Virus Win32 Besoin d'aide!
Houtou
-
Houtou -
Houtou -
Bonjour,
J'ai apparemment le virus 32, il veut pas partir.
J'ai un log de HijackThis. Pouvez vous m'aider pour la suite?
Merci d'avance.
Log:
Logfile of HijackThis v1.99.1
Scan saved at 23:06:19, on 10/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\MICROS~1\rapimgr.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\Program Files\Eset\nod32.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\WINDOWS\system32\msiexec.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\MsiExec.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://outlook.live.com/owa/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.american-onlines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe "D:\WINDOWS\KesenjanganSosial.exe"
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <title>Welcome to Yahoo! GeoCities - Your Home on the Web ®</title>
O1 - Hosts: </head>
O1 - Hosts: <body bgcolor=#ffffff>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --><center>
O1 - Hosts: <table border=0 width=600 cellspacing=0 cellpadding=0><tr><td width="1%"><a href="https://smallbusiness.yahoo.com/"><img
O1 - Hosts: src=http://us.i1.yimg.com/us.yimg.com/i/us/geo/ygeo.gif width=305 height=36 border=0 alt="Yahoo! GeoCities"></a></td><td><table border=0 cellspacing=0 cellpadding=0 width="100%"><tr><td align=right valign=bottom nowrap><font face=arial size=-1><a href="https://fr.yahoo.com/?p=us">Yahoo!</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </font>
O1 - Hosts: </td></tr></table><hr size=1></td></tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table width=600 cellpadding=4 cellspacing=0 border=0>
O1 - Hosts: <tr bgcolor=003399><td><font face=arial size=+1 color=ffffff><b>Sorry, the site you requested is inactive.</b></font></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: <br>
O1 - Hosts: <table width="600" border="0" cellspacing="0" cellpadding="0"><tr><td align=center valign=top>
O1 - Hosts: <table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr><td valign=top>
O1 - Hosts: <table width="100%" cellpadding=4 cellspacing=0 border=0 bgcolor=ffffee><tr><td valign=top>
O1 - Hosts: <font face=arial size=-1>
O1 - Hosts: This GeoCities site has been deactivated due to inactivity.
O1 - Hosts: <p>
O1 - Hosts: <strong>Are you the site owner?</strong> <br>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/">Click here</a> to reactivate your site.
O1 - Hosts: <p>
O1 - Hosts: <strong>Are you a visitor?</strong> Try a search below.
O1 - Hosts: </font>
O1 - Hosts: <br><br>
O1 - Hosts: </td></tr></table></td></tr></table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table width="600" cellpadding=4 cellspacing=0 border=0 bgcolor=eeeeee><tr><td valign=top>
O1 - Hosts: <font face=arial size=-1><b>Search Yahoo! GeoCities</b></font></td></tr></table>
O1 - Hosts: <br><form action="https://smallbusiness.yahoo.com/" method=get>
O1 - Hosts: <input size=32 name=p value=""> <input type=submit value="Search"><p>
O1 - Hosts: <p>
O1 - Hosts: <strong><font face=arial size=-1>Advanced GeoCities search options </font></strong>
O1 - Hosts: <p>
O1 - Hosts: <table border=0 cellpadding=2 cellspacing=0>
O1 - Hosts: <tr><td valign=top>
O1 - Hosts: <table border=0 cellpadding=1 cellspacing=0>
O1 - Hosts: <tr><td colspan=2><font face=arial size=-1><b>Option 1</b></font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=i checked></td><td><font face=arial size=-1>Intelligent default</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=p></td><td><font face=arial size=-1>An exact phrase match</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=a></td><td><font face=arial size=-1>Matches on all words (AND)</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=o></td><td><font face=arial size=-1>Matches on any word (OR)</font></td></tr></table>
O1 - Hosts: </td><td> </td><td valign=top>
O1 - Hosts: <table border=0 cellpadding=1 cellspacing=0>
O1 - Hosts: <tr><td colspan=2><font face=arial size=-1><b>Option 2</b></font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=h value=c ></td><td><font face=arial size=-1>Yahoo! GeoCities Categories</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=h value=s checked></td><td><font face=arial size=-1>Yahoo! GeoCities Web Sites</font></td></tr></table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: </form>
O1 - Hosts: <p>
O1 - Hosts: <br>
O1 - Hosts: <table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8>
O1 - Hosts: <table cellpadding=1 cellspacing=1 border=0 width="100%">
O1 - Hosts: <tr valign=top bgcolor=ffffff><td align=center>
O1 - Hosts: <font face=arial size=-2><A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.com/">Classifieds</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://my.yahoo.com/">My Yahoo!</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://news.yahoo.com/">News</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://paydirect.yahoo.com/">PayDirect</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://people.yahoo.com/">People Search</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://personals.yahoo.com/">Personals</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://photos.yahoo.com/">Photos</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://shopping.yahoo.com/">Shopping</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://sports.yahoo.com/">Sports</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://finance.yahoo.com/">Stock Quotes</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://tv.yahoo.com/">TV</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://travel.yahoo.com/">Travel</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://weather.yahoo.com/">Weather</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://www.yahooligans.com/">Yahooligans</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://yp.yahoo.com/">Yellow Pages</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://docs.yahoo.com/docs/family/more.html">more...</A>
O1 - Hosts: </font></td></tr></table></td></tr></table>
O1 - Hosts: <p><center><hr noshade size=1 width="675"><table border=0 cellpadding=0 cellspacing=0><tr><td align=center valign=bottom width="100%"><font size="-2" face=arial>Copyright © 2004 <a href="https://fr.yahoo.com/?p=us" target="_top">Yahoo! Inc.</a> All rights reserved.<br><b>NOTICE: We collect personal information on this site. To learn more about how we use your information, see our <a href="https://www.verizonmedia.com/policies/" target="_top">Yahoo Privacy Policy</a></b></font></td></tr></table></center>
O1 - Hosts: </body>
O1 - Hosts: </html>
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - D:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - D:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tok-Cirrhatus-5325] "D:\Documents and Settings\Administrateur.PNX\Local Settings\Application Data\smss.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSN Messenger\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSN Messenger\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: OracleOraDb10g_home3TNSListener - Unknown owner - D:\oracle\product\10.1.0\db_3\BIN\TNSLSNR.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
J'ai apparemment le virus 32, il veut pas partir.
J'ai un log de HijackThis. Pouvez vous m'aider pour la suite?
Merci d'avance.
Log:
Logfile of HijackThis v1.99.1
Scan saved at 23:06:19, on 10/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Microsoft ActiveSync\wcescomm.exe
D:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\MICROS~1\rapimgr.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
D:\Program Files\Eset\nod32.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\WINDOWS\system32\msiexec.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\MsiExec.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://outlook.live.com/owa/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.american-onlines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe "D:\WINDOWS\KesenjanganSosial.exe"
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <title>Welcome to Yahoo! GeoCities - Your Home on the Web ®</title>
O1 - Hosts: </head>
O1 - Hosts: <body bgcolor=#ffffff>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE --><center>
O1 - Hosts: <table border=0 width=600 cellspacing=0 cellpadding=0><tr><td width="1%"><a href="https://smallbusiness.yahoo.com/"><img
O1 - Hosts: src=http://us.i1.yimg.com/us.yimg.com/i/us/geo/ygeo.gif width=305 height=36 border=0 alt="Yahoo! GeoCities"></a></td><td><table border=0 cellspacing=0 cellpadding=0 width="100%"><tr><td align=right valign=bottom nowrap><font face=arial size=-1><a href="https://fr.yahoo.com/?p=us">Yahoo!</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </font>
O1 - Hosts: </td></tr></table><hr size=1></td></tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table width=600 cellpadding=4 cellspacing=0 border=0>
O1 - Hosts: <tr bgcolor=003399><td><font face=arial size=+1 color=ffffff><b>Sorry, the site you requested is inactive.</b></font></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: <br>
O1 - Hosts: <table width="600" border="0" cellspacing="0" cellpadding="0"><tr><td align=center valign=top>
O1 - Hosts: <table width="100%" cellpadding=1 cellspacing=0 border=0 bgcolor=dcdcdc><tr><td valign=top>
O1 - Hosts: <table width="100%" cellpadding=4 cellspacing=0 border=0 bgcolor=ffffee><tr><td valign=top>
O1 - Hosts: <font face=arial size=-1>
O1 - Hosts: This GeoCities site has been deactivated due to inactivity.
O1 - Hosts: <p>
O1 - Hosts: <strong>Are you the site owner?</strong> <br>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/">Click here</a> to reactivate your site.
O1 - Hosts: <p>
O1 - Hosts: <strong>Are you a visitor?</strong> Try a search below.
O1 - Hosts: </font>
O1 - Hosts: <br><br>
O1 - Hosts: </td></tr></table></td></tr></table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: <br>
O1 - Hosts: <table width="600" cellpadding=4 cellspacing=0 border=0 bgcolor=eeeeee><tr><td valign=top>
O1 - Hosts: <font face=arial size=-1><b>Search Yahoo! GeoCities</b></font></td></tr></table>
O1 - Hosts: <br><form action="https://smallbusiness.yahoo.com/" method=get>
O1 - Hosts: <input size=32 name=p value=""> <input type=submit value="Search"><p>
O1 - Hosts: <p>
O1 - Hosts: <strong><font face=arial size=-1>Advanced GeoCities search options </font></strong>
O1 - Hosts: <p>
O1 - Hosts: <table border=0 cellpadding=2 cellspacing=0>
O1 - Hosts: <tr><td valign=top>
O1 - Hosts: <table border=0 cellpadding=1 cellspacing=0>
O1 - Hosts: <tr><td colspan=2><font face=arial size=-1><b>Option 1</b></font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=i checked></td><td><font face=arial size=-1>Intelligent default</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=p></td><td><font face=arial size=-1>An exact phrase match</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=a></td><td><font face=arial size=-1>Matches on all words (AND)</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=o value=o></td><td><font face=arial size=-1>Matches on any word (OR)</font></td></tr></table>
O1 - Hosts: </td><td> </td><td valign=top>
O1 - Hosts: <table border=0 cellpadding=1 cellspacing=0>
O1 - Hosts: <tr><td colspan=2><font face=arial size=-1><b>Option 2</b></font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=h value=c ></td><td><font face=arial size=-1>Yahoo! GeoCities Categories</font></td></tr>
O1 - Hosts: <tr><td witdth=1% valign=top> <input type=radio name=h value=s checked></td><td><font face=arial size=-1>Yahoo! GeoCities Web Sites</font></td></tr></table>
O1 - Hosts: </td></tr></table>
O1 - Hosts: </form>
O1 - Hosts: <p>
O1 - Hosts: <br>
O1 - Hosts: <table cellpadding=0 cellspacing=0 border=0 width=675><tr><td bgcolor=a0b8c8>
O1 - Hosts: <table cellpadding=1 cellspacing=1 border=0 width="100%">
O1 - Hosts: <tr valign=top bgcolor=ffffff><td align=center>
O1 - Hosts: <font face=arial size=-2><A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://address.yahoo.com/">Address Book</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://alerts.yahoo.com/">Alerts</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://auctions.yahoo.com/">Auctions</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://billpay.yahoo.com/">Bill Pay</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://bookmarks.yahoo.com/">Bookmarks</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://briefcase.yahoo.com/">Briefcase</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://broadcast.yahoo.com/">Broadcast</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://calendar.yahoo.com/">Calendar</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://chat.yahoo.com/">Chat</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://classifieds.yahoo.com/">Classifieds</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://clubs.yahoo.com/">Clubs</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://companion.yahoo.com/">Companion</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://experts.yahoo.com/">Experts</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://games.yahoo.com/">Games</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://greetings.yahoo.com/">Greetings</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://geocities.yahoo.com/">Home Pages</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://invites.yahoo.com/">Invites</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://mail.yahoo.com/">Mail</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://maps.yahoo.com/">Maps</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://members.yahoo.com/">Member Directory</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://messenger.yahoo.com/">Messenger</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://my.yahoo.com/">My Yahoo!</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://news.yahoo.com/">News</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://paydirect.yahoo.com/">PayDirect</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://people.yahoo.com/">People Search</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://personals.yahoo.com/">Personals</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://photos.yahoo.com/">Photos</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://shopping.yahoo.com/">Shopping</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://sports.yahoo.com/">Sports</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://finance.yahoo.com/">Stock Quotes</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://tv.yahoo.com/">TV</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://travel.yahoo.com/">Travel</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://weather.yahoo.com/">Weather</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://www.yahooligans.com/">Yahooligans</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://yp.yahoo.com/">Yellow Pages</A> · <A
O1 - Hosts: href="http://rd.yahoo.com/footer/?http://docs.yahoo.com/docs/family/more.html">more...</A>
O1 - Hosts: </font></td></tr></table></td></tr></table>
O1 - Hosts: <p><center><hr noshade size=1 width="675"><table border=0 cellpadding=0 cellspacing=0><tr><td align=center valign=bottom width="100%"><font size="-2" face=arial>Copyright © 2004 <a href="https://fr.yahoo.com/?p=us" target="_top">Yahoo! Inc.</a> All rights reserved.<br><b>NOTICE: We collect personal information on this site. To learn more about how we use your information, see our <a href="https://www.verizonmedia.com/policies/" target="_top">Yahoo Privacy Policy</a></b></font></td></tr></table></center>
O1 - Hosts: </body>
O1 - Hosts: </html>
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - D:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - D:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tok-Cirrhatus-5325] "D:\Documents and Settings\Administrateur.PNX\Local Settings\Application Data\smss.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSN Messenger\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSN Messenger\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: OracleOraDb10g_home3TNSListener - Unknown owner - D:\oracle\product\10.1.0\db_3\BIN\TNSLSNR.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - D:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
A voir également:
- Virus Win32 Besoin d'aide!
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
2 réponses
bonjour
tu n'es pas dans le bon forum tu dois allé ici
http://www.commentcamarche.net/forum/forum 7 virus securite
@+
tu n'es pas dans le bon forum tu dois allé ici
http://www.commentcamarche.net/forum/forum 7 virus securite
@+
