verdy-verda Posté 28 Novembre 2007 Partager Posté 28 Novembre 2007 Bien voila je ne sais plus koi faire apres mille tentatives avec f-secure ,ad-aware ,spybot Voici le log de hijackthis: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:27:30, on 28/11/2007Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\netdde.exeC:\WINDOWS\Explorer.EXEC:\Program Files\F-Secure\Common\FSM32.EXEC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXEC:\Program Files\F-Secure\Anti-Virus\fsgk32st.exeC:\Program Files\F-Secure\Anti-Virus\FSGK32.EXEC:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exeC:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exeC:\Program Files\F-Secure\Common\FSMA32.EXEC:\Program Files\F-Secure\Common\FSMB32.EXEC:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\F-Secure\Anti-Virus\fssm32.exeC:\Program Files\F-Secure\Common\FCH32.EXEC:\Program Files\F-Secure\Common\FAMEH32.EXEC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\Synerway\SYNERB~1\bin\ESAVDA~1.EXEC:\WINDOWS\System32\tlntsvr.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\F-Secure\Common\FNRB32.EXEC:\Program Files\F-Secure\Common\FIH32.EXEC:\Program Files\F-Secure\Anti-Virus\fsav32.exeC:\Program Files\F-Secure\FSGUI\fsguiexe.exeC:\WINDOWS\System32\wuauclt.exeC:\PROGRA~1\MOZILL~1\FIREFOX.EXEC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html"]http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html"]http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.yahoo.com/"]http://www.yahoo.com/[/url]R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url="http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com"]http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com[/url]R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.111.1:800R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensO2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splashO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - [url="http://favorites.live.com/quickadd.aspx"]http://favorites.live.com/quickadd.aspx[/url]O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dllO9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - [url="http://support.euro.dell.com/systemprofiler/SysPro.CAB"]http://support.euro.dell.com/systemprofiler/SysPro.CAB[/url]O16 - DPF: {E111B6BD-3B91-410E-A989-F3392676AF34} (PSVRecImage Control) - [url="http://www.e-ccgnet.com:8084/push01.cab"]http://www.e-ccgnet.com:8084/push01.cab[/url]O16 - DPF: {E6ACF817-0A85-4EBE-9F0A-096C6488CFEA} (NTR ActiveX 1.1.8) - [url="https://www.ntrconnect.com/main/mod/setup/ntractivex118_24.cab"]https://www.ntrconnect.com/main/mod/setup/n...tivex118_24.cab[/url]O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLLO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXEO23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXEO23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exeO23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXEO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: MSSQLSERVER - Unknown owner - C:\PROGRA~1\MI6841~1\80\Tools\binn\sqlservr.exe (file missing)O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)O23 - Service: MySQL5 - Unknown owner - C:\Program.exe (file missing)O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exeO23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exeO23 - Service: SQLSERVERAGENT - Unknown owner - C:\PROGRA~1\MI6841~1\80\Tools\binn\sqlagent.exe (file missing)O23 - Service: Synerbox Backup (SynerboxBackup) - Unknown owner - C:\PROGRA~1\Synerway\SYNERB~1\bin\ESAVDA~1.EXE--End of file - 8762 bytes A l'aide svp !!! Lien vers le commentaire Partager sur d’autres sites More sharing options...
Sujets conseillés
Veuillez vous connecter pour commenter
Vous pourrez laisser un commentaire après vous êtes connecté.
Connectez-vous maintenant