
O4 - HKLM\..\RunOnce: [DDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historique
O4 - HKLM\..\RunOnce: [SpDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\archivos de programa\uninstall information
O4 - HKLM\..\RunOnce: [SpDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\escritorio\servicios en línea
O4 - HKLM\..\RunOnce: [SpDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historial
O4 - HKLM\..\RunOnce: [DaDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmer\uninstall information
O4 - HKLM\..\RunOnce: [DaDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\oversigt
O4 - HKLM\..\RunOnce: [PbDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\arquivos de programas\internet explorer
O4 - HKLM\..\RunOnce: [Step_3] RunDll32.exe advpack.dll,LaunchINFSection
C:\WINDOWS\INF\IErad.inf,Step_3
redemarre et refait un hijack
voila ce que ca donne, apres avoir lancer l'unistalle
Logfile of HijackThis v1.99.0
Scan saved at 21:52:43, on 13/02/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fujitsu NetCOBOL for Windows\COBATSVC.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\msexploren.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\nvsvca32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\thelvyn\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ADSL_A2] A2Installed
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [sBGE] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sssasas32] C:\WINDOWS\sssasas.exe32
O4 - HKLM\..\Run: [SheduIer] C:\WINDOWS\msexploren.exe /i
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [nvsvca32] C:\WINDOWS\nvsvca32.exe
O4 - HKLM\..\RunOnce: [DelIE4dir] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir2] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir3] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\internet explorer
O4 - HKLM\..\RunOnce: [DelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\uninstall information
O4 - HKLM\..\RunOnce: [DelCatrootdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\catroot
O4 - HKLM\..\RunOnce: [DelCookiesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cookies
O4 - HKLM\..\RunOnce: [DelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\history
O4 - HKLM\..\RunOnce: [DelDownloaddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\downloaded program files
O4 - HKLM\..\RunOnce: [DelSubscripdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\subscriptions
O4 - HKLM\..\RunOnce: [DelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\application data\microsoft\welcome
O4 - HKLM\..\RunOnce: [DelTempIFilesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\temporary internet files
O4 - HKLM\..\RunOnce: [DelJavadir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\java
O4 - HKLM\..\RunOnce: [DelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online services
O4 - HKLM\..\RunOnce: [DelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\online services
O4 - HKLM\..\RunOnce: [Deldownloadtmp] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\msdownld.tmp
O4 - HKLM\..\RunOnce: [DelMacromeddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\Macromed
O4 - HKLM\..\RunOnce: [Delcatroot] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\catroot
O4 - HKLM\..\RunOnce: [DelOccache] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\occache
O4 - HKLM\..\RunOnce: [DelTrieditdir] rundll32.exe advpack.dll,DelNodeRunDLL32 \triedit
O4 - HKLM\..\RunOnce: [GDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\uninstall information
O4 - HKLM\..\RunOnce: [GDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\verlauf
O4 - HKLM\..\RunOnce: [GDelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\anwendungsdaten\microsoft\welcome
O4 - HKLM\..\RunOnce: [GDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online-dienste
O4 - HKLM\..\RunOnce: [GDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\online-dienste
O4 - HKLM\..\RunOnce: [SDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\uninstall information
O4 - HKLM\..\RunOnce: [SDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\tidigare
O4 - HKLM\..\RunOnce: [SDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\skrivbord\onlinetjänster
O4 - HKLM\..\RunOnce: [SDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\onlinetjänster
O4 - HKLM\..\RunOnce: [IDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\uninstall information
O4 - HKLM\..\RunOnce: [IDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cronologia
O4 - HKLM\..\RunOnce: [IDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\onlinetjänster
O4 - HKLM\..\RunOnce: [DDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historique
O4 - HKLM\..\RunOnce: [SpDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\archivos de programa\uninstall information
O4 - HKLM\..\RunOnce: [SpDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\escritorio\servicios en línea
O4 - HKLM\..\RunOnce: [SpDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historial
O4 - HKLM\..\RunOnce: [DaDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmer\uninstall information
O4 - HKLM\..\RunOnce: [DaDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\oversigt
O4 - HKLM\..\RunOnce: [PbDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\arquivos de programas\internet explorer
O4 - HKLM\..\RunOnce: [Step_3] RunDll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\IErad.inf,Step_3
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFDB69F2-61FD-42E8-8BA2-44174EB649AE}: NameServer = 195.238.2.22 195.238.2.21
O23 - Service: COBOL Tool Attaching Service - FUJITSU LIMITED - C:\Program Files\Fujitsu NetCOBOL for Windows\COBATSVC.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet - Unknown - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe
Logfile of HijackThis v1.99.0
Scan saved at 21:52:43, on 13/02/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fujitsu NetCOBOL for Windows\COBATSVC.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\msexploren.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\nvsvca32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\thelvyn\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ADSL_A2] A2Installed
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [sBGE] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sssasas32] C:\WINDOWS\sssasas.exe32
O4 - HKLM\..\Run: [SheduIer] C:\WINDOWS\msexploren.exe /i
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzî[8C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [¢‰¸K0¨4W
}ïÁzîžigÝC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [¢‰¸K0Ô@ÔÁß]§ú"ü‰üžiC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\vipkscf.exe
O4 - HKLM\..\Run: [nvsvca32] C:\WINDOWS\nvsvca32.exe
O4 - HKLM\..\RunOnce: [DelIE4dir] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir2] rundll32.exe advpack.dll,DelNodeRunDLL32
O4 - HKLM\..\RunOnce: [DelIE4dir3] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\internet explorer
O4 - HKLM\..\RunOnce: [DelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\uninstall information
O4 - HKLM\..\RunOnce: [DelCatrootdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\catroot
O4 - HKLM\..\RunOnce: [DelCookiesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cookies
O4 - HKLM\..\RunOnce: [DelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\history
O4 - HKLM\..\RunOnce: [DelDownloaddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\downloaded program files
O4 - HKLM\..\RunOnce: [DelSubscripdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\subscriptions
O4 - HKLM\..\RunOnce: [DelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\application data\microsoft\welcome
O4 - HKLM\..\RunOnce: [DelTempIFilesdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\temporary internet files
O4 - HKLM\..\RunOnce: [DelJavadir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\java
O4 - HKLM\..\RunOnce: [DelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online services
O4 - HKLM\..\RunOnce: [DelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program files\online services
O4 - HKLM\..\RunOnce: [Deldownloadtmp] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\msdownld.tmp
O4 - HKLM\..\RunOnce: [DelMacromeddir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\Macromed
O4 - HKLM\..\RunOnce: [Delcatroot] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\System32\catroot
O4 - HKLM\..\RunOnce: [DelOccache] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\occache
O4 - HKLM\..\RunOnce: [DelTrieditdir] rundll32.exe advpack.dll,DelNodeRunDLL32 \triedit
O4 - HKLM\..\RunOnce: [GDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\uninstall information
O4 - HKLM\..\RunOnce: [GDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\verlauf
O4 - HKLM\..\RunOnce: [GDelWelcomedir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\anwendungsdaten\microsoft\welcome
O4 - HKLM\..\RunOnce: [GDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\desktop\online-dienste
O4 - HKLM\..\RunOnce: [GDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programme\online-dienste
O4 - HKLM\..\RunOnce: [SDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\uninstall information
O4 - HKLM\..\RunOnce: [SDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\tidigare
O4 - HKLM\..\RunOnce: [SDelOnlineServdesk] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\skrivbord\onlinetjänster
O4 - HKLM\..\RunOnce: [SDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\program\onlinetjänster
O4 - HKLM\..\RunOnce: [IDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\uninstall information
O4 - HKLM\..\RunOnce: [IDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\cronologia
O4 - HKLM\..\RunOnce: [IDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmi\onlinetjänster
O4 - HKLM\..\RunOnce: [DDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historique
O4 - HKLM\..\RunOnce: [SpDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\archivos de programa\uninstall information
O4 - HKLM\..\RunOnce: [SpDelOnlineServdir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\escritorio\servicios en línea
O4 - HKLM\..\RunOnce: [SpDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\historial
O4 - HKLM\..\RunOnce: [DaDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\programmer\uninstall information
O4 - HKLM\..\RunOnce: [DaDelHistorydir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\WINDOWS\oversigt
O4 - HKLM\..\RunOnce: [PbDelUninstalldir] rundll32.exe advpack.dll,DelNodeRunDLL32 C:\arquivos de programas\internet explorer
O4 - HKLM\..\RunOnce: [Step_3] RunDll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\IErad.inf,Step_3
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFDB69F2-61FD-42E8-8BA2-44174EB649AE}: NameServer = 195.238.2.22 195.238.2.21
O23 - Service: COBOL Tool Attaching Service - FUJITSU LIMITED - C:\Program Files\Fujitsu NetCOBOL for Windows\COBATSVC.exe
O23 - Service: Crypkey License - Unknown - crypserv.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau - Unknown - C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet - Unknown - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe
balltrap34
Messages postés
16240
Date d'inscription
jeudi 8 janvier 2004
Statut
Contributeur sécurité
Dernière intervention
28 novembre 2009
331
13 févr. 2005 à 22:05
13 févr. 2005 à 22:05
tu as cocher et fixer avant d utiliser le prog
salut,moi g le meme prob voila mon ijack d moi vitestp ja fait l uinstall.aide moi stp
Logfile of HijackThis v1.99.1
Scan saved at 23:08:04, on 17/03/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\MMTray.exe
C:\WINDOWS\System32\MMTray2k.exe
C:\WINDOWS\System32\MMTrayLSI.exe
C:\WINDOWS\System32\qttask.exe
C:\WINDOWS\System32\YPager.EXE
C:\WINDOWS\System32\MSDATLST.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\winampa.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\WINDOWS\system32\wscript.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\WINDOWS\System32\MSPRCSS32.exe
C:\Program Files\BulletProofSoft.com\SpywareRemover\Spyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\cjp\LOCALS~1\Temp\Rar$EX00.453\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oxhedmltvqaiab.org/TK_mp7XrvPDfdbgIxE7VP9CqKaL_1GY4L4vWs2mKxG2sPyzPbgwClG84tedF77dv.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/ymsgr6/fr/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tiscali.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/ymsgr6/fr/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/ymsgr6/fr/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: (no name) - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Yahoo Messenger] YPager.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Messenger] C:\WINDOWS\System32\winampa.exe
O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
O4 - HKLM\..\Run: [MS windows Data list process] MSDATLST.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitegiy32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [yhcjgzwn] C:\WINDOWS\yhcjgzwn.exe
O4 - HKLM\..\Run: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKLM\..\RunServices: [Yahoo Messenger] YPager.EXE
O4 - HKLM\..\RunServices: [MS windows Data list process] MSDATLST.exe
O4 - HKLM\..\RunServices: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MS windows Data list process] MSDATLST.exe
O4 - HKCU\..\Run: [MS Windows Process Class] MSPRCSS32.exe
O4 - Startup: Deer Hunter 2005 Registration.lnk = C:\Program Files\Atari\Deer Hunter 2005\ATR1.EXE
O4 - Startup: Product Registration.lnk = C:\Program Files\Atari\Deer Hunter 2005\ATR1.EXE
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: v3cab - http://searchmiracle.com/cab/8.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5953B-14E0-4D7B-9B54-053F96B32726}: NameServer = 213.36.80.1
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 23:08:04, on 17/03/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\MMTray.exe
C:\WINDOWS\System32\MMTray2k.exe
C:\WINDOWS\System32\MMTrayLSI.exe
C:\WINDOWS\System32\qttask.exe
C:\WINDOWS\System32\YPager.EXE
C:\WINDOWS\System32\MSDATLST.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\winampa.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\WINDOWS\system32\wscript.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\WINDOWS\System32\MSPRCSS32.exe
C:\Program Files\BulletProofSoft.com\SpywareRemover\Spyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\cjp\LOCALS~1\Temp\Rar$EX00.453\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oxhedmltvqaiab.org/TK_mp7XrvPDfdbgIxE7VP9CqKaL_1GY4L4vWs2mKxG2sPyzPbgwClG84tedF77dv.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/ymsgr6/fr/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tiscali.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://fr.rd.yahoo.com/customize/ie/defaults/sb/ymsgr6/fr/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/ymsgr6/fr/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaults/su/ymsgr6/fr/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: (no name) - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\System32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Yahoo Messenger] YPager.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Messenger] C:\WINDOWS\System32\winampa.exe
O4 - HKLM\..\Run: [TiscaliParam] C:\Program Files\Tiscali\Dialer\bootparam.exe
O4 - HKLM\..\Run: [MS windows Data list process] MSDATLST.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitegiy32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [yhcjgzwn] C:\WINDOWS\yhcjgzwn.exe
O4 - HKLM\..\Run: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKLM\..\RunServices: [Yahoo Messenger] YPager.EXE
O4 - HKLM\..\RunServices: [MS windows Data list process] MSDATLST.exe
O4 - HKLM\..\RunServices: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MS windows Data list process] MSDATLST.exe
O4 - HKCU\..\Run: [MS Windows Process Class] MSPRCSS32.exe
O4 - Startup: Deer Hunter 2005 Registration.lnk = C:\Program Files\Atari\Deer Hunter 2005\ATR1.EXE
O4 - Startup: Product Registration.lnk = C:\Program Files\Atari\Deer Hunter 2005\ATR1.EXE
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: v3cab - http://searchmiracle.com/cab/8.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c267.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5953B-14E0-4D7B-9B54-053F96B32726}: NameServer = 213.36.80.1
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
balltrap34
Messages postés
16240
Date d'inscription
jeudi 8 janvier 2004
Statut
Contributeur sécurité
Dernière intervention
28 novembre 2009
331
17 mars 2005 à 23:56
17 mars 2005 à 23:56
salut
Faites votre propre message ne le faites pas sur le message d’un autre
sinon on sait plus ou on en est.
pour cela
tu clique sur écrire nouveaux message en haut de cette page
et donne des detail sur tes problemes stp
Faites votre propre message ne le faites pas sur le message d’un autre
sinon on sait plus ou on en est.
pour cela
tu clique sur écrire nouveaux message en haut de cette page
et donne des detail sur tes problemes stp