Carpe diem var (encore...)
MBN2008
Messages postés
6
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
N'étant pas un spécialiste en maintenance informatique, je fais de mon mieux pour gérer seul les problèmes rencontrés. Je partage le PC avec diverses personnes (chacun dispose d'un identifiant). Ma licence antivirus étant périmée, j'ai désinstallé celuii-ci et ai installé une version récente de avast! antivirus. Malheureusement, celui-ci ne permet pas de réparer certains fichiers virusés... mais le scan n'indique plus de virus à part les fichiers déjà mis en quarantaine. Enfin, j'ai scanné les disques avec Spybot et là encore je découvre qu'il n'arrive pas à éliminer ce sacré "carpe diem var".
Voici ce que donne le rapport Hijackthis...
Logfile of HijackThis v1.99.1
Scan saved at 18:03:20, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\Twain_32\SlimU2TA\HotKey.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Michel\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.proximus.be/pickx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Tiscali
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {740873E1-AA47-DCEE-488F-1A53F3879B37} - Bogobot.dll (file missing)
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {4f7e9d97-bee7-4f55-811d-19f15f2120ad} - C:\WINDOWS\system32\wvUKbCsT.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {8e1a2014-ff23-570b-3b94-36f21886882b} - {b2886881-2f63-49b3-b075-32ff4102a1e8} - C:\WINDOWS\system32\kxhrqk.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {fe1ccc99-63d7-4785-b394-ba1556ca9eda} - C:\WINDOWS\system32\tuvuSjIC.dll (file missing)
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: gksraemq - {A91B590B-67E6-4CB4-8741-423AD91E8C1A} - C:\WINDOWS\gksraemq.dll (file missing)
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\SlimU2TA\HotKey.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [systemdll] qwe.exe
O4 - HKLM\..\Run: [Testimonials] MNTP.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SMrhcj5oj0eje3] C:\Program Files\rhcj5oj0eje3\rhcj5oj0eje3.exe
O4 - HKLM\..\Run: [\YUR31.exe] C:\Windows\system32\YUR31.exe
O4 - HKLM\..\Run: [\YUR34.exe] C:\Windows\system32\YUR34.exe
O4 - HKLM\..\Run: [\YUR35.exe] C:\Windows\system32\YUR35.exe
O4 - HKLM\..\Run: [\YUR36.exe] C:\Windows\system32\YUR36.exe
O4 - HKLM\..\Run: [\YUR3B.exe] C:\Windows\system32\YUR3B.exe
O4 - HKLM\..\Run: [\YUR4C.exe] C:\Windows\system32\YUR4C.exe
O4 - HKLM\..\Run: [\YUR4E.exe] C:\Windows\system32\YUR4E.exe
O4 - HKLM\..\Run: [\YUR4D.exe] C:\Windows\system32\YUR4D.exe
O4 - HKLM\..\Run: [\YUR4F.exe] C:\Windows\system32\YUR4F.exe
O4 - HKLM\..\Run: [\YUR5B.exe] C:\Windows\system32\YUR5B.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKLM\..\Run: [\YUR56.exe] C:\Windows\system32\YUR56.exe
O4 - HKLM\..\Run: [\YUR96.exe] C:\Windows\system32\YUR96.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [04e92ee5] rundll32.exe "C:\WINDOWS\system32\yfyicbvo.dll",b
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [UnSpyPC] C:\Program Files\UnSpyPC\UnSpyPC.exe
O4 - HKCU\..\Run: [XTermInit] MsNetHelper.exe
O4 - HKCU\..\Run: [SysEntry] hyandex.exe
O4 - HKCU\..\Run: [WinInitDll] qwe.exe
O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\Michel\Application Data\WinButler\WinButler.exe
O4 - HKCU\..\Run: [SfKg6wIPu] C:\Documents and Settings\Michel\Application Data\Microsoft\Windows\maiffs.exe
O4 - HKCU\..\Run: [\YUR31.exe] C:\Windows\system32\YUR31.exe
O4 - HKCU\..\Run: [\YUR34.exe] C:\Windows\system32\YUR34.exe
O4 - HKCU\..\Run: [\YUR35.exe] C:\Windows\system32\YUR35.exe
O4 - HKCU\..\Run: [\YUR36.exe] C:\Windows\system32\YUR36.exe
O4 - HKCU\..\Run: [\YUR3B.exe] C:\Windows\system32\YUR3B.exe
O4 - HKCU\..\Run: [\YUR4C.exe] C:\Windows\system32\YUR4C.exe
O4 - HKCU\..\Run: [\YUR4E.exe] C:\Windows\system32\YUR4E.exe
O4 - HKCU\..\Run: [\YUR4D.exe] C:\Windows\system32\YUR4D.exe
O4 - HKCU\..\Run: [\YUR4F.exe] C:\Windows\system32\YUR4F.exe
O4 - HKCU\..\Run: [\YUR5B.exe] C:\Windows\system32\YUR5B.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKCU\..\Run: [\YUR56.exe] C:\Windows\system32\YUR56.exe
O4 - HKCU\..\Run: [\YUR96.exe] C:\Windows\system32\YUR96.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.tiscali.com/
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {3AEA6239-7D97-4B70-A342-A824B55E5A5B} (Adam Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Eve.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - https://www.afternic.com/domains/downloadv3.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{106BD3E5-DA9E-4AE3-BF14-5C08BF751B6B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{639ADDA5-A070-41F4-A141-8B01F99EC8F0}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{106BD3E5-DA9E-4AE3-BF14-5C08BF751B6B}: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: kxhrqk.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wvukbcst - wvUKbCsT.dll (file missing)
O21 - SSODL: xrdwbfgn - {BEA10B61-2C40-4232-A757-AA40FD69BC11} - C:\WINDOWS\xrdwbfgn.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Quelqu'un peut-il me venir en aide?
Je rentre vers 23h00. Merci déjà pour vos conseils.
MBN
N'étant pas un spécialiste en maintenance informatique, je fais de mon mieux pour gérer seul les problèmes rencontrés. Je partage le PC avec diverses personnes (chacun dispose d'un identifiant). Ma licence antivirus étant périmée, j'ai désinstallé celuii-ci et ai installé une version récente de avast! antivirus. Malheureusement, celui-ci ne permet pas de réparer certains fichiers virusés... mais le scan n'indique plus de virus à part les fichiers déjà mis en quarantaine. Enfin, j'ai scanné les disques avec Spybot et là encore je découvre qu'il n'arrive pas à éliminer ce sacré "carpe diem var".
Voici ce que donne le rapport Hijackthis...
Logfile of HijackThis v1.99.1
Scan saved at 18:03:20, on 13/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\DitExp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\Twain_32\SlimU2TA\HotKey.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Michel\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.proximus.be/pickx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Tiscali
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {740873E1-AA47-DCEE-488F-1A53F3879B37} - Bogobot.dll (file missing)
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: (no name) - {4f7e9d97-bee7-4f55-811d-19f15f2120ad} - C:\WINDOWS\system32\wvUKbCsT.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {8e1a2014-ff23-570b-3b94-36f21886882b} - {b2886881-2f63-49b3-b075-32ff4102a1e8} - C:\WINDOWS\system32\kxhrqk.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {fe1ccc99-63d7-4785-b394-ba1556ca9eda} - C:\WINDOWS\system32\tuvuSjIC.dll (file missing)
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O3 - Toolbar: gksraemq - {A91B590B-67E6-4CB4-8741-423AD91E8C1A} - C:\WINDOWS\gksraemq.dll (file missing)
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\SlimU2TA\HotKey.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [systemdll] qwe.exe
O4 - HKLM\..\Run: [Testimonials] MNTP.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SMrhcj5oj0eje3] C:\Program Files\rhcj5oj0eje3\rhcj5oj0eje3.exe
O4 - HKLM\..\Run: [\YUR31.exe] C:\Windows\system32\YUR31.exe
O4 - HKLM\..\Run: [\YUR34.exe] C:\Windows\system32\YUR34.exe
O4 - HKLM\..\Run: [\YUR35.exe] C:\Windows\system32\YUR35.exe
O4 - HKLM\..\Run: [\YUR36.exe] C:\Windows\system32\YUR36.exe
O4 - HKLM\..\Run: [\YUR3B.exe] C:\Windows\system32\YUR3B.exe
O4 - HKLM\..\Run: [\YUR4C.exe] C:\Windows\system32\YUR4C.exe
O4 - HKLM\..\Run: [\YUR4E.exe] C:\Windows\system32\YUR4E.exe
O4 - HKLM\..\Run: [\YUR4D.exe] C:\Windows\system32\YUR4D.exe
O4 - HKLM\..\Run: [\YUR4F.exe] C:\Windows\system32\YUR4F.exe
O4 - HKLM\..\Run: [\YUR5B.exe] C:\Windows\system32\YUR5B.exe
O4 - HKLM\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKLM\..\Run: [\YUR56.exe] C:\Windows\system32\YUR56.exe
O4 - HKLM\..\Run: [\YUR96.exe] C:\Windows\system32\YUR96.exe
O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM\..\Run: [04e92ee5] rundll32.exe "C:\WINDOWS\system32\yfyicbvo.dll",b
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [UnSpyPC] C:\Program Files\UnSpyPC\UnSpyPC.exe
O4 - HKCU\..\Run: [XTermInit] MsNetHelper.exe
O4 - HKCU\..\Run: [SysEntry] hyandex.exe
O4 - HKCU\..\Run: [WinInitDll] qwe.exe
O4 - HKCU\..\Run: [WinButler] C:\Documents and Settings\Michel\Application Data\WinButler\WinButler.exe
O4 - HKCU\..\Run: [SfKg6wIPu] C:\Documents and Settings\Michel\Application Data\Microsoft\Windows\maiffs.exe
O4 - HKCU\..\Run: [\YUR31.exe] C:\Windows\system32\YUR31.exe
O4 - HKCU\..\Run: [\YUR34.exe] C:\Windows\system32\YUR34.exe
O4 - HKCU\..\Run: [\YUR35.exe] C:\Windows\system32\YUR35.exe
O4 - HKCU\..\Run: [\YUR36.exe] C:\Windows\system32\YUR36.exe
O4 - HKCU\..\Run: [\YUR3B.exe] C:\Windows\system32\YUR3B.exe
O4 - HKCU\..\Run: [\YUR4C.exe] C:\Windows\system32\YUR4C.exe
O4 - HKCU\..\Run: [\YUR4E.exe] C:\Windows\system32\YUR4E.exe
O4 - HKCU\..\Run: [\YUR4D.exe] C:\Windows\system32\YUR4D.exe
O4 - HKCU\..\Run: [\YUR4F.exe] C:\Windows\system32\YUR4F.exe
O4 - HKCU\..\Run: [\YUR5B.exe] C:\Windows\system32\YUR5B.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YURA.exe] C:\Windows\system32\YURA.exe
O4 - HKCU\..\Run: [\YUR56.exe] C:\Windows\system32\YUR56.exe
O4 - HKCU\..\Run: [\YUR96.exe] C:\Windows\system32\YUR96.exe
O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.tiscali.com/
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {3AEA6239-7D97-4B70-A342-A824B55E5A5B} (Adam Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Eve.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - https://www.afternic.com/domains/downloadv3.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{106BD3E5-DA9E-4AE3-BF14-5C08BF751B6B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{639ADDA5-A070-41F4-A141-8B01F99EC8F0}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{106BD3E5-DA9E-4AE3-BF14-5C08BF751B6B}: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: kxhrqk.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wvukbcst - wvUKbCsT.dll (file missing)
O21 - SSODL: xrdwbfgn - {BEA10B61-2C40-4232-A757-AA40FD69BC11} - C:\WINDOWS\xrdwbfgn.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Quelqu'un peut-il me venir en aide?
Je rentre vers 23h00. Merci déjà pour vos conseils.
MBN
A voir également:
- Carpe diem var (encore...)
- Carpe fishing simulator - Télécharger - Simulation
- Var matin gratuit - Télécharger - Médias et Actualité
- Indicatif var - Guide
- /Var/www/html/. - Forum Ubuntu
- /Var/www/html - Forum Linux / Unix
