Sujet Précédent Sujet Suivant

Les 3 rapports

Fermé
nicolas94400 Messages postés 7 Date d'inscription dimanche 10 décembre 2006 Statut Membre Dernière intervention 10 décembre 2006 - 10 déc. 2006 à 21:32
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 10 déc. 2006 à 23:39
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 09:45:51 10/12/2006

+ Résultat de l'analyse:



C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP207\A0087775.exe -> Adware.Casino : Ignoré.
HKU\S-1-5-21-1159455728-3545418749-284939427-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38} -> Adware.Generic : Ignoré.
C:\Program Files\DivX\Google\Firefox\ffinstaller.exe -> Adware.MediaTicket : Ignoré.
C:\Program Files\NewDotNet -> Adware.NewDotNet : Ignoré.
C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Ignoré.
C:\Program Files\NewDotNet\uninstall6_38.exe -> Adware.NewDotNet : Ignoré.
C:\Program Files\NewDotNet\uninstall7_22.exe -> Adware.NewDotNet : Ignoré.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP258\A0129871.EXE -> Adware.NewDotNet : Ignoré.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP258\A0130455.dll -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink.1 -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CLSID -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CurVer -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\New.net Startup -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\New.net -> Adware.NewDotNet : Ignoré.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Ignoré.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Ignoré.
HKU\S-1-5-21-1159455728-3545418749-284939427-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignoré.
HKU\S-1-5-21-1159455728-3545418749-284939427-1009\Software\New.net -> Adware.NewDotNet : Ignoré.
[1072] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
[1144] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[1196] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
[1264] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[1976] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
[2128] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[2788] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[2856] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[2884] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
[3188] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
[3536] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[3624] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[3840] C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL -> Adware.NewDotNet : Ignoré.
[968] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignoré.
C:\Program Files\WhenUSearch -> Adware.SaveNow : Ignoré.
C:\Program Files\WhenUSearch\search.dll -> Adware.SaveNow : Ignoré.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP237\A0123228.exe -> Adware.SaveNow : Ignoré.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP237\A0123229.exe -> Adware.SaveNow : Ignoré.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP237\A0123230.exe -> Adware.SaveNow : Ignoré.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP258\A0129873.exe -> Adware.SaveNow : Ignoré.
HKLM\SOFTWARE\Classes\WUSE.1 -> Adware.SaveNow : Ignoré.
HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Ignoré.
HKU\S-1-5-21-1159455728-3545418749-284939427-1009\Software\EGDHTML -> Dialer.Generic : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@estat[1].txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@overture[1].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\NICOLAS\Cookies\nicolas@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@statcounter[2].txt -> TrackingCookie.Statcounter : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
C:\Documents and Settings\NICOLAS\Local Settings\Temp\Cookies\nicolas@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
C:\WINDOWS\system32\Dawn.scr -> Trojan.NSAnti.A : Ignoré.


Fin du rapport


rapport bitdefender online scanner


BitDefender Online Scanner



Scan report generated at: Sun, Dec 10, 2006 - 15:08:26





Scan path: C:\;D:\;E:\;F:\;G:\;H:\;I:\;







Statistics

Time
01:26:33

Files
501757

Folders
7520

Boot Sectors
3

Archives
19214

Packed Files
60130




Results

Identified Viruses
3

Infected Files
4

Suspect Files
1

Warnings
0

Disinfected
0

Deleted Files
6




Engines Info

Virus Definitions
328356

Engine build
AVCORE v1.0 (build 2368) (i386) (Nov 16 2006 11:31:19)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes


rapport hijackthis

Scanned File
Status

C:\Documents and Settings\NICOLAS\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jIRC_NSSigned.zip-4427d26b-50ff46e0.zip=>UserInfoDialog.class
Infected with: Java.Trojan.Jvantiur.A

C:\Documents and Settings\NICOLAS\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jIRC_NSSigned.zip-4427d26b-50ff46e0.zip=>UserInfoDialog.class
Disinfection failed

C:\Documents and Settings\NICOLAS\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jIRC_NSSigned.zip-4427d26b-50ff46e0.zip=>UserInfoDialog.class
Deleted

C:\Documents and Settings\NICOLAS\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jIRC_NSSigned.zip-4427d26b-50ff46e0.zip
Updated

C:\Program Files\eMule\Incoming\Prehistorik 2.zip=>BOULA.TRK
Infected with: Trivial.101.C

C:\Program Files\eMule\Incoming\Prehistorik 2.zip=>BOULA.TRK
Disinfection failed

C:\Program Files\eMule\Incoming\Prehistorik 2.zip=>BOULA.TRK
Deleted

C:\Program Files\eMule\Incoming\Prehistorik 2.zip
Updated

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP293\A0147771.exe=>(Quarantine-2)
Infected with: DeepScan:Generic.Malware.SN!!.948370C5

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP293\A0147771.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP293\A0147771.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP293\A0147772.exe=>(Quarantine-2)
Infected with: DeepScan:Generic.Malware.SN!!.948370C5

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP293\A0147772.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP293\A0147772.exe=>(Quarantine-2)
Deleted

C:\WINDOWS\system32\icpldrvx.exe
Suspected of: BehavesLike:Win32.SMTP-Mailer

C:\WINDOWS\system32\icpldrvx.exe
Disinfection failed

C:\WINDOWS\system32\icpldrvx.exe
Delete failed

Logfile of HijackThis v1.99.1
Scan saved at 16:59:03, on 10/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\icpldrvx.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\implus\implus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\NICOLAS\LOCALS~1\Temp\Rar$EX00.782\HijackThis.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [hsgjyn] c:\windows\system32\hsgjyn.exe hsgjyn
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Inside Readme Flaw Dent] C:\Documents and Settings\All Users\Application Data\bore save inside readme\bolt build.exe
O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SphereXP] C:\Program Files\SphereXP\SphereXP.exe
O4 - HKCU\..\Run: [unilex03] C:\PROGRA~1\MICROA~1\LAGRAN~1\tft.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1052.dll,InstantAccess
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [the bleh] C:\DOCUME~1\NICOLAS\APPLIC~1\PROCCL~1\pileslow.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [implus] C:\Program Files\implus\implus.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?344a1822a1dc478ab9fd6ab726174b98
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?344a1822a1dc478ab9fd6ab726174b98
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://m6video.m6.fr/1click/install/files/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/zuma/oberongamesloader.cab
O16 - DPF: {E49A9FCB-FAA9-4C1F-A1C1-54920DA2CCA4} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1052_FR_XP.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

2 réponses

Réponse 1 / 2
xemor Messages postés 140 Date d'inscription vendredi 8 décembre 2006 Statut Membre Dernière intervention 29 juillet 2008 2
10 déc. 2006 à 23:00
Bonjour,

Tu as des choses à supprimer :

1/ Relance hijack et fixe les lignes suivantes (uniquement celles là) :

O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

2/ Charge lspfix à l'adresse suivante

http://cexx.org/lspfix.htm

Lance le puis selectionne le fichier où apparait new net et supprime le

3/ Reposte un log hijackthis
0
Réponse 2 / 2
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
10 déc. 2006 à 23:39
**DOUBLONS**

rapport hijackthis#2006 12 10%2023%3A37%3A47

0

Discussions similaires

Que signifie cet emoji :3
Moi -
AssassinTourist -

2 réponses
Voxbone ? qui est-ce ?
fanfan54 -
djakool4 -

158 réponses
Signification de " :3 "
blanchecanelle -
Pistounette -

5 réponses
signification "<3" dans un sms
lecogno -
Utilisateur anonyme -

3 réponses
3 bip long 2 bip courts
bgielel -
Bgiebgielel -

14 réponses