Win32
Alaptite
Messages postés
5
Statut
Membre
-
^^Marie^^ Messages postés 41884 Date d'inscription Statut Membre Dernière intervention -
^^Marie^^ Messages postés 41884 Date d'inscription Statut Membre Dernière intervention -
Bonsoir, j'ai été infecté par un virus apparemmnet bien connu qu'est le win 32, j'en ai détecté deux:
win 32 start page 444
win 32 SdBot gen 44
Voici mon rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 23:32:04, on 17/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\gvcjdtcg.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Slave.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\NSecurity.exe
C:\WINDOWS\System32\svch.exe
C:\lsass.exe
C:\WINDOWS\System32\mdm.exe
C:\WINDOWS\System32\kaspscays.exe
C:\WINDOWS\System32\arjyzx.exe
C:\WINDOWS\System32\alg32.exe
C:\WINDOWS\msdevmgr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://autoconfig.cpqcorp.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O2 - BHO: (no name) - {7DA81FA0-733A-4120-B38A-3B8AF8A2C6AC} - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O2 - BHO: (no name) - {8E6C490C-AAA7-4410-A1C7-FA769A4F305E} - C:\WINDOWS\System32\pmnnopp.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE Assistant - {B08D32DE-64B2-4137-8345-87293E70D40B} - C:\WINDOWS\System32\iea.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\xlvaxceh.dll",setvm
O4 - HKLM\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKLM\..\Run: [msennger] c:\windows\system32\mui\040e\winfix.com
O4 - HKLM\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [] zzcatQQ.exe
O4 - HKLM\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKLM\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKLM\..\Run: [WinDLL (squardian89.exe)] rundll32.exe C:\WINDOWS\System32\squardian89.exe,start
O4 - HKLM\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKLM\..\Run: [Windll] C:\WINDOWS\windll.exe
O4 - HKLM\..\Run: [WinDLL (sslms.exe)] rundll32.exe C:\WINDOWS\System32\sslms.exe,start
O4 - HKLM\..\Run: [WinDLL (slmss.exe)] rundll32.exe C:\WINDOWS\System32\slmss.exe,start
O4 - HKLM\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKLM\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKLM\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKLM\..\Run: [Microsoft Device Manager] C:\WINDOWS\msdevmgr32.exe
O4 - HKLM\..\Run: [Winsock2 driver] FUK.EXE
O4 - HKLM\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Update] Printer
O4 - HKLM\..\RunServices: [] zzcatQQ.exe
O4 - HKLM\..\RunServices: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\RunServices: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\RunServices: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\RunServices: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\RunServices: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\RunServices: [Windows Update] Printer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKCU\..\Run: [ActiveSync] C:\WINDOWS\System32\wcescom32.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Winamp Media] C:\WINDOWS\System32\qmedia.exe
O4 - HKCU\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKCU\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKCU\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKCU\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKCU\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKCU\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKCU\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKCU\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKCU\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKCU\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKCU\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKCU\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKCU\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKCU\..\Run: [Windows Update] Printer
O4 - HKCU\..\RunServices: [Windows Update] Printer
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by109fd.bay109.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://real.gamehouse.com/games/luxoramun/mjolauncher.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamenext.fr/online2/gold_fever/goldfever.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=511b839e1a06a244988100f102315025/aff=t_25oa_frca_wg/p/release/playfirst/wg_dinerdash/dinerdash/DinerDash.1.0.0.58.cab
O20 - Winlogon Notify: cmrsv - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O20 - Winlogon Notify: pmnnopp - pmnnopp.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DomainService - - C:\WINDOWS\System32\gvcjdtcg.exe
O23 - Service: EnGenius Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winegne.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\qxchost.exe (file missing)
O23 - Service: Microsoft VPS Service - Unknown owner - C:\WINDOWS\System32\dllcache\msvps.exe (file missing)
O23 - Service: RA Server (Slave) - TWD Industries SAS - C:\WINDOWS\Slave.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
Quelqu'un peut-il m'aider?
Merci d'avance...
win 32 start page 444
win 32 SdBot gen 44
Voici mon rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 23:32:04, on 17/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\gvcjdtcg.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Slave.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\NSecurity.exe
C:\WINDOWS\System32\svch.exe
C:\lsass.exe
C:\WINDOWS\System32\mdm.exe
C:\WINDOWS\System32\kaspscays.exe
C:\WINDOWS\System32\arjyzx.exe
C:\WINDOWS\System32\alg32.exe
C:\WINDOWS\msdevmgr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://autoconfig.cpqcorp.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O2 - BHO: (no name) - {7DA81FA0-733A-4120-B38A-3B8AF8A2C6AC} - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O2 - BHO: (no name) - {8E6C490C-AAA7-4410-A1C7-FA769A4F305E} - C:\WINDOWS\System32\pmnnopp.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE Assistant - {B08D32DE-64B2-4137-8345-87293E70D40B} - C:\WINDOWS\System32\iea.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\xlvaxceh.dll",setvm
O4 - HKLM\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKLM\..\Run: [msennger] c:\windows\system32\mui\040e\winfix.com
O4 - HKLM\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [] zzcatQQ.exe
O4 - HKLM\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKLM\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKLM\..\Run: [WinDLL (squardian89.exe)] rundll32.exe C:\WINDOWS\System32\squardian89.exe,start
O4 - HKLM\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKLM\..\Run: [Windll] C:\WINDOWS\windll.exe
O4 - HKLM\..\Run: [WinDLL (sslms.exe)] rundll32.exe C:\WINDOWS\System32\sslms.exe,start
O4 - HKLM\..\Run: [WinDLL (slmss.exe)] rundll32.exe C:\WINDOWS\System32\slmss.exe,start
O4 - HKLM\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKLM\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKLM\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKLM\..\Run: [Microsoft Device Manager] C:\WINDOWS\msdevmgr32.exe
O4 - HKLM\..\Run: [Winsock2 driver] FUK.EXE
O4 - HKLM\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Update] Printer
O4 - HKLM\..\RunServices: [] zzcatQQ.exe
O4 - HKLM\..\RunServices: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\RunServices: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\RunServices: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\RunServices: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\RunServices: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\RunServices: [Windows Update] Printer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKCU\..\Run: [ActiveSync] C:\WINDOWS\System32\wcescom32.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Winamp Media] C:\WINDOWS\System32\qmedia.exe
O4 - HKCU\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKCU\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKCU\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKCU\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKCU\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKCU\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKCU\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKCU\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKCU\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKCU\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKCU\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKCU\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKCU\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKCU\..\Run: [Windows Update] Printer
O4 - HKCU\..\RunServices: [Windows Update] Printer
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by109fd.bay109.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://real.gamehouse.com/games/luxoramun/mjolauncher.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamenext.fr/online2/gold_fever/goldfever.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=511b839e1a06a244988100f102315025/aff=t_25oa_frca_wg/p/release/playfirst/wg_dinerdash/dinerdash/DinerDash.1.0.0.58.cab
O20 - Winlogon Notify: cmrsv - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O20 - Winlogon Notify: pmnnopp - pmnnopp.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DomainService - - C:\WINDOWS\System32\gvcjdtcg.exe
O23 - Service: EnGenius Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winegne.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\qxchost.exe (file missing)
O23 - Service: Microsoft VPS Service - Unknown owner - C:\WINDOWS\System32\dllcache\msvps.exe (file missing)
O23 - Service: RA Server (Slave) - TWD Industries SAS - C:\WINDOWS\Slave.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
Quelqu'un peut-il m'aider?
Merci d'avance...
Configuration: Windows XP Firefox 2.0.0.6
2 réponses
-
bonsoir,
svp fais tes mise à jour !!! tu es encore en SP1
regarde dans la liste je vois même des véroles du genre zzcatQQ.exe
Méthode préliminaire de désinfection - Version Fr
bonne nuit
-
moi je vais encore moi te rassurer mais la c'est un nid a virus
meme avast ne peut rien le mieux serait de reformater ton dd c'est la meilleur solution
-
-
- Bonjour
Regarde ici pour le SP2
https://support.microsoft.com/fr-fr/allproducts
Il est plus sécurisé
Je repasse pour ton log
A+
EDIT tu avais Norton avant ???
Dans ajout/supp des programmes, supprime tout de suite MyWebSearch
Fait aussi démarrer/rechercher tu supprimes tout ce que tu trouves concernant cette merdouille
Tu as chopé pleins de véroles avec ça
-