yaness Posté(e) le 9 mars 2006 Partager Posté(e) le 9 mars 2006 Logfile of HijackThis v1.99.1 Scan saved at 11:29:45, on 2006-03-09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\DOCUME~1\ALLUSE~1\DOCUME~1\backweb\4757941\Program\SERVIC~1.EXE C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Documents and Settings\All Users\Documents\Anti-Virus\fsgk32st.exe C:\Documents and Settings\All Users\Documents\backweb\4757941\program\fsbwsys.exe C:\Documents and Settings\All Users\Documents\Anti-Virus\FSGK32.EXE C:\Documents and Settings\All Users\Documents\Common\FSMA32.EXE C:\Documents and Settings\All Users\Documents\Common\FSMB32.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Documents and Settings\All Users\Documents\Anti-Virus\fssm32.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\All Users\Documents\Common\FCH32.EXE C:\Documents and Settings\All Users\Documents\Common\FAMEH32.EXE C:\Documents and Settings\All Users\Documents\FSPC\fspc.exe C:\Documents and Settings\All Users\Documents\FWES\Program\fsdfwd.exe C:\Documents and Settings\All Users\Documents\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Documents and Settings\All Users\Documents\Common\FSM32.EXE C:\Documents and Settings\All Users\Documents\FSGUI\ispnews.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Documents and Settings\All Users\Documents\FSGUI\fsguiexe.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Documents and Settings\All Users\Documents\backweb\4757941\Program\fspex.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\sistray.exe c:\progra~1\intern~1\iexplore.exe C:\Documents and Settings\All Users\Documents\FSGUI\fsavgui.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Vaness\Local Settings\Temporary Internet Files\Content.IE5\8TPHRGK2\HijackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zwbkytzhgdqrbjiww.com/91GO7kidk...r/mWWN6ZXI.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mix997.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.visionic.qc.ca/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Documents and Settings\All Users\Documents\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Documents and Settings\All Users\Documents\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Documents and Settings\All Users\Documents\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Documents and Settings\All Users\Documents\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [spySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [iNTERNET SURF PART BLEH] C:\Documents and Settings\All Users\Application Data\admin inside internet surf\build surf.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TosGbWatcher] "C:\Program Files\TOSHIBA\gigabeat room 2.0.2\TosGbWatcher.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Onlineabout] C:\DOCUME~1\Vaness\APPLIC~1\STOREF~1\multinameobj.exe O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [boontyBox] "C:\Program Files\Boonty\BoontyBox\BoontyBox.exe" /boot O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZC O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Afficher la &liste des sites Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Interrompre le filtre de la page Web - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Refuser ce site Web - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: &Autoriser ce site Web - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Documents and Settings\All Users\Documents\FSPC\fspcmsie.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing O14 - IERESET.INF: START_PAGE_URL=http://www.visionic.qc.ca/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kav...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1128111310171 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} (Progetto1.int_ver34) - http://advnt01.com/dialer/int_ver34.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Services de sécurité COGECO (BackWeb Plug-in - 4757941) - Unknown owner - C:\DOCUME~1\ALLUSE~1\DOCUME~1\backweb\4757941\Program\SERVIC~1.EXE O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Documents and Settings\All Users\Documents\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Documents and Settings\All Users\Documents\backweb\4757941\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Documents and Settings\All Users\Documents\FWES\Program\fsdfwd.exe O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Documents and Settings\All Users\Documents\FSPC\fshttps\fshttps.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Documents and Settings\All Users\Documents\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe merci bien jespere ke mon rapport est complet Comment on fait pour deleter el virus trojan.win32.starter???????? Lien vers le commentaire Partager sur d’autres sites More sharing options...
kool56 Posté(e) le 9 mars 2006 Partager Posté(e) le 9 mars 2006 Il est très complet, superbe. Il y a juste un "hic". Il a à être posté dans la centralisation ad hoc. Ainsi, du "hic", tu passeras au "hoc" et hop tu (h)obtiendras une réponse. Ou alors, vise la signature de snooky. Lien vers le commentaire Partager sur d’autres sites More sharing options...
chienbleu Posté(e) le 9 mars 2006 Partager Posté(e) le 9 mars 2006 Vise ma signature aussi Lien vers le commentaire Partager sur d’autres sites More sharing options...
Messages recommandés
Archivé
Ce sujet est désormais archivé et ne peut plus recevoir de nouvelles réponses.