Pour regis 59
dragee
-
balltrap34 Messages postés 16241 Statut Contributeur sécurité -
balltrap34 Messages postés 16241 Statut Contributeur sécurité -
Pardon pour le changement d'identité, erreur de manip !! Logfile of HijackThis v1.99.1
Scan saved at 11:39:49, on 02/07/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\NaviSearch\bin\nls.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\WINDOWS\System32\flegfe.exe
C:\windows\system32\msdmxm.exe
C:\windows\system32\sp2ctr.exe
C:\windows\system32\evthtm.exe
C:\windows\system32\sysdxvid.exe
C:\windows\system32\dxvid.exe
C:\Program Files\4si5smb3\4si5smb3.exe
C:\windows\system32\coyzejt.exe
C:\KMaestro\Key_f.EXE
C:\WINDOWS\System32\i094vsat.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\twain_32\A4CIS\WATCH.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\Program Files\4si5smb3\72019940.exe
C:\Program Files\4si5smb3\4si5smb3.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\PATRICK\Bureau\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.shopnav.com/q.cgi?q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000000-0000-4AFD-9C14-F398DCAF6127} - C:\Program Files\4si5smb3\4si5smb3.dll
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - C:\WINDOWS\mslagent\4b_1,0,1,2_mslagent.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: (no name) - {0FA1E4EE-AA52-4267-B0FB-F24575AF6529} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {1394EAB9-9B0E-4AFA-A79C-A353EB981442} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: RsyncHlpr Class - {16B238D5-80DE-47CE-8F17-B3ECE2C2248D} - C:\WINDOWS\System32\rsyncmon.dll
O2 - BHO: Var1Helper Class - {1C4DA27D-4D52-4465-A089-98E01BB725CA} - C:\WINDOWS\System32\inetdctr.dll (file missing)
O2 - BHO: ohb - {22B720C7-5FA6-40A8-9F8F-8584BF669690} - C:\WINDOWS\System32\trgen.dll
O2 - BHO: ExplorerExtObj Class - {23BC1CCF-4BE7-497F-B154-6ADA68425FBB} - C:\WINDOWS\System32\expext.dll
O2 - BHO: (no name) - {33F6B1F2-B991-4D9A-B3F7-7DC92C4256D2} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3712119C-C532-4191-A94A-BE6FC30CC5EA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {403E4A39-6AFF-4964-A251-571F247FE128} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {45092175-4F4E-4D61-8970-AAEFD73500EC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4A5DBDDE-20A0-46CD-9425-AB751855CA65} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: ohb - {4D568F0F-8AC9-40AB-88B7-415134C78777} - C:\WINDOWS\System32\winb2s32.dll
O2 - BHO: (no name) - {520B308B-899C-4200-AA77-D83CBA262AE9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {52394CC6-825F-4B91-B142-ADB1B8B6E809} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {56A2EBD1-FCC2-4EEC-9C41-82A5563F1BCC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {697B48B0-E524-470A-9C16-2AD05C1E42CC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7313CE0A-6CE2-4FC7-B486-FECBE1D3F938} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {78BA41D4-9C1C-4748-8870-AD5C723C785E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {87DE192A-8255-4913-A0CA-ACAC6698F033} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {983170D0-196E-4DEC-8897-B16FD3657938} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\System32\nse2.dll
O2 - BHO: (no name) - {9B1F1895-EB1B-4EAD-B909-0F15993ACD01} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {A908B64D-6362-47A7-AA00-A259C9594102} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {AB352F4F-C506-48FB-8435-39025D002B50} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {ABCDD0B9-0BAA-4B96-B98D-5B4540D28771} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll
O2 - BHO: (no name) - {B393CD14-D175-44C8-8BFC-739309FCFDD5} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B80AA8C2-4425-4FB1-8273-93A3920C1F70} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B8929D7F-335C-42A3-93BD-CF6E2740E0B9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C11DBFA5-0D5F-42C4-A281-681D4794AF9E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: ohb - {CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01} - C:\WINDOWS\System32\dsktrf.dll
O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\Program Files\Bargain Buddy\bin2\apuc.dll (file missing)
O2 - BHO: (no name) - {D690A041-BF60-455D-9675-819914BA5646} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {D942DA0C-1063-406D-97DD-36023067CEC8} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {DD442CDB-EC21-4340-8957-03EA07ABF2C1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {E08D9312-E3EC-45CE-A071-2AB5A3BEC6E4} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {EFD9BBA0-1347-4661-A301-F76773B8D02E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: RichEditor Class - {F79A2C4B-8776-4ED7-8B2F-4786A4A3500A} - C:\WINDOWS\System32\richedtr.dll
O2 - BHO: (no name) - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - C:\Program Files\Lycos\sst.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Begin2Search.com Bar - {52FE5233-367C-4EFB-BDD7-0BE4D212C107} - C:\WINDOWS\System32\winb2s32.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [Syscpy] C:\WINDOWS\System32\syscpy.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Explkw] C:\WINDOWS\System32\expup.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [sysme] C:\WINDOWS\System32\sysme.exe
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [nfnvprmvjmt] C:\WINDOWS\System32\flegfe.exe
O4 - HKLM\..\Run: [Msdmxm] c:\windows\system32\msdmxm.exe /nocomm
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [sysdxvid] c:\windows\system32\sysdxvid.exe /nocomm
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [RSync] C:\WINDOWS\System32\netsync.exe
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\PATRICK\LOCALS~1\Temp\II22.exe run
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\pxckdla.exe
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [4si5smb3] C:\Program Files\4si5smb3\4si5smb3.exe
O4 - HKLM\..\Run: [coyzejt] c:\windows\system32\coyzejt.exe -start
O4 - HKLM\..\Run: [i094vsat] C:\WINDOWS\System32\i094vsat.exe
O4 - HKLM\..\Run: [richup] C:\WINDOWS\System32\richup.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1059.dll,InstantAccess
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner\RegClean.exe"
O4 - HKCU\..\Run: [Updater] C:\Program Files\Carpe Diem\BlackLuxure\CDUpdater.exe CD_UPDATER
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Locators.com Search Bar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - (no file)
O9 - Extra 'Tools' menuitem: Locators.com Search Bar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120147686575
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9BCABF07-7D9C-4CCB-8873-7729DE970701}: NameServer = 212.27.54.252 213.228.0.168
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Scan saved at 11:39:49, on 02/07/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\NaviSearch\bin\nls.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\WINDOWS\System32\flegfe.exe
C:\windows\system32\msdmxm.exe
C:\windows\system32\sp2ctr.exe
C:\windows\system32\evthtm.exe
C:\windows\system32\sysdxvid.exe
C:\windows\system32\dxvid.exe
C:\Program Files\4si5smb3\4si5smb3.exe
C:\windows\system32\coyzejt.exe
C:\KMaestro\Key_f.EXE
C:\WINDOWS\System32\i094vsat.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\twain_32\A4CIS\WATCH.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\Program Files\4si5smb3\72019940.exe
C:\Program Files\4si5smb3\4si5smb3.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\PATRICK\Bureau\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.shopnav.com/sidesearch.cgi?uid=11169707&id=5.20013
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.shopnav.com/q.cgi?q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000000-0000-4AFD-9C14-F398DCAF6127} - C:\Program Files\4si5smb3\4si5smb3.dll
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - C:\WINDOWS\mslagent\4b_1,0,1,2_mslagent.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: (no name) - {0FA1E4EE-AA52-4267-B0FB-F24575AF6529} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {1394EAB9-9B0E-4AFA-A79C-A353EB981442} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: RsyncHlpr Class - {16B238D5-80DE-47CE-8F17-B3ECE2C2248D} - C:\WINDOWS\System32\rsyncmon.dll
O2 - BHO: Var1Helper Class - {1C4DA27D-4D52-4465-A089-98E01BB725CA} - C:\WINDOWS\System32\inetdctr.dll (file missing)
O2 - BHO: ohb - {22B720C7-5FA6-40A8-9F8F-8584BF669690} - C:\WINDOWS\System32\trgen.dll
O2 - BHO: ExplorerExtObj Class - {23BC1CCF-4BE7-497F-B154-6ADA68425FBB} - C:\WINDOWS\System32\expext.dll
O2 - BHO: (no name) - {33F6B1F2-B991-4D9A-B3F7-7DC92C4256D2} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {3712119C-C532-4191-A94A-BE6FC30CC5EA} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {403E4A39-6AFF-4964-A251-571F247FE128} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {45092175-4F4E-4D61-8970-AAEFD73500EC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {4A5DBDDE-20A0-46CD-9425-AB751855CA65} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: ohb - {4D568F0F-8AC9-40AB-88B7-415134C78777} - C:\WINDOWS\System32\winb2s32.dll
O2 - BHO: (no name) - {520B308B-899C-4200-AA77-D83CBA262AE9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {52394CC6-825F-4B91-B142-ADB1B8B6E809} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {56A2EBD1-FCC2-4EEC-9C41-82A5563F1BCC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {697B48B0-E524-470A-9C16-2AD05C1E42CC} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {7313CE0A-6CE2-4FC7-B486-FECBE1D3F938} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {78BA41D4-9C1C-4748-8870-AD5C723C785E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {87DE192A-8255-4913-A0CA-ACAC6698F033} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {983170D0-196E-4DEC-8897-B16FD3657938} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\System32\nse2.dll
O2 - BHO: (no name) - {9B1F1895-EB1B-4EAD-B909-0F15993ACD01} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {A908B64D-6362-47A7-AA00-A259C9594102} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {AB352F4F-C506-48FB-8435-39025D002B50} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {ABCDD0B9-0BAA-4B96-B98D-5B4540D28771} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll
O2 - BHO: (no name) - {B393CD14-D175-44C8-8BFC-739309FCFDD5} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B80AA8C2-4425-4FB1-8273-93A3920C1F70} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {B8929D7F-335C-42A3-93BD-CF6E2740E0B9} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {C11DBFA5-0D5F-42C4-A281-681D4794AF9E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: ohb - {CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01} - C:\WINDOWS\System32\dsktrf.dll
O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\Program Files\Bargain Buddy\bin2\apuc.dll (file missing)
O2 - BHO: (no name) - {D690A041-BF60-455D-9675-819914BA5646} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {D942DA0C-1063-406D-97DD-36023067CEC8} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {DD442CDB-EC21-4340-8957-03EA07ABF2C1} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {E08D9312-E3EC-45CE-A071-2AB5A3BEC6E4} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: (no name) - {EFD9BBA0-1347-4661-A301-F76773B8D02E} - C:\Program Files\CSBB\CSBB.dll (file missing)
O2 - BHO: RichEditor Class - {F79A2C4B-8776-4ED7-8B2F-4786A4A3500A} - C:\WINDOWS\System32\richedtr.dll
O2 - BHO: (no name) - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - C:\Program Files\Lycos\sst.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Begin2Search.com Bar - {52FE5233-367C-4EFB-BDD7-0BE4D212C107} - C:\WINDOWS\System32\winb2s32.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [Syscpy] C:\WINDOWS\System32\syscpy.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Explkw] C:\WINDOWS\System32\expup.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [sysme] C:\WINDOWS\System32\sysme.exe
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [nfnvprmvjmt] C:\WINDOWS\System32\flegfe.exe
O4 - HKLM\..\Run: [Msdmxm] c:\windows\system32\msdmxm.exe /nocomm
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [sysdxvid] c:\windows\system32\sysdxvid.exe /nocomm
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [RSync] C:\WINDOWS\System32\netsync.exe
O4 - HKLM\..\Run: [SAHBundle] C:\DOCUME~1\PATRICK\LOCALS~1\Temp\II22.exe run
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\pxckdla.exe
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [4si5smb3] C:\Program Files\4si5smb3\4si5smb3.exe
O4 - HKLM\..\Run: [coyzejt] c:\windows\system32\coyzejt.exe -start
O4 - HKLM\..\Run: [i094vsat] C:\WINDOWS\System32\i094vsat.exe
O4 - HKLM\..\Run: [richup] C:\WINDOWS\System32\richup.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1059.dll,InstantAccess
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\Registry Cleaner\RegClean.exe"
O4 - HKCU\..\Run: [Updater] C:\Program Files\Carpe Diem\BlackLuxure\CDUpdater.exe CD_UPDATER
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Locators.com Search Bar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - (no file)
O9 - Extra 'Tools' menuitem: Locators.com Search Bar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120147686575
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9BCABF07-7D9C-4CCB-8873-7729DE970701}: NameServer = 212.27.54.252 213.228.0.168
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
A voir également:
- Pour regis 59
- Indicatif 59 - Guide
- 03 59 indicatif ✓ - Forum Mobile
- Indicatif +59 ✓ - Forum Mobile
- "+262 262 94 59 47" - Forum jeux en ligne
- Psociete.com prelevement 59 euros - Forum Consommation & Internet
4 réponses
euh,
bonjour
qui es tu? quel etait l ancien poste stp? car la jsuis perdu !
mais bon, si j ai le temps je te fais ca en debut d aprem ou si balltrap est present et qu il veut bien me rendre service a l analyser ca serait simpa
sinon a bientot
a+
bonjour
qui es tu? quel etait l ancien poste stp? car la jsuis perdu !
mais bon, si j ai le temps je te fais ca en debut d aprem ou si balltrap est present et qu il veut bien me rendre service a l analyser ca serait simpa
sinon a bientot
a+
il rode lol
Merci balltrap , y a pas mal de choses a virer et la jviens de me reveiller donc fo pas trop m en demander lol
merci amigo, bon courage
a+ balltrap ;-)
Merci balltrap , y a pas mal de choses a virer et la jviens de me reveiller donc fo pas trop m en demander lol
merci amigo, bon courage
a+ balltrap ;-)
lol
deja telecharge ces log et utilise les
meme si tu les a deja verifie si tu as les dernieres versions
tous da bord telecharge ces programmes si tu ne les a pas et met les a jour mais avnt de les utiliser
adaware (1)version 1.06
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
spyboot (2)version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus
et aussi ceci
CleanUp40.exe(3)
voir demo
http://pageperso.aol.fr/balltrap34/democleanup.htm
a2(4)
http://www.emsisoft.net/fr/
penser a le metre a jour avant de scanner le pc
apres tous cela tu redemarre et tu refait un hijack
deja telecharge ces log et utilise les
meme si tu les a deja verifie si tu as les dernieres versions
tous da bord telecharge ces programmes si tu ne les a pas et met les a jour mais avnt de les utiliser
adaware (1)version 1.06
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
spyboot (2)version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus
et aussi ceci
CleanUp40.exe(3)
voir demo
http://pageperso.aol.fr/balltrap34/democleanup.htm
a2(4)
http://www.emsisoft.net/fr/
penser a le metre a jour avant de scanner le pc
apres tous cela tu redemarre et tu refait un hijack
