Mon pc va de plus en plus mal..
meli2007
-
clownface Messages postés 1490 Statut Membre -
clownface Messages postés 1490 Statut Membre -
Bonjour,
Je sollicite ENCORE une fois votre aide car je suis désesperée vraiment!!! lol
Mon pc va de plus en plus mal... la souris est tres lente, IE ferme sans raison... et bien plus...
Jai AVg free édition qui détecte un trojan, mais impossible de le supprimer.. et jai spyware doctor qui me trouve 40 infections mais je ne peux pas les supprimer car jai la version gratuite... Je ne peux télécharger beaucoup de chose car jai windows 98se...
je vous donne le rapport hijackthis et celui de spyware doctor...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:21:37, on 07-11-03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTO EXPLORER 8.0 SE BASIC\MONITOR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\FR-CA\MSNAPPAU.EXE
C:\PROGRAM FILES\LEXMARK X1100 SERIES\LXBKBMGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\LEXMARK X1100 SERIES\LXBKBMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\USBSTORAGE\USBDETECTOR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.hotmail.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = www.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = www.hotmail.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = mel
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR-CA\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\TOOLS\IESDSG.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR-CA\MSNTB.DLL
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YCOMP5_5_7_1.DLL (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\fr-ca\msnappau.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe /s
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe /s (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SpybotSD TeaTimer] C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q (User 'Default user')
O4 - .DEFAULT Startup: Image Transfer.lnk.disabled (User 'Default user')
O4 - .DEFAULT Startup: ADILOOK Français sur disque C.LNK.disabled (User 'Default user')
O4 - Startup: Image Transfer.lnk.disabled
O4 - Startup: ADILOOK Français sur disque C.LNK.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\TOOLS\IESDPB.DLL
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://www.habitec2000.com
O15 - Trusted Zone: www.tfou.com
O15 - Trusted Zone: www.lespac.com
O15 - Trusted Zone: www.libertin.ca
O15 - Trusted Zone: www.petitmonde.com
O15 - Trusted Zone: www.hotmail.com
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {DC765522-D5BE-49C9-AF5F-8C715A44BA28} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v9/ticker.cab
O16 - DPF: {D32E12A5-F4E1-4F99-8C80-4A0C494430A5} (MsgAlertButton Class) - http://www.meetstream.com/activex/messagealert2/NewMsgButton.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
End of file - 7778 bytes
ET CELUI LA AUSSI
Spyware Doctor Activity Report
Generated on 07-11-02 22:08:24 Spyware Doctor Homepage PC Tools Homepage Technical Support
Scans (basic information only):
Scan Results:
scan start: 07-11-02 22:10:49
scan stop: 07-11-02 23:43:49
scanned items: 94036
found items: 44
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner
Infection Name Location Risk
Elitemedia Pop64 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net High
Elitemedia Pop64 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net## High
Elitemedia Pop64 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net##* High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll## High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll##.Owner High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll##{01347765-1965-426B-91A4-AA6BB342B9A3} High
Slagent HKCU\Software\mc Elevated
Slagent HKCU\Software\mc## Elevated
Slagent HKCU\Software\mc##remove Elevated
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie## High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache## High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##0 High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##1 High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##2 High
VX2.Look2Me C:\WINDOWS\Temporary Internet Files\Content.IE5\8H6JG5MZ\88_31banner[1].jpg High
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@xiti[7].txt Medium
Advertising C:\WINDOWS\Cookies\melissa@infospace[1].txt Low
Advertising C:\WINDOWS\Cookies\vectra@kount[1].txt (Remnant) Low
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@servlet[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\vectra@xiti[2].txt (Remnant) Medium
Advertising C:\WINDOWS\Cookies\vectra@70062990[1].txt (Remnant) Low
Tracking Cookie(s) C:\WINDOWS\Cookies\vectra@atwola[1].txt (Remnant) Medium
Rogue Anti-Spyware Products C:\WINDOWS\Cookies\vectra@regman.freeze[1].txt (Remnant) High
Known Bad Sites C:\WINDOWS\Cookies\melissa@tracker.affistats[1].txt (Remnant) High
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@vip.clickzs[1].txt (Remnant) Medium
Common Components for Claria C:\WINDOWS\Cookies\melissa@belnk[1].txt (Remnant) Elevated
Lop.com C:\WINDOWS\Cookies\melissa@gestion[1].txt (Remnant) High
Common Components for Claria C:\WINDOWS\Cookies\melissa@dist.belnk[2].txt (Remnant) Elevated
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@ringo[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@123count[2].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@ad.cibleclick[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@click-fr[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@m.webtrends[2].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@monstermarketplace[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@www.monstermarketplace[2].txt (Remnant) Medium
Advertising C:\WINDOWS\Cookies\melissa@cgi-bin[1].txt (Remnant) Low
Grokster C:\WINDOWS\smdat32m.sys Medium
Instant Access C:\WINDOWS\SYSTEM\msclock32.dll High
Marketscore Netsetter C:\WINDOWS\SYSTEM\rk.bin Medium
Marketscore Netsetter C:\WINDOWS\SYSTEM\rk.exe Medium
NetObserve C:\WINDOWS\unvise32.exe High
Other Sections:
Copyright ? 2003-2005. Distributed by PC Tools. Legal Notice
sigs
Click to go back
SVP AIDEZ MOI!!!!!!!!!!!!!!!!!!!!!
Configuration: Windows 98
Internet Explorer 6.0
Je sollicite ENCORE une fois votre aide car je suis désesperée vraiment!!! lol
Mon pc va de plus en plus mal... la souris est tres lente, IE ferme sans raison... et bien plus...
Jai AVg free édition qui détecte un trojan, mais impossible de le supprimer.. et jai spyware doctor qui me trouve 40 infections mais je ne peux pas les supprimer car jai la version gratuite... Je ne peux télécharger beaucoup de chose car jai windows 98se...
je vous donne le rapport hijackthis et celui de spyware doctor...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:21:37, on 07-11-03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ULEAD SYSTEMS\ULEAD PHOTO EXPLORER 8.0 SE BASIC\MONITOR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.03.0000.1005\FR-CA\MSNAPPAU.EXE
C:\PROGRAM FILES\LEXMARK X1100 SERIES\LXBKBMGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\LEXMARK X1100 SERIES\LXBKBMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\USBSTORAGE\USBDETECTOR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.hotmail.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = www.google.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = www.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = www.hotmail.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = mel
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR-CA\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.03.0000.1005\EN-XU\STMAIN.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~2\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~2\TOOLS\IESDSG.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.5000.1021\FR-CA\MSNTB.DLL
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YCOMP5_5_7_1.DLL (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.03.0000.1005\fr-ca\msnappau.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe /s
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe /s (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [SpybotSD TeaTimer] C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q (User 'Default user')
O4 - .DEFAULT Startup: Image Transfer.lnk.disabled (User 'Default user')
O4 - .DEFAULT Startup: ADILOOK Français sur disque C.LNK.disabled (User 'Default user')
O4 - Startup: Image Transfer.lnk.disabled
O4 - Startup: ADILOOK Français sur disque C.LNK.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Recherche &Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Pages similaires - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Pages liées - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\TOOLS\IESDPB.DLL
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O15 - Trusted Zone: http://www.habitec2000.com
O15 - Trusted Zone: www.tfou.com
O15 - Trusted Zone: www.lespac.com
O15 - Trusted Zone: www.libertin.ca
O15 - Trusted Zone: www.petitmonde.com
O15 - Trusted Zone: www.hotmail.com
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {DC765522-D5BE-49C9-AF5F-8C715A44BA28} (MS Investor Ticker) - http://fdl.msn.com/public/investor/v9/ticker.cab
O16 - DPF: {D32E12A5-F4E1-4F99-8C80-4A0C494430A5} (MsgAlertButton Class) - http://www.meetstream.com/activex/messagealert2/NewMsgButton.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
End of file - 7778 bytes
ET CELUI LA AUSSI
Spyware Doctor Activity Report
Generated on 07-11-02 22:08:24 Spyware Doctor Homepage PC Tools Homepage Technical Support
Scans (basic information only):
Scan Results:
scan start: 07-11-02 22:10:49
scan stop: 07-11-02 23:43:49
scanned items: 94036
found items: 44
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner
Infection Name Location Risk
Elitemedia Pop64 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net High
Elitemedia Pop64 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net## High
Elitemedia Pop64 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\elitemediagroup.net##* High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll## High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll##.Owner High
QD2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/installer.dll##{01347765-1965-426B-91A4-AA6BB342B9A3} High
Slagent HKCU\Software\mc Elevated
Slagent HKCU\Software\mc## Elevated
Slagent HKCU\Software\mc##remove Elevated
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie## High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache## High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##0 High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##1 High
Trojan.StartPage.GEN HKCU\Software\Microsoft\Multimedia\ActiveMovie\Filter Cache##2 High
VX2.Look2Me C:\WINDOWS\Temporary Internet Files\Content.IE5\8H6JG5MZ\88_31banner[1].jpg High
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@xiti[7].txt Medium
Advertising C:\WINDOWS\Cookies\melissa@infospace[1].txt Low
Advertising C:\WINDOWS\Cookies\vectra@kount[1].txt (Remnant) Low
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@servlet[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\vectra@xiti[2].txt (Remnant) Medium
Advertising C:\WINDOWS\Cookies\vectra@70062990[1].txt (Remnant) Low
Tracking Cookie(s) C:\WINDOWS\Cookies\vectra@atwola[1].txt (Remnant) Medium
Rogue Anti-Spyware Products C:\WINDOWS\Cookies\vectra@regman.freeze[1].txt (Remnant) High
Known Bad Sites C:\WINDOWS\Cookies\melissa@tracker.affistats[1].txt (Remnant) High
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@vip.clickzs[1].txt (Remnant) Medium
Common Components for Claria C:\WINDOWS\Cookies\melissa@belnk[1].txt (Remnant) Elevated
Lop.com C:\WINDOWS\Cookies\melissa@gestion[1].txt (Remnant) High
Common Components for Claria C:\WINDOWS\Cookies\melissa@dist.belnk[2].txt (Remnant) Elevated
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@ringo[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@123count[2].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@ad.cibleclick[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@click-fr[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@m.webtrends[2].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@monstermarketplace[1].txt (Remnant) Medium
Tracking Cookie(s) C:\WINDOWS\Cookies\melissa@www.monstermarketplace[2].txt (Remnant) Medium
Advertising C:\WINDOWS\Cookies\melissa@cgi-bin[1].txt (Remnant) Low
Grokster C:\WINDOWS\smdat32m.sys Medium
Instant Access C:\WINDOWS\SYSTEM\msclock32.dll High
Marketscore Netsetter C:\WINDOWS\SYSTEM\rk.bin Medium
Marketscore Netsetter C:\WINDOWS\SYSTEM\rk.exe Medium
NetObserve C:\WINDOWS\unvise32.exe High
Other Sections:
Copyright ? 2003-2005. Distributed by PC Tools. Legal Notice
sigs
Click to go back
SVP AIDEZ MOI!!!!!!!!!!!!!!!!!!!!!
Configuration: Windows 98
Internet Explorer 6.0
A voir également:
- Mon pc va de plus en plus mal..
- Plus de son sur mon pc - Guide
- Mon pc est lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Mon pc acer ne démarre plus windows 10 - Guide
1 réponse
Bonsoir,
as-tu vraiment confiance en tous ces sites ?
O15 - Trusted Zone: http://www.habitec2000.com
O15 - Trusted Zone: www.tfou.com
O15 - Trusted Zone: www.lespac.com
O15 - Trusted Zone: www.libertin.ca
O15 - Trusted Zone: www.petitmonde.com
O15 - Trusted Zone: www.hotmail.com
ensuite
désinstalle spyware doctor, ça ne sert à rien d'avoir un outil si on ne peut pas supprimer les infections avec.
télécharge superantispyware (version free gratuite) : https://www.superantispyware.com/superantispywarefreevspro.html
tu trouveras ici https://www.malekal.com/?s=SUPERAntiSpyware un tutorial pour t'aider à l'installation et au paramétrage
fais un nettoyage, et postes un nouveau hijackthis ensuite.
as-tu vraiment confiance en tous ces sites ?
O15 - Trusted Zone: http://www.habitec2000.com
O15 - Trusted Zone: www.tfou.com
O15 - Trusted Zone: www.lespac.com
O15 - Trusted Zone: www.libertin.ca
O15 - Trusted Zone: www.petitmonde.com
O15 - Trusted Zone: www.hotmail.com
ensuite
désinstalle spyware doctor, ça ne sert à rien d'avoir un outil si on ne peut pas supprimer les infections avec.
télécharge superantispyware (version free gratuite) : https://www.superantispyware.com/superantispywarefreevspro.html
tu trouveras ici https://www.malekal.com/?s=SUPERAntiSpyware un tutorial pour t'aider à l'installation et au paramétrage
fais un nettoyage, et postes un nouveau hijackthis ensuite.
