Win32
Alaptite
Messages postés
5
Statut
Membre
-
^^Marie^^ Messages postés 41884 Date d'inscription Statut Membre Dernière intervention -
^^Marie^^ Messages postés 41884 Date d'inscription Statut Membre Dernière intervention -
Bonsoir, j'ai été infecté par un virus apparemmnet bien connu qu'est le win 32, j'en ai détecté deux:
win 32 start page 444
win 32 SdBot gen 44
Voici mon rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 23:32:04, on 17/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\gvcjdtcg.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Slave.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\NSecurity.exe
C:\WINDOWS\System32\svch.exe
C:\lsass.exe
C:\WINDOWS\System32\mdm.exe
C:\WINDOWS\System32\kaspscays.exe
C:\WINDOWS\System32\arjyzx.exe
C:\WINDOWS\System32\alg32.exe
C:\WINDOWS\msdevmgr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://autoconfig.cpqcorp.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O2 - BHO: (no name) - {7DA81FA0-733A-4120-B38A-3B8AF8A2C6AC} - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O2 - BHO: (no name) - {8E6C490C-AAA7-4410-A1C7-FA769A4F305E} - C:\WINDOWS\System32\pmnnopp.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE Assistant - {B08D32DE-64B2-4137-8345-87293E70D40B} - C:\WINDOWS\System32\iea.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\xlvaxceh.dll",setvm
O4 - HKLM\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKLM\..\Run: [msennger] c:\windows\system32\mui\040e\winfix.com
O4 - HKLM\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [] zzcatQQ.exe
O4 - HKLM\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKLM\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKLM\..\Run: [WinDLL (squardian89.exe)] rundll32.exe C:\WINDOWS\System32\squardian89.exe,start
O4 - HKLM\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKLM\..\Run: [Windll] C:\WINDOWS\windll.exe
O4 - HKLM\..\Run: [WinDLL (sslms.exe)] rundll32.exe C:\WINDOWS\System32\sslms.exe,start
O4 - HKLM\..\Run: [WinDLL (slmss.exe)] rundll32.exe C:\WINDOWS\System32\slmss.exe,start
O4 - HKLM\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKLM\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKLM\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKLM\..\Run: [Microsoft Device Manager] C:\WINDOWS\msdevmgr32.exe
O4 - HKLM\..\Run: [Winsock2 driver] FUK.EXE
O4 - HKLM\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Update] Printer
O4 - HKLM\..\RunServices: [] zzcatQQ.exe
O4 - HKLM\..\RunServices: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\RunServices: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\RunServices: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\RunServices: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\RunServices: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\RunServices: [Windows Update] Printer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKCU\..\Run: [ActiveSync] C:\WINDOWS\System32\wcescom32.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Winamp Media] C:\WINDOWS\System32\qmedia.exe
O4 - HKCU\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKCU\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKCU\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKCU\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKCU\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKCU\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKCU\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKCU\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKCU\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKCU\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKCU\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKCU\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKCU\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKCU\..\Run: [Windows Update] Printer
O4 - HKCU\..\RunServices: [Windows Update] Printer
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by109fd.bay109.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://real.gamehouse.com/games/luxoramun/mjolauncher.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamenext.fr/online2/gold_fever/goldfever.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=511b839e1a06a244988100f102315025/aff=t_25oa_frca_wg/p/release/playfirst/wg_dinerdash/dinerdash/DinerDash.1.0.0.58.cab
O20 - Winlogon Notify: cmrsv - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O20 - Winlogon Notify: pmnnopp - pmnnopp.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DomainService - - C:\WINDOWS\System32\gvcjdtcg.exe
O23 - Service: EnGenius Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winegne.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\qxchost.exe (file missing)
O23 - Service: Microsoft VPS Service - Unknown owner - C:\WINDOWS\System32\dllcache\msvps.exe (file missing)
O23 - Service: RA Server (Slave) - TWD Industries SAS - C:\WINDOWS\Slave.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
Quelqu'un peut-il m'aider?
Merci d'avance...
win 32 start page 444
win 32 SdBot gen 44
Voici mon rapport de hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 23:32:04, on 17/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\gvcjdtcg.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Slave.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\NSecurity.exe
C:\WINDOWS\System32\svch.exe
C:\lsass.exe
C:\WINDOWS\System32\mdm.exe
C:\WINDOWS\System32\kaspscays.exe
C:\WINDOWS\System32\arjyzx.exe
C:\WINDOWS\System32\alg32.exe
C:\WINDOWS\msdevmgr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotinfolink.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://autoconfig.cpqcorp.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O2 - BHO: (no name) - {7DA81FA0-733A-4120-B38A-3B8AF8A2C6AC} - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O2 - BHO: (no name) - {8E6C490C-AAA7-4410-A1C7-FA769A4F305E} - C:\WINDOWS\System32\pmnnopp.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IE Assistant - {B08D32DE-64B2-4137-8345-87293E70D40B} - C:\WINDOWS\System32\iea.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: &VSAdd-in - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in.dll (file missing)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\xlvaxceh.dll",setvm
O4 - HKLM\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKLM\..\Run: [msennger] c:\windows\system32\mui\040e\winfix.com
O4 - HKLM\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [] zzcatQQ.exe
O4 - HKLM\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKLM\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKLM\..\Run: [WinDLL (squardian89.exe)] rundll32.exe C:\WINDOWS\System32\squardian89.exe,start
O4 - HKLM\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKLM\..\Run: [Windll] C:\WINDOWS\windll.exe
O4 - HKLM\..\Run: [WinDLL (sslms.exe)] rundll32.exe C:\WINDOWS\System32\sslms.exe,start
O4 - HKLM\..\Run: [WinDLL (slmss.exe)] rundll32.exe C:\WINDOWS\System32\slmss.exe,start
O4 - HKLM\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKLM\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKLM\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKLM\..\Run: [Microsoft Device Manager] C:\WINDOWS\msdevmgr32.exe
O4 - HKLM\..\Run: [Winsock2 driver] FUK.EXE
O4 - HKLM\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Update] Printer
O4 - HKLM\..\RunServices: [] zzcatQQ.exe
O4 - HKLM\..\RunServices: [NvCp1Do] C:\lsass.exe
O4 - HKLM\..\RunServices: [Virscanner] c:\windows\smss.exe
O4 - HKLM\..\RunServices: [AntiVir] c:\Program Files\smss.exe
O4 - HKLM\..\RunServices: [Msnmsgr.exe] c:\lsass.exe
O4 - HKLM\..\RunServices: [Windows Secure Update ] arjyzx.exe
O4 - HKLM\..\RunServices: [Windows Update] Printer
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Offices Monitorse] C:\WINDOWS\System32\algose32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Office Monitors] C:\WINDOWS\System32\GoogleUpdater.exe
O4 - HKCU\..\Run: [ActiveSync] C:\WINDOWS\System32\wcescom32.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Winamp Media] C:\WINDOWS\System32\qmedia.exe
O4 - HKCU\..\Run: [Network Security] C:\WINDOWS\System32\NSecurity.exe
O4 - HKCU\..\Run: [Windows Security Center Notification Appls] C:\WINDOWS\System32\sxe.exe
O4 - HKCU\..\Run: [Office Monitor Word Exel R] C:\WINDOWS\System32\svch.exe
O4 - HKCU\..\Run: [NvCp1Do] C:\lsass.exe
O4 - HKCU\..\Run: [Virscanner] c:\windows\smss.exe
O4 - HKCU\..\Run: [AntiVir] c:\Program Files\smss.exe
O4 - HKCU\..\Run: [Msnmsgr.exe] c:\lsass.exe
O4 - HKCU\..\Run: [ICQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKCU\..\Run: [Office SQL Monitor] C:\WINDOWS\System32\mdm.exe
O4 - HKCU\..\Run: [Windows Secure Update ] arjyzx.exe
O4 - HKCU\..\Run: [Network Socialiy] C:\WINDOWS\System32\kaspscays.exe
O4 - HKCU\..\Run: [Office Monitor] C:\WINDOWS\System32\alg32.exe
O4 - HKCU\..\Run: [Office Monitor Secure Systema] C:\WINDOWS\System32\absecure32.exe
O4 - HKCU\..\Run: [Windows Update] Printer
O4 - HKCU\..\RunServices: [Windows Update] Printer
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by109fd.bay109.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://real.gamehouse.com/games/luxoramun/mjolauncher.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://www.gamenext.fr/online2/gold_fever/goldfever.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://webgames.d.tmsrv.com/c=511b839e1a06a244988100f102315025/aff=t_25oa_frca_wg/p/release/playfirst/wg_dinerdash/dinerdash/DinerDash.1.0.0.58.cab
O20 - Winlogon Notify: cmrsv - C:\WINDOWS\Fonts\cmrsv.dll (file missing)
O20 - Winlogon Notify: pmnnopp - pmnnopp.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DomainService - - C:\WINDOWS\System32\gvcjdtcg.exe
O23 - Service: EnGenius Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winegne.exe (file missing)
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - rundll32.exe (file missing)
O23 - Service: Microsoft Agent - Unknown owner - C:\WINDOWS\System32\dllcache\qxchost.exe (file missing)
O23 - Service: Microsoft VPS Service - Unknown owner - C:\WINDOWS\System32\dllcache\msvps.exe (file missing)
O23 - Service: RA Server (Slave) - TWD Industries SAS - C:\WINDOWS\Slave.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
Quelqu'un peut-il m'aider?
Merci d'avance...
2 réponses
bonsoir,
svp fais tes mise à jour !!! tu es encore en SP1
regarde dans la liste je vois même des véroles du genre zzcatQQ.exe
Méthode préliminaire de désinfection - Version Fr
bonne nuit
svp fais tes mise à jour !!! tu es encore en SP1
regarde dans la liste je vois même des véroles du genre zzcatQQ.exe
Méthode préliminaire de désinfection - Version Fr
bonne nuit
Alaptite
Messages postés
5
Statut
Membre
Merci de ta réponse mais que veut dire sp1?
moi je vais encore moi te rassurer mais la c'est un nid a virus
meme avast ne peut rien le mieux serait de reformater ton dd c'est la meilleur solution
meme avast ne peut rien le mieux serait de reformater ton dd c'est la meilleur solution
Bonjour
Regarde ici pour le SP2
https://support.microsoft.com/fr-fr/allproducts
Il est plus sécurisé
Je repasse pour ton log
A+
EDIT tu avais Norton avant ???
Dans ajout/supp des programmes, supprime tout de suite MyWebSearch
Fait aussi démarrer/rechercher tu supprimes tout ce que tu trouves concernant cette merdouille
Tu as chopé pleins de véroles avec ça
Regarde ici pour le SP2
https://support.microsoft.com/fr-fr/allproducts
Il est plus sécurisé
Je repasse pour ton log
A+
EDIT tu avais Norton avant ???
Dans ajout/supp des programmes, supprime tout de suite MyWebSearch
Fait aussi démarrer/rechercher tu supprimes tout ce que tu trouves concernant cette merdouille
Tu as chopé pleins de véroles avec ça
