A l'aide, j'ai le virus msn
Mart2inee
Messages postés
29
Statut
Membre
-
Mart2inee Messages postés 29 Statut Membre -
Mart2inee Messages postés 29 Statut Membre -
Bonjour,
Je été infecté par le virus msn, je ne sais pas comment, j'ai déjà été infecté il y a quelques mois, et j'ai du réinitialiser mon ordinateur, j'ai utilisé MSNFix et il ne trouve rien.
Voici le rapport Hisjackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:57, on 25/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Martine\Application Data\Helpfiles\winlogon.exe
C:\Documents and Settings\Martine\Application Data\WinNT\winlogon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\Philips\SPC220NC\Monitor.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz1.dll
O1 - Hosts: 176.34.116.67 anubis.iseclab.org
O1 - Hosts: 82.115.191.219 www.threatexpert.com
O1 - Hosts: 207.184.189.188 threatexpert.com
O1 - Hosts: 83.127.105.183 cwsandbox.org
O1 - Hosts: 160.99.245.144 www.cwsandbox.org
O1 - Hosts: 65.43.228.126 u20.eset.com
O1 - Hosts: 151.73.244.12 u21.eset.com
O1 - Hosts: 69.151.38.25 u22.eset.com
O1 - Hosts: 103.109.81.4 u23.eset.com
O1 - Hosts: 133.4.241.195 u24.eset.com
O1 - Hosts: 68.64.170.228 u30.eset.com
O1 - Hosts: 175.198.177.201 u31.eset.com
O1 - Hosts: 53.8.12.19 u32.eset.com
O1 - Hosts: 22.154.226.141 u33.eset.com
O1 - Hosts: 119.146.212.25 u34.eset.com
O1 - Hosts: 85.184.131.91 u35.eset.com
O1 - Hosts: 240.187.62.171 u36.eset.com
O1 - Hosts: 19.204.31.25 u37.eset.com
O1 - Hosts: 177.65.100.247 u38.eset.com
O1 - Hosts: 73.40.226.62 u39.eset.com
O1 - Hosts: 8.102.230.196 u40.eset.com
O1 - Hosts: 26.212.197.23 u41.eset.com
O1 - Hosts: 161.105.22.228 u42.eset.com
O1 - Hosts: 193.237.185.222 u43.eset.com
O1 - Hosts: 62.72.52.241 u44.eset.com
O1 - Hosts: 141.81.251.45 u45.eset.com
O1 - Hosts: 114.211.67.98 u46.eset.com
O1 - Hosts: 104.21.97.41 u47.eset.com
O1 - Hosts: 252.20.221.233 u48.eset.com
O1 - Hosts: 112.216.66.21 u49.eset.com
O1 - Hosts: 161.1.48.37 f-secure.com
O1 - Hosts: 39.227.241.35 symantec.com
O1 - Hosts: 163.129.109.161 127.99.45.207
O1 - Hosts: 41.11.191.160 virusscan.jotti.org
O1 - Hosts: 216.216.16.86 acc.pdbox.co.kr
O1 - Hosts: 223.155.148.83 pcsafe.hanafos.com
O1 - Hosts: 229.189.226.40 viruschaser.com
O1 - Hosts: 196.58.211.119 www.viruschaser.com
O1 - Hosts: 190.230.38.235 v.chol.com
O1 - Hosts: 201.138.160.214 securitycenter.co.kr
O1 - Hosts: 20.157.233.212 www.securitycenter.co.kr
O1 - Hosts: 199.176.93.117 sandbox.norman.com
O1 - Hosts: 210.2.246.116 norman.com
O1 - Hosts: 194.57.48.74 sandbox.norman.no
O1 - Hosts: 254.4.17.131 norman.no
O1 - Hosts: 251.53.233.215 www.norman.no
O1 - Hosts: 76.198.111.88 kaspersky.pl
O1 - Hosts: 5.227.37.31 www.kaspersky.pl
O1 - Hosts: 232.225.82.96 www.kaspersky.telechargement.fr
O1 - Hosts: 214.205.107.197 kaspersky.telechargement.fr
O1 - Hosts: 216.104.174.107 kaspersky.de
O1 - Hosts: 111.192.222.128 www.kaspersky.de
O1 - Hosts: 93.202.90.64 kaspersky.co.nz
O1 - Hosts: 139.146.119.217 www.kaspersky.co.nz
O1 - Hosts: 240.254.221.4 kaspersky-antivirus.dk
O1 - Hosts: 225.51.87.188 www.kaspersky-antivirus.dk
O1 - Hosts: 211.2.194.249 kaspersky-me.com
O1 - Hosts: 247.19.36.216 www.kaspersky-me.com
O1 - Hosts: 164.157.254.2 kaspersky.co.uk
O1 - Hosts: 136.214.118.81 www.kaspersky.co.uk
O1 - Hosts: 139.9.230.250 kaspersky.com.au
O1 - Hosts: 237.94.93.63 www.kaspersky.com.au
O1 - Hosts: 241.89.58.100 www.kasperskyusa.com
O1 - Hosts: 45.21.98.0 kasperskyusa.com
O1 - Hosts: 209.51.51.88 agnitum.com
O1 - Hosts: 131.153.51.85 www.agnitum.com
O1 - Hosts: 13.99.177.212 smb.sygate.com
O1 - Hosts: 138.176.200.216 vic.zonelabs.com
O1 - Hosts: 217.49.114.87 download.zonelabs.com
O1 - Hosts: 105.138.169.185 zonelabs.com
O1 - Hosts: 56.17.207.189 www.zonelabs.com
O1 - Hosts: 152.88.55.78 freebyte.com
O1 - Hosts: 133.33.31.134 www.freebyte.com
O1 - Hosts: 178.46.137.244 www.bitdefender.com
O1 - Hosts: 14.113.149.84 bitdefender.com
O1 - Hosts: 218.182.101.196 www.virus-radar.com
O1 - Hosts: 60.36.184.73 virus-radar.com
O1 - Hosts: 43.63.176.139 www.nod32.com
O1 - Hosts: 82.216.110.45 nod32.com
O1 - Hosts: 184.2.9.161 avg-antivirus.net
O1 - Hosts: 180.104.10.102 www.avg-antivirus.net
O1 - Hosts: 196.243.251.70 vet.com.au
O1 - Hosts: 193.136.163.89 www.vet.com.au
O1 - Hosts: 74.188.254.27 avgbulgaria.com
O1 - Hosts: 196.85.136.142 www.avgbulgaria.com
O1 - Hosts: 238.213.232.31 windowsupdate.microsoft.com
O1 - Hosts: 135.199.81.134 update.microsoft.com
O1 - Hosts: 200.156.118.170 virusbtn.com
O1 - Hosts: 90.182.41.237 www.virusbtn.com
O1 - Hosts: 117.9.185.65 drsolomon.com
O1 - Hosts: 231.245.156.111 www.drsolomon.com
O1 - Hosts: 64.69.139.107 teamanti-virus.org
O1 - Hosts: 168.92.14.174 www.teamanti-virus.org
O1 - Hosts: 228.31.24.214 virustotal.com
O1 - Hosts: 98.22.202.158 www.virustotal.com
O1 - Hosts: 81.193.237.218 microsoft.com
O1 - Hosts: 59.71.40.31 www.microsoft.com
O1 - Hosts: 133.67.41.53 www.cert.org
O1 - Hosts: 95.132.175.239 cert.org
O1 - Hosts: 125.253.41.43 avast.com
O1 - Hosts: 49.150.94.234 www.avast.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Skyrock Toolbar - {A057A204-BACC-4D26-969A-2AB983EE729B} - C:\PROGRA~1\SKYROC~1\SKYROC~1.DLL
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz1.dll
O3 - Toolbar: Skyrock Toolbar - {A057A204-BACC-4D26-969A-2AB983EE729B} - C:\PROGRA~1\SKYROC~1\SKYROC~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [systme] C:\WINDOWS\system32\supar.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [Windows Logon Service] "C:\Documents and Settings\Martine\Application Data\Helpfiles\winlogon.exe"
O4 - HKLM\..\Policies\Explorer\Run: [Windows Logon Servicer] "C:\Documents and Settings\Martine\Application Data\WinNT\winlogon.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Windows Logon Service] "C:\Documents and Settings\Martine\Application Data\Helpfiles\winlogon.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Windows Logon Servicer] "C:\Documents and Settings\Martine\Application Data\WinNT\winlogon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Global Startup: TrayMin220.lnk = ?
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate1c9dd6aca55b53a) (gupdate1c9dd6aca55b53a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
Je été infecté par le virus msn, je ne sais pas comment, j'ai déjà été infecté il y a quelques mois, et j'ai du réinitialiser mon ordinateur, j'ai utilisé MSNFix et il ne trouve rien.
Voici le rapport Hisjackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:57, on 25/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Martine\Application Data\Helpfiles\winlogon.exe
C:\Documents and Settings\Martine\Application Data\WinNT\winlogon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\Philips\SPC220NC\Monitor.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=cooxer&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://melanthios-ana.com/zcvisitor/1624d318-3614-11eb-87b9-12a1ab6c324d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=47f83760-f118-11ea-9bc8-0ac2bbf4ada7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz1.dll
O1 - Hosts: 176.34.116.67 anubis.iseclab.org
O1 - Hosts: 82.115.191.219 www.threatexpert.com
O1 - Hosts: 207.184.189.188 threatexpert.com
O1 - Hosts: 83.127.105.183 cwsandbox.org
O1 - Hosts: 160.99.245.144 www.cwsandbox.org
O1 - Hosts: 65.43.228.126 u20.eset.com
O1 - Hosts: 151.73.244.12 u21.eset.com
O1 - Hosts: 69.151.38.25 u22.eset.com
O1 - Hosts: 103.109.81.4 u23.eset.com
O1 - Hosts: 133.4.241.195 u24.eset.com
O1 - Hosts: 68.64.170.228 u30.eset.com
O1 - Hosts: 175.198.177.201 u31.eset.com
O1 - Hosts: 53.8.12.19 u32.eset.com
O1 - Hosts: 22.154.226.141 u33.eset.com
O1 - Hosts: 119.146.212.25 u34.eset.com
O1 - Hosts: 85.184.131.91 u35.eset.com
O1 - Hosts: 240.187.62.171 u36.eset.com
O1 - Hosts: 19.204.31.25 u37.eset.com
O1 - Hosts: 177.65.100.247 u38.eset.com
O1 - Hosts: 73.40.226.62 u39.eset.com
O1 - Hosts: 8.102.230.196 u40.eset.com
O1 - Hosts: 26.212.197.23 u41.eset.com
O1 - Hosts: 161.105.22.228 u42.eset.com
O1 - Hosts: 193.237.185.222 u43.eset.com
O1 - Hosts: 62.72.52.241 u44.eset.com
O1 - Hosts: 141.81.251.45 u45.eset.com
O1 - Hosts: 114.211.67.98 u46.eset.com
O1 - Hosts: 104.21.97.41 u47.eset.com
O1 - Hosts: 252.20.221.233 u48.eset.com
O1 - Hosts: 112.216.66.21 u49.eset.com
O1 - Hosts: 161.1.48.37 f-secure.com
O1 - Hosts: 39.227.241.35 symantec.com
O1 - Hosts: 163.129.109.161 127.99.45.207
O1 - Hosts: 41.11.191.160 virusscan.jotti.org
O1 - Hosts: 216.216.16.86 acc.pdbox.co.kr
O1 - Hosts: 223.155.148.83 pcsafe.hanafos.com
O1 - Hosts: 229.189.226.40 viruschaser.com
O1 - Hosts: 196.58.211.119 www.viruschaser.com
O1 - Hosts: 190.230.38.235 v.chol.com
O1 - Hosts: 201.138.160.214 securitycenter.co.kr
O1 - Hosts: 20.157.233.212 www.securitycenter.co.kr
O1 - Hosts: 199.176.93.117 sandbox.norman.com
O1 - Hosts: 210.2.246.116 norman.com
O1 - Hosts: 194.57.48.74 sandbox.norman.no
O1 - Hosts: 254.4.17.131 norman.no
O1 - Hosts: 251.53.233.215 www.norman.no
O1 - Hosts: 76.198.111.88 kaspersky.pl
O1 - Hosts: 5.227.37.31 www.kaspersky.pl
O1 - Hosts: 232.225.82.96 www.kaspersky.telechargement.fr
O1 - Hosts: 214.205.107.197 kaspersky.telechargement.fr
O1 - Hosts: 216.104.174.107 kaspersky.de
O1 - Hosts: 111.192.222.128 www.kaspersky.de
O1 - Hosts: 93.202.90.64 kaspersky.co.nz
O1 - Hosts: 139.146.119.217 www.kaspersky.co.nz
O1 - Hosts: 240.254.221.4 kaspersky-antivirus.dk
O1 - Hosts: 225.51.87.188 www.kaspersky-antivirus.dk
O1 - Hosts: 211.2.194.249 kaspersky-me.com
O1 - Hosts: 247.19.36.216 www.kaspersky-me.com
O1 - Hosts: 164.157.254.2 kaspersky.co.uk
O1 - Hosts: 136.214.118.81 www.kaspersky.co.uk
O1 - Hosts: 139.9.230.250 kaspersky.com.au
O1 - Hosts: 237.94.93.63 www.kaspersky.com.au
O1 - Hosts: 241.89.58.100 www.kasperskyusa.com
O1 - Hosts: 45.21.98.0 kasperskyusa.com
O1 - Hosts: 209.51.51.88 agnitum.com
O1 - Hosts: 131.153.51.85 www.agnitum.com
O1 - Hosts: 13.99.177.212 smb.sygate.com
O1 - Hosts: 138.176.200.216 vic.zonelabs.com
O1 - Hosts: 217.49.114.87 download.zonelabs.com
O1 - Hosts: 105.138.169.185 zonelabs.com
O1 - Hosts: 56.17.207.189 www.zonelabs.com
O1 - Hosts: 152.88.55.78 freebyte.com
O1 - Hosts: 133.33.31.134 www.freebyte.com
O1 - Hosts: 178.46.137.244 www.bitdefender.com
O1 - Hosts: 14.113.149.84 bitdefender.com
O1 - Hosts: 218.182.101.196 www.virus-radar.com
O1 - Hosts: 60.36.184.73 virus-radar.com
O1 - Hosts: 43.63.176.139 www.nod32.com
O1 - Hosts: 82.216.110.45 nod32.com
O1 - Hosts: 184.2.9.161 avg-antivirus.net
O1 - Hosts: 180.104.10.102 www.avg-antivirus.net
O1 - Hosts: 196.243.251.70 vet.com.au
O1 - Hosts: 193.136.163.89 www.vet.com.au
O1 - Hosts: 74.188.254.27 avgbulgaria.com
O1 - Hosts: 196.85.136.142 www.avgbulgaria.com
O1 - Hosts: 238.213.232.31 windowsupdate.microsoft.com
O1 - Hosts: 135.199.81.134 update.microsoft.com
O1 - Hosts: 200.156.118.170 virusbtn.com
O1 - Hosts: 90.182.41.237 www.virusbtn.com
O1 - Hosts: 117.9.185.65 drsolomon.com
O1 - Hosts: 231.245.156.111 www.drsolomon.com
O1 - Hosts: 64.69.139.107 teamanti-virus.org
O1 - Hosts: 168.92.14.174 www.teamanti-virus.org
O1 - Hosts: 228.31.24.214 virustotal.com
O1 - Hosts: 98.22.202.158 www.virustotal.com
O1 - Hosts: 81.193.237.218 microsoft.com
O1 - Hosts: 59.71.40.31 www.microsoft.com
O1 - Hosts: 133.67.41.53 www.cert.org
O1 - Hosts: 95.132.175.239 cert.org
O1 - Hosts: 125.253.41.43 avast.com
O1 - Hosts: 49.150.94.234 www.avast.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Skyrock Toolbar - {A057A204-BACC-4D26-969A-2AB983EE729B} - C:\PROGRA~1\SKYROC~1\SKYROC~1.DLL
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaz1.dll
O3 - Toolbar: Skyrock Toolbar - {A057A204-BACC-4D26-969A-2AB983EE729B} - C:\PROGRA~1\SKYROC~1\SKYROC~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\Philips\SPC220NC\Monitor.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [systme] C:\WINDOWS\system32\supar.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKLM\..\Policies\Explorer\Run: [Windows Logon Service] "C:\Documents and Settings\Martine\Application Data\Helpfiles\winlogon.exe"
O4 - HKLM\..\Policies\Explorer\Run: [Windows Logon Servicer] "C:\Documents and Settings\Martine\Application Data\WinNT\winlogon.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Windows Logon Service] "C:\Documents and Settings\Martine\Application Data\Helpfiles\winlogon.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Windows Logon Servicer] "C:\Documents and Settings\Martine\Application Data\WinNT\winlogon.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Global Startup: TrayMin220.lnk = ?
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Service Google Update (gupdate1c9dd6aca55b53a) (gupdate1c9dd6aca55b53a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
A voir également:
- A l'aide, j'ai le virus msn
- Virus mcafee - Accueil - Piratage
- Telecharger msn - Télécharger - Messagerie
- Virus informatique - Guide
- Msn messenger - Télécharger - Messagerie
- Msn plus - Télécharger - Messagerie
52 réponses
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Oui mais il y a un fichier légitime de Windows qui porte le même nom.
Celui que tu parles se trouve dans C:\_OTM ?
Celui que tu parles se trouve dans C:\_OTM ?
