verdy-verda Posté 28 Novembre 2007 Posté 28 Novembre 2007 Bien voila je ne sais plus koi faire apres mille tentatives avec f-secure ,ad-aware ,spybot Voici le log de hijackthis: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:27:30, on 28/11/2007Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\netdde.exeC:\WINDOWS\Explorer.EXEC:\Program Files\F-Secure\Common\FSM32.EXEC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXEC:\Program Files\F-Secure\Anti-Virus\fsgk32st.exeC:\Program Files\F-Secure\Anti-Virus\FSGK32.EXEC:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exeC:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exeC:\Program Files\F-Secure\Common\FSMA32.EXEC:\Program Files\F-Secure\Common\FSMB32.EXEC:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\F-Secure\Anti-Virus\fssm32.exeC:\Program Files\F-Secure\Common\FCH32.EXEC:\Program Files\F-Secure\Common\FAMEH32.EXEC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\Synerway\SYNERB~1\bin\ESAVDA~1.EXEC:\WINDOWS\System32\tlntsvr.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\F-Secure\Common\FNRB32.EXEC:\Program Files\F-Secure\Common\FIH32.EXEC:\Program Files\F-Secure\Anti-Virus\fsav32.exeC:\Program Files\F-Secure\FSGUI\fsguiexe.exeC:\WINDOWS\System32\wuauclt.exeC:\PROGRA~1\MOZILL~1\FIREFOX.EXEC:\Program Files\Yahoo!\Messenger\ymsgr_tray.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html"]http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html"]http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.yahoo.com/"]http://www.yahoo.com/[/url]R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url="http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com"]http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com[/url]R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.111.1:800R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensO2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splashO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - [url="http://favorites.live.com/quickadd.aspx"]http://favorites.live.com/quickadd.aspx[/url]O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dllO9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - [url="http://support.euro.dell.com/systemprofiler/SysPro.CAB"]http://support.euro.dell.com/systemprofiler/SysPro.CAB[/url]O16 - DPF: {E111B6BD-3B91-410E-A989-F3392676AF34} (PSVRecImage Control) - [url="http://www.e-ccgnet.com:8084/push01.cab"]http://www.e-ccgnet.com:8084/push01.cab[/url]O16 - DPF: {E6ACF817-0A85-4EBE-9F0A-096C6488CFEA} (NTR ActiveX 1.1.8) - [url="https://www.ntrconnect.com/main/mod/setup/ntractivex118_24.cab"]https://www.ntrconnect.com/main/mod/setup/n...tivex118_24.cab[/url]O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLLO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXEO23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXEO23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exeO23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXEO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: MSSQLSERVER - Unknown owner - C:\PROGRA~1\MI6841~1\80\Tools\binn\sqlservr.exe (file missing)O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)O23 - Service: MySQL5 - Unknown owner - C:\Program.exe (file missing)O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exeO23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exeO23 - Service: SQLSERVERAGENT - Unknown owner - C:\PROGRA~1\MI6841~1\80\Tools\binn\sqlagent.exe (file missing)O23 - Service: Synerbox Backup (SynerboxBackup) - Unknown owner - C:\PROGRA~1\Synerway\SYNERB~1\bin\ESAVDA~1.EXE--End of file - 8762 bytes A l'aide svp !!!
Sujets conseillés
Veuillez vous connecter pour commenter
Vous pourrez laisser un commentaire après vous êtes connecté.
Connectez-vous maintenant