Un ptit renseignement(hijack)
regis59
-
balltrap34 Messages postés 16241 Statut Contributeur sécurité -
balltrap34 Messages postés 16241 Statut Contributeur sécurité -
Bonjour excusez moi de vs deranger, que me proposer vous a fixer sur ce log svp??j espere vous aurez le temps de me repondre merci !
Logfile of HijackThis v1.99.1
Scan saved at 21:49:19, on 27/03/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCIOMON.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCPFW.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\WINAMP3\WINAMPA.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCGUIDE.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCCLIENT.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\POP3TRAP.EXE
C:\PROGRAM FILES\E-CARTE BLEUE\BANQUE POPULAIRE\ECB-BP.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\TECHCITY SOLUTIONS\AOLSAV\AOLAGENT.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\ACS\AOLDIAL.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\WEBTRAP.EXE
C:\PROGRAM FILES\CREATIVE\SHARED FILES\CAMTRAY.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
C:\WINDOWS\SYSTEM\E_S5I0E1.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\FR\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE
C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\PROGRAM FILES\AOL 9.0A\WAOL.EXE
C:\PROGRAM FILES\AOL 9.0A\SHELLMON.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\AOLTPSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\MES DOCUMENTS\OFFICE ONE ZIP\HIJACKTHIS_199\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.aol.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\SYSTEM\BHOECART.DLL
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [Xanadu] C:\Program Files\Foreignword\Xanadu\Xanadu.exe
O4 - HKLM\..\Run: [Wintim'In Start] C:\Program Files\Accessoires\wintimi6.exe /CTRL
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe"
O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe"
O4 - HKLM\..\Run: [eCarteBleue-BP] "C:\PROGRA~1\E-CART~1\BANQUE~1\ECB-BP.exe" /dontopenmycards
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAGENT.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\FICHIE~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\SYSTEM\E_S5I0E1.EXE /P26 "EPSON Stylus CX6600 Series" /O5 "LPT1:" /M "Stylus CX6600"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [OOUSERV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\PROGRAM\OOUSERV6.EXE
O4 - HKLM\..\Run: [OOPDFSETTINGSV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE
O4 - HKLM\..\Run: [BOOT] C:\PROGRAM FILES\ISSENDIS\ISSENDIS WEBUPDATE V6\ISSENDISWEBUPDATEV6.EXE /BOOT
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe"
O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\ACS\AOLACSD.EXE"
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Pense-Bête] C:\PROGRAM FILES\PENSE-BETE\Pensbet76.exe
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O16 - DPF: {D670D0B3-05AB-4115-9F87-D983EF1AC747} (AOL Downloader Plugin) - http://photos02.aol.fr/ygp/aol/plugin/download/YGPPicDownload.fr-FR.9.1.6.18.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
Logfile of HijackThis v1.99.1
Scan saved at 21:49:19, on 27/03/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCIOMON.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCPFW.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\WINAMP3\WINAMPA.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCGUIDE.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\PCCCLIENT.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\POP3TRAP.EXE
C:\PROGRAM FILES\E-CARTE BLEUE\BANQUE POPULAIRE\ECB-BP.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\TECHCITY SOLUTIONS\AOLSAV\AOLAGENT.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\ACS\AOLDIAL.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 9\WEBTRAP.EXE
C:\PROGRAM FILES\CREATIVE\SHARED FILES\CAMTRAY.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
C:\WINDOWS\SYSTEM\E_S5I0E1.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\FR\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE
C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\PROGRAM FILES\AOL 9.0A\WAOL.EXE
C:\PROGRAM FILES\AOL 9.0A\SHELLMON.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\AOLTPSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\MES DOCUMENTS\OFFICE ONE ZIP\HIJACKTHIS_199\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.aol.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\SYSTEM\BHOECART.DLL
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [Xanadu] C:\Program Files\Foreignword\Xanadu\Xanadu.exe
O4 - HKLM\..\Run: [Wintim'In Start] C:\Program Files\Accessoires\wintimi6.exe /CTRL
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 9\pccguide.exe"
O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 9\Pop3trap.exe"
O4 - HKLM\..\Run: [eCarteBleue-BP] "C:\PROGRA~1\E-CART~1\BANQUE~1\ECB-BP.exe" /dontopenmycards
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAGENT.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\FICHIE~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\SYSTEM\E_S5I0E1.EXE /P26 "EPSON Stylus CX6600 Series" /O5 "LPT1:" /M "Stylus CX6600"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [OOUSERV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\PROGRAM\OOUSERV6.EXE
O4 - HKLM\..\Run: [OOPDFSETTINGSV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE
O4 - HKLM\..\Run: [BOOT] C:\PROGRAM FILES\ISSENDIS\ISSENDIS WEBUPDATE V6\ISSENDISWEBUPDATEV6.EXE /BOOT
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 9\PCCIOMON.exe"
O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 9\PCCPFW.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\ACS\AOLACSD.EXE"
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Pense-Bête] C:\PROGRAM FILES\PENSE-BETE\Pensbet76.exe
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O16 - DPF: {D670D0B3-05AB-4115-9F87-D983EF1AC747} (AOL Downloader Plugin) - http://photos02.aol.fr/ygp/aol/plugin/download/YGPPicDownload.fr-FR.9.1.6.18.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
A voir également:
- Un ptit renseignement(hijack)
- Hijack this - Télécharger - Antivirus & Antimalwares
- Audio hijack pro - Télécharger - Création musicale
- Virus hijack proxy ✓ - Forum Virus
- Renseignement 1fichier ✓ - Forum Réseaux sociaux
- Renseignement Smartbox - Forum Consommation & Internet
6 réponses
vous en pensez quoi ?cela a fixer?
C:\PROGRAM FILES\E-CARTE BLEUE\BANQUE POPULAIRE\ECB-BP.EXE - Inconnu
C:\PROGRAM FILES\TECHCITY SOLUTIONS\AOLSAV\AOLAGENT.EXE - Inconnu
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE - Inconnu
C:\WINDOWS\SYSTEM\E_S5I0E1.EXE - Inconnu
C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE - Inconnu
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL - Méchant
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL - Inconnu
O4 - HKLM\..\Run: [Wintim'In Start] C:\Program Files\Accessoires\wintimi6.exe /CTRL - Inconnu
O4 - HKLM\..\Run: [eCarteBleue-BP] "C:\PROGRA~1\E-CART~1\BANQUE~1\ECB-BP.exe" /dontopenmycards - Inconnu
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE - Méchant
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain - Inconnu
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAGENT.EXE - Inconnu
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\SYSTEM\E_S5I0E1.EXE /P26 "EPSON Stylus CX6600 Series" /O5 "LPT1:" /M "Stylus CX6600" - Inconnu
O4 - HKLM\..\Run: [OOUSERV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\PROGRAM\OOUSERV6.EXE - Eventuellement méchant
O4 - HKLM\..\Run: [OOPDFSETTINGSV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE - Eventuellement méchant
O4 - HKLM\..\Run: [BOOT] C:\PROGRAM FILES\ISSENDIS\ISSENDIS WEBUPDATE V6\ISSENDISWEBUPDATEV6.EXE /BOOT - Inconnu
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY - Inconnu
8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm - Méchant
O8 - Extra context menu item: Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML - Méchant
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE - Eventuellement méchant
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing) - Eventuellement méchant
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab - Eventuellement méchant
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab - Méchant
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net - Eventuellement méchant
C:\PROGRAM FILES\E-CARTE BLEUE\BANQUE POPULAIRE\ECB-BP.EXE - Inconnu
C:\PROGRAM FILES\TECHCITY SOLUTIONS\AOLSAV\AOLAGENT.EXE - Inconnu
C:\PROGRAM FILES\FICHIERS COMMUNS\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE - Inconnu
C:\WINDOWS\SYSTEM\E_S5I0E1.EXE - Inconnu
C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE - Inconnu
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL - Méchant
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\PROGRAM FILES\EPSON\EPSON WEB-TO-PAGE\EPSON WEB-TO-PAGE.DLL - Inconnu
O4 - HKLM\..\Run: [Wintim'In Start] C:\Program Files\Accessoires\wintimi6.exe /CTRL - Inconnu
O4 - HKLM\..\Run: [eCarteBleue-BP] "C:\PROGRA~1\E-CART~1\BANQUE~1\ECB-BP.exe" /dontopenmycards - Inconnu
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE - Méchant
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngineMain - Inconnu
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAGENT.EXE - Inconnu
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\SYSTEM\E_S5I0E1.EXE /P26 "EPSON Stylus CX6600 Series" /O5 "LPT1:" /M "Stylus CX6600" - Inconnu
O4 - HKLM\..\Run: [OOUSERV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\PROGRAM\OOUSERV6.EXE - Eventuellement méchant
O4 - HKLM\..\Run: [OOPDFSETTINGSV6.EXE] C:\PROGRAM FILES\OFFICE ONE6.5\OFFICE ONE PDF MANAGER\OOPDFSETTINGSV6.EXE - Eventuellement méchant
O4 - HKLM\..\Run: [BOOT] C:\PROGRAM FILES\ISSENDIS\ISSENDIS WEBUPDATE V6\ISSENDISWEBUPDATEV6.EXE /BOOT - Inconnu
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY - Inconnu
8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm - Méchant
O8 - Extra context menu item: Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML - Méchant
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE - Eventuellement méchant
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing) - Eventuellement méchant
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab - Eventuellement méchant
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.8.cab - Méchant
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net - Eventuellement méchant
salut regis
ne te fie pas au robot il te fait virer des choses qu il ne faut pas
ex
barre aol
copernic et j en passe
ne te fie pas au robot il te fait virer des choses qu il ne faut pas
ex
barre aol
copernic et j en passe
ok jte remercie balltrap a ton avis si je fix cela ca va?
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe"
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSe tup
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)
1.0.0.8.cab
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe"
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSe tup
O9 - Extra button: Xanadu - {5CC384BB-1326-11D5-F4AE-00C04923F885} - C:\Program Files\Foreignword\Xanadu\XanaduLaunch.exe (file missing)
1.0.0.8.cab
pas celle ci
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
celle ci si tu as copernic et aol ne les suppr pas
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
celle ci tu peut la fix juste pour quelle ne soit pas au demarrage
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe"
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
celle ci si tu as copernic et aol ne les suppr pas
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
celle ci tu peut la fix juste pour quelle ne soit pas au demarrage
O4 - HKCU\..\Run: [dlmMgr] "C:\Program Files\Fichiers communs\Adobe\ESD\AdobeDownloadManager.exe"
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question