Help ! Web site viewer - 125788
alexia
-
alexia -
alexia -
Bonjour,
J'ai un virus que je n'arrive pas à supprimer malgré Norton Anti Virrus et malgrès ma tentative de suppression de fichiers sous un mode sans échec.
Dés que j'allume mon PC, une Icone Sex s'affiche avec comme propriétés :
"C:\Program Files\WebSiteViewer\125788.exe" /ac:125788 /sk:tte /lc: /ul
J'ai lancé Hijackthis et voici le résultat du log
Logfile of HijackThis v1.99.1
Scan saved at 17:53:08, on 25/04/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\inetm\winlogon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\ICO.EXE
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\windows\system32\xctjba.exe
C:\WINDOWS\System32\dstart4.exe
C:\WINDOWS\System32\g1ougtm59rjo2wthd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\packager.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\WebSiteViewer\125788.dlr
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alexia\Local Settings\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
C:\WINDOWS\explorer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://letgohome.com/hp.htm?id=9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Alexia\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=C:\WINDOWS\inetm\winlogon.exe
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\W8C6S4~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Alexia\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [xctjba] c:\windows\system32\xctjba.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Windows Service] C:\WINDOWS\System32\dstart4.exe
O4 - HKLM\..\Run: [Control handler] C:\WINDOWS\System32\g1ougtm59rjo2wthd.exe
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKLM\..\RunServices: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O4 - HKCU\..\Run: [Windows Service] C:\WINDOWS\System32\dstart4.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: http://*.windupdates.com
O15 - Trusted Zone: http://*.xxxtoolbar.com
O16 - DPF: {09B3B999-D2C9-6D30-D7BA-69F309B242A0} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0BAF88C5-5879-10F5-9C00-38906EF07426} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0E4BE15A-A3E2-54AC-AA71-6BC3345DE5EA} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0F1D0C38-817E-1839-6A71-2A43552181E6} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc/8Vt0BgjOGTUcy0hMTuFD.chm::/on-line.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {1B7BA5E2-E291-0422-2217-29AB54976BBC} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {24F847D2-AE36-5353-9F5F-2F920DC397E2} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {31F5C23D-D030-7A3D-2643-2D502FBA0AF1} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {3B2EEE0D-C8D7-2761-783C-10A418119C0D} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3B3B43C6-A1C1-0B58-227C-6AE90EECF307} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3FF96E37-F0D3-2721-5982-4BBE1F0D169A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {55357305-031E-4AC1-29DB-70920B29DA6A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/010ad8a20a13e0a78a19/netzip/RdxIE601_fr.cab
O16 - DPF: {5901D877-6234-2290-465E-66943F3AB257} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {5C16899B-975D-1D29-2A79-76DB4BBE4B43} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {6756932F-260C-45DC-4242-117A18FB4F04} - http://69.50.182.94/1/rdgFR1862.exe
O16 - DPF: {6D95A08F-38AB-5968-4DE7-3B851E34C8E4} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {709751B9-540E-7168-19EF-2D835A51D565} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {71E08237-135E-3E78-AA9A-0C6119F1E969} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab
O18 - Filter: text/html - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O18 - Filter: text/plain - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O20 - AppInit_DLLs: i9vy2js65ptkexdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\sony shared\vaio media platform\UPnPFramework.exe
Merci de votre aide !
J'ai un virus que je n'arrive pas à supprimer malgré Norton Anti Virrus et malgrès ma tentative de suppression de fichiers sous un mode sans échec.
Dés que j'allume mon PC, une Icone Sex s'affiche avec comme propriétés :
"C:\Program Files\WebSiteViewer\125788.exe" /ac:125788 /sk:tte /lc: /ul
J'ai lancé Hijackthis et voici le résultat du log
Logfile of HijackThis v1.99.1
Scan saved at 17:53:08, on 25/04/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\inetm\winlogon.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\ICO.EXE
C:\Program Files\sony\vaio power management\SPMgr.exe
C:\Program Files\sony\vaio update 2\VAIOUpdt.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\windows\system32\xctjba.exe
C:\WINDOWS\System32\dstart4.exe
C:\WINDOWS\System32\g1ougtm59rjo2wthd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\system32\packager.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\WebSiteViewer\125788.dlr
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Alexia\Local Settings\Temp\Répertoire temporaire 2 pour hijackthis.zip\HijackThis.exe
C:\WINDOWS\explorer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://letgohome.com/hp.htm?id=9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Alexia\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=C:\WINDOWS\inetm\winlogon.exe
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\W8C6S4~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\sony\vaio power management\SPMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Alexia\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [xctjba] c:\windows\system32\xctjba.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Windows Service] C:\WINDOWS\System32\dstart4.exe
O4 - HKLM\..\Run: [Control handler] C:\WINDOWS\System32\g1ougtm59rjo2wthd.exe
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKLM\..\RunServices: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O4 - HKCU\..\Run: [Windows Service] C:\WINDOWS\System32\dstart4.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: http://*.windupdates.com
O15 - Trusted Zone: http://*.xxxtoolbar.com
O16 - DPF: {09B3B999-D2C9-6D30-D7BA-69F309B242A0} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0BAF88C5-5879-10F5-9C00-38906EF07426} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0E4BE15A-A3E2-54AC-AA71-6BC3345DE5EA} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0F1D0C38-817E-1839-6A71-2A43552181E6} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc/8Vt0BgjOGTUcy0hMTuFD.chm::/on-line.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {1B7BA5E2-E291-0422-2217-29AB54976BBC} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {24F847D2-AE36-5353-9F5F-2F920DC397E2} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {31F5C23D-D030-7A3D-2643-2D502FBA0AF1} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {3B2EEE0D-C8D7-2761-783C-10A418119C0D} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3B3B43C6-A1C1-0B58-227C-6AE90EECF307} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3FF96E37-F0D3-2721-5982-4BBE1F0D169A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {55357305-031E-4AC1-29DB-70920B29DA6A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/010ad8a20a13e0a78a19/netzip/RdxIE601_fr.cab
O16 - DPF: {5901D877-6234-2290-465E-66943F3AB257} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {5C16899B-975D-1D29-2A79-76DB4BBE4B43} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {6756932F-260C-45DC-4242-117A18FB4F04} - http://69.50.182.94/1/rdgFR1862.exe
O16 - DPF: {6D95A08F-38AB-5968-4DE7-3B851E34C8E4} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {709751B9-540E-7168-19EF-2D835A51D565} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {71E08237-135E-3E78-AA9A-0C6119F1E969} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab
O18 - Filter: text/html - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O18 - Filter: text/plain - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O20 - AppInit_DLLs: i9vy2js65ptkexdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\sony\photo server\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Fichiers communs\sony shared\vaio media platform\UPnPFramework.exe
Merci de votre aide !
A voir également:
- Help ! Web site viewer - 125788
- Powerpoint viewer - Télécharger - Présentation
- Création site web - Guide
- Site de telechargement - Accueil - Outils
- Web office - Guide
- Word viewer - Télécharger - Traitement de texte
2 réponses
Salut
terminer ces taches et supprimer les exe
C:\WINDOWS\inetm\winlogon.exe<<<<IMPERATIF
C:\windows\system32\xctjba.exe<<<<SUSPECT
C:\WINDOWS\System32\dstart4.exe<<<< "
C:\WINDOWS\System32\g1ougtm59rjo2wthd.exe<<<< "
C:\windows\system32\packager.exe<<<< "
C:\Program Files\WebSiteViewer\125788.dlr<<SI INCONNU
ensuite cocher et fixer ces lignes
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://letgohome.com/hp.htm?id=9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Alexia\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\W8C6S4~1.DLL
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\RunServices: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O15 - Trusted Zone: http://*.windupdates.com
O15 - Trusted Zone: http://*.xxxtoolbar.com
O16 - DPF: {09B3B999-D2C9-6D30-D7BA-69F309B242A0} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0BAF88C5-5879-10F5-9C00-38906EF07426} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0E4BE15A-A3E2-54AC-AA71-6BC3345DE5EA} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0F1D0C38-817E-1839-6A71-2A43552181E6} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc/8Vt0BgjOGTUcy0hMTuFD.chm::/on-line.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {1B7BA5E2-E291-0422-2217-29AB54976BBC} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {24F847D2-AE36-5353-9F5F-2F920DC397E2} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {31F5C23D-D030-7A3D-2643-2D502FBA0AF1} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {3B2EEE0D-C8D7-2761-783C-10A418119C0D} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3B3B43C6-A1C1-0B58-227C-6AE90EECF307} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3FF96E37-F0D3-2721-5982-4BBE1F0D169A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {55357305-031E-4AC1-29DB-70920B29DA6A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/010ad8a20a13e0a78a19/netzip/RdxIE601_fr.cab
O16 - DPF: {5901D877-6234-2290-465E-66943F3AB257} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {5C16899B-975D-1D29-2A79-76DB4BBE4B43} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {6756932F-260C-45DC-4242-117A18FB4F04} - http://69.50.182.94/1/rdgFR1862.exe
O16 - DPF: {6D95A08F-38AB-5968-4DE7-3B851E34C8E4} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {709751B9-540E-7168-19EF-2D835A51D565} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {71E08237-135E-3E78-AA9A-0C6119F1E969} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab
O18 - Filter: text/html - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O18 - Filter: text/plain - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O20 - AppInit_DLLs: i9vy2js65ptkexdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
terminer ces taches et supprimer les exe
C:\WINDOWS\inetm\winlogon.exe<<<<IMPERATIF
C:\windows\system32\xctjba.exe<<<<SUSPECT
C:\WINDOWS\System32\dstart4.exe<<<< "
C:\WINDOWS\System32\g1ougtm59rjo2wthd.exe<<<< "
C:\windows\system32\packager.exe<<<< "
C:\Program Files\WebSiteViewer\125788.dlr<<SI INCONNU
ensuite cocher et fixer ces lignes
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://letgohome.com/hp.htm?id=9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Alexia\LOCALS~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://letgohome.com/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://letgohome.com/sp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\W8C6S4~1.DLL
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\RunServices: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inetm\winlogon.exe
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {04A8840B-559F-4C96-A659-FC64EA7EC15C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2532A16E-B971-4C04-856B-1AD671F9BB0C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {2A1A5263-38AD-45F9-A6FA-8E1ECF817C8B} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {39EC9863-9EA6-4732-B527-A4949E7106FB} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {4A6C7709-14D4-4FF6-9EC6-871D7EDFD83C} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {51B0C3FE-5705-4F6F-947B-8569273E6C23} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {843C3EA6-EDBF-49C7-B01B-EABFCD17180A} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {BD1162A6-2303-4118-8703-0746D3AB1FBA} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D92C6325-0FD4-4782-B5C0-68F7BA00AC51} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {DD9A1475-9457-455A-A609-62B9941A4F7E} - (no file) (HKCU)
O15 - Trusted Zone: http://*.windupdates.com
O15 - Trusted Zone: http://*.xxxtoolbar.com
O16 - DPF: {09B3B999-D2C9-6D30-D7BA-69F309B242A0} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0BAF88C5-5879-10F5-9C00-38906EF07426} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0E4BE15A-A3E2-54AC-AA71-6BC3345DE5EA} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {0F1D0C38-817E-1839-6A71-2A43552181E6} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc/8Vt0BgjOGTUcy0hMTuFD.chm::/on-line.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {1B7BA5E2-E291-0422-2217-29AB54976BBC} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {24F847D2-AE36-5353-9F5F-2F920DC397E2} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {31F5C23D-D030-7A3D-2643-2D502FBA0AF1} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {3B2EEE0D-C8D7-2761-783C-10A418119C0D} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3B3B43C6-A1C1-0B58-227C-6AE90EECF307} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {3FF96E37-F0D3-2721-5982-4BBE1F0D169A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {55357305-031E-4AC1-29DB-70920B29DA6A} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/010ad8a20a13e0a78a19/netzip/RdxIE601_fr.cab
O16 - DPF: {5901D877-6234-2290-465E-66943F3AB257} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {5C16899B-975D-1D29-2A79-76DB4BBE4B43} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {6756932F-260C-45DC-4242-117A18FB4F04} - http://69.50.182.94/1/rdgFR1862.exe
O16 - DPF: {6D95A08F-38AB-5968-4DE7-3B851E34C8E4} - http://69.50.182.94/1/rdgFR896.exe
O16 - DPF: {709751B9-540E-7168-19EF-2D835A51D565} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {71E08237-135E-3E78-AA9A-0C6119F1E969} - http://69.50.182.94/1/gdnFR896.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab
O18 - Filter: text/html - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O18 - Filter: text/plain - {F7F8E192-30F5-4CC1-85EA-4A5009EC0FC6} - C:\WINDOWS\System32\dhoh.dll
O20 - AppInit_DLLs: i9vy2js65ptkexdll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\sony\vaio media music server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\vaio media platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Fichiers communs\sony shared\vaio media platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
