j ai eue une attaque de 2 virus différent , il y en a un que j ai pas noté car j ai supprimer trop vite
le nom est win32 trojano-1267
sauf que dans ma zone de quarantaine il y a aussi ecris kernel 32 dll
winsock dll
wsock32 dll
la je sais pas quoi faire , car j ai fais un scan au démarrage , je pouvais alors supprimer les fichiers et le virus , mais ca me disais que cétait dans windows et demandais si j etais sure de vouloir faire ca .
il y avait réparé, mais ca fonctionne pas
et ignorer j ai fait ignore , il a découvert que 11 fichiers etait infectés mais ne dit pas lesquels.
jsais pas trop quoi faire avec ca la .
dah sti ca arrete pas , ca arrive en masse , il se propage jsais pas trop ca pas d allure en 10 minute j ai eue 2 nouvelles alertes , toujours le meme virus mais il affecte d autres fichiers quelque chose du genre , mais dans windows system32 grrrrrr mon ordi vas tu sauter ????????
merci bcp --Message edité par LeeLou le 2005-05-12 16:41:15--
virus au secourssssss jsuis bombardée
grrrrrrr, win32trojan 1267
poller exe infecté dans windowssystem 32
sti j ai fait un scan au démarrage , puis j ai supprimer le poller exe infecté ,
pis la apres 5 minutes sur le forum encore une alerte
virus 1267 trojan infecté poller exe dans windows system32
shittttttttttttt je sais pu quoi faire
poller exe infecté dans windowssystem 32
sti j ai fait un scan au démarrage , puis j ai supprimer le poller exe infecté ,
pis la apres 5 minutes sur le forum encore une alerte
virus 1267 trojan infecté poller exe dans windows system32
shittttttttttttt je sais pu quoi faire
[img]http://i42.tinypic.com/28u466t.png[/img]
ou la la
essaie le scan anti-virus en ligne http://www.secuser.com/outils/antivirus.htm
si tu as des problèmes à cause de ton pare-feu , tiens la touche control abaisser jusqu'au début du scan pour faire passer l'activex.
Bonne chance
essaie le scan anti-virus en ligne http://www.secuser.com/outils/antivirus.htm
si tu as des problèmes à cause de ton pare-feu , tiens la touche control abaisser jusqu'au début du scan pour faire passer l'activex.
Bonne chance
merci , le pire est que je supprime le fameux fichier quil dise infecté , mais jsais pas trop a chaque fois que j ai une alerte comme quoi j ai un virus dans ce fameux fichier exe de windows , c est toujours le meme fichier , que j ai évidemment supprimer 25 fois depuis hier soir .assez etrange que ce fichier sois toujours la quand pourtant je l ai supprimé
[img]http://i42.tinypic.com/28u466t.png[/img]
ouin ben jsais pas mais ca s enleve pas , j ai ad aware , j ai spybot , antivirus avast, le firewall de windows sp2 ,sti la ca en prends combien pour me débarasser de cette affaire la.
S en est plus drole du tout , c est toujours le meme qui entre plusieur fois par jour , il attaque sans cesse .Comme si quelqu un qui a mon adressse ip se faisait un plaisir de m attaquer a tout moment et tout le temps de la meme maniere grrrrrr
S en est plus drole du tout , c est toujours le meme qui entre plusieur fois par jour , il attaque sans cesse .Comme si quelqu un qui a mon adressse ip se faisait un plaisir de m attaquer a tout moment et tout le temps de la meme maniere grrrrrr
[img]http://i42.tinypic.com/28u466t.png[/img]
Ce trojan fait partie de la liste des trojans reconnus par le logiciel Avast.
VPS 0519-2, 12.05.2005
Win32:Adan-040 [Adw], Win32:Adan-041 [Adw], Win32:Adan-042 [Adw], Win32:Adan-043 [Adw], Win32:Apropo-3 [Adw], Win32:Bancos-AO [Trj], Win32:Banker-BV [Trj], Win32NSChanger-D [Trj], Win32NSChanger-E [Trj], Win32ialer-361 [Trj], Win32ialer-362 [Trj], Win32ialer-363 [Trj], Win32:Eyeveg-C [Wrm], Win32:IstBar-AI [Trj], Win32:IstBar-AJ [Trj], Win32:LowZones-Z [Trj], Win32:Mytob-BY [Wrm], Win32:Puper-C [Trj], Win32:Puper-D [Trj], Win32:Puper-E [Trj], Win32:Puper-F [Trj], Win32:Rbot-UU [Trj], Win32:SdBot-2039 [Trj], Win32:SdBot-2041 [Trj], Win32:SdBot-2043 [Trj], Win32:Small-K [Trj], Win32:Small-L [Trj], Win32:StartPage-097 [Trj], Win32:StartPage-098 [Trj], Win32:Trojano-1259 [Trj], Win32:Trojano-1260 [Trj], Win32:Trojano-1261 [Trj], Win32:Trojano-1262 [Trj], Win32:Trojano-1263 [Trj], Win32:Trojano-1264 [Trj], Win32:Trojano-1265 [Trj], Win32:Trojano-1266 [Trj], Win32:Trojano-1267 [Trj], Win32:Trojano-1268 [Trj], Win32:Trojano-1269 [Trj] Win32:Trojano-1270 [Trj], Win32:Trojano-1271 [Trj], Win32:Trojano-1272 [Trj], Win32:Trojano-1273 [Trj]
-----------------------------------------------------------
As-tu essayé ton Avast en mode sans échec pour scanner ton ordi?? Parce que je vois qu'il devrait te l'enlever.
Désactive avant ta restauration de windows et refais le test avec Avast en mode sans échec.
Essaie avec ce lien de faire quelque chose: http://www.iavs.net/eng/down_cleaner.html
Et après, tu pourras peut-être faire un scan avec le logiciel Hijackthis que tu pourras mettre ici, et surement que Lucky Luke va pouvoir t'aider à y voir un peu plus clair.
Si tu ne l'as pas, tu peux aller le télécharger ici:
http://www.01net.com/telecharger/window ... 29061.html
Après l'avoir téléchargé, clique sur la filière zip pour le dézipper et mets le dans un répertoire comme: c:hijackthis
ensuite tu fais le scan et mets-nous une copie de ton log ici.
VPS 0519-2, 12.05.2005
Win32:Adan-040 [Adw], Win32:Adan-041 [Adw], Win32:Adan-042 [Adw], Win32:Adan-043 [Adw], Win32:Apropo-3 [Adw], Win32:Bancos-AO [Trj], Win32:Banker-BV [Trj], Win32NSChanger-D [Trj], Win32NSChanger-E [Trj], Win32ialer-361 [Trj], Win32ialer-362 [Trj], Win32ialer-363 [Trj], Win32:Eyeveg-C [Wrm], Win32:IstBar-AI [Trj], Win32:IstBar-AJ [Trj], Win32:LowZones-Z [Trj], Win32:Mytob-BY [Wrm], Win32:Puper-C [Trj], Win32:Puper-D [Trj], Win32:Puper-E [Trj], Win32:Puper-F [Trj], Win32:Rbot-UU [Trj], Win32:SdBot-2039 [Trj], Win32:SdBot-2041 [Trj], Win32:SdBot-2043 [Trj], Win32:Small-K [Trj], Win32:Small-L [Trj], Win32:StartPage-097 [Trj], Win32:StartPage-098 [Trj], Win32:Trojano-1259 [Trj], Win32:Trojano-1260 [Trj], Win32:Trojano-1261 [Trj], Win32:Trojano-1262 [Trj], Win32:Trojano-1263 [Trj], Win32:Trojano-1264 [Trj], Win32:Trojano-1265 [Trj], Win32:Trojano-1266 [Trj], Win32:Trojano-1267 [Trj], Win32:Trojano-1268 [Trj], Win32:Trojano-1269 [Trj] Win32:Trojano-1270 [Trj], Win32:Trojano-1271 [Trj], Win32:Trojano-1272 [Trj], Win32:Trojano-1273 [Trj]
-----------------------------------------------------------
As-tu essayé ton Avast en mode sans échec pour scanner ton ordi?? Parce que je vois qu'il devrait te l'enlever.
Désactive avant ta restauration de windows et refais le test avec Avast en mode sans échec.
Essaie avec ce lien de faire quelque chose: http://www.iavs.net/eng/down_cleaner.html
Et après, tu pourras peut-être faire un scan avec le logiciel Hijackthis que tu pourras mettre ici, et surement que Lucky Luke va pouvoir t'aider à y voir un peu plus clair.
Si tu ne l'as pas, tu peux aller le télécharger ici:
http://www.01net.com/telecharger/window ... 29061.html
Après l'avoir téléchargé, clique sur la filière zip pour le dézipper et mets le dans un répertoire comme: c:hijackthis
ensuite tu fais le scan et mets-nous une copie de ton log ici.
merci bcp je vais essayer ca , je commence presque a en rire , je viens tout juste d ouvrir la page du forum (je n ai pas rien fait avec l ordi depuis tantot) en ouvrant le forum la tite dame de avast me dit vous avez un virus grrrrrrr mettre en quarantaine , une vrai joke que ca reviens sans cesse comme ca --Message edité par LeeLou le 2005-05-14 11:46:59--
[img]http://i42.tinypic.com/28u466t.png[/img]
Logfile of HijackThis v1.99.1
Scan saved at 11:48:54, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesLexmark 4200 Serieslxbmbmgr.exe
C:Program FilesLexmark 4200 Serieslxbmbmon.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesSlySoftAnyDVDAnyDVD.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:DOCUMENTS AND SETTINGSVEROBUREAUHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:WINDOWSNail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [Ulead AutoDetector] C:Program FilesUlead SystemsUlead Photo Explorer 8.0 SE BasicMonitor.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus! 3MsgPlus.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..RunOnce: [Index Washer] C:Program FilesWebrootWasherWashIdx.exe "Vero"
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - HKCU..RunOnce: [Index Washer] C:Program FilesWebrootWasherWashIdx.exe "Vero"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:Program FilesApache GroupApache2inApacheMonitor.exe
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:Program FilesApache GroupApache2inApache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
Scan saved at 11:48:54, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesLexmark 4200 Serieslxbmbmgr.exe
C:Program FilesLexmark 4200 Serieslxbmbmon.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesSlySoftAnyDVDAnyDVD.exe
C:Program FilesMessengerPlus! 3MsgPlus.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:DOCUMENTS AND SETTINGSVEROBUREAUHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe C:WINDOWSNail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [Ulead AutoDetector] C:Program FilesUlead SystemsUlead Photo Explorer 8.0 SE BasicMonitor.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKLM..Run: [MessengerPlus3] "C:Program FilesMessengerPlus! 3MsgPlus.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..RunOnce: [Index Washer] C:Program FilesWebrootWasherWashIdx.exe "Vero"
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - HKCU..RunOnce: [Index Washer] C:Program FilesWebrootWasherWashIdx.exe "Vero"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:Program FilesApache GroupApache2inApacheMonitor.exe
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:Program FilesApache GroupApache2inApache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
[img]http://i42.tinypic.com/28u466t.png[/img]
Bon je vois que tu as mis ton scan Hijackthis, rendu là, je ne peux continuer à t'aider - c'est presque du chinois pour moi - je vais laisser faire Lucky Luke ou les autres plus experts en la matière.
Bizarre qu'il ne le voit pas Avast, parce que dans sa liste, il nous fait voir qu'il pourrait le détecter - tu as bien fais la mise à jour de tes définitions de virus????
Bon alors, je vais attendre les experts avec toi.
Bizarre qu'il ne le voit pas Avast, parce que dans sa liste, il nous fait voir qu'il pourrait le détecter - tu as bien fais la mise à jour de tes définitions de virus????
Bon alors, je vais attendre les experts avec toi.
oui la mise a jour est faite , avast le détect quand il entre , mais ensuite pas moyen de le trouver en passant le scan , et le fichier ne supprime pas réellement en tout cas , on va bien finir par trouver quelque chose
la j ai refait un scan en mode sans echec quand le virus m a encore attaquer alors j ai fait supprimer quand il l a trouver . alors j ai refait hijack this alors je mets ici ce que ca m a donné
ogfile of HijackThis v1.99.1
Scan saved at 19:13:12, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesWebrootWasherwwDisp.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsVeroBureauHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [Ulead AutoDetector] C:Program FilesUlead SystemsUlead Photo Explorer 8.0 SE BasicMonitor.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:Program FilesApache GroupApache2inApacheMonitor.exe
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:Program FilesApache GroupApache2inApache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
merci soleil
la j ai refait un scan en mode sans echec quand le virus m a encore attaquer alors j ai fait supprimer quand il l a trouver . alors j ai refait hijack this alors je mets ici ce que ca m a donné
ogfile of HijackThis v1.99.1
Scan saved at 19:13:12, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesWebrootWasherwwDisp.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsVeroBureauHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [Ulead AutoDetector] C:Program FilesUlead SystemsUlead Photo Explorer 8.0 SE BasicMonitor.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:Program FilesApache GroupApache2inApacheMonitor.exe
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:Program FilesApache GroupApache2inApache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
merci soleil
[img]http://i42.tinypic.com/28u466t.png[/img]
-
Lucky Luke
- Immortel du Domaine
- Messages : 14394
- Inscription : mer. nov. 26, 2003 1:00 am
à part ces 3 items que je cite en rouge à cocher et faire Fixed checked ...... ton log semble correct . repostes un nouveau log quand ca sera fait .
ogfile of HijackThis v1.99.1
Scan saved at 19:13:12, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesWebrootWasherwwDisp.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsVeroBureauHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [Ulead AutoDetector] C:Program FilesUlead SystemsUlead Photo Explorer 8.0 SE BasicMonitor.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:Program FilesApache GroupApache2inApacheMonitor.exe
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:Program FilesApache GroupApache2inApache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
ogfile of HijackThis v1.99.1
Scan saved at 19:13:12, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesApache GroupApache2inApache.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesWebrootWasherwwDisp.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsVeroBureauHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:Program FilesWS_FTP Prowsbho2k0.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [Ulead AutoDetector] C:Program FilesUlead SystemsUlead Photo Explorer 8.0 SE BasicMonitor.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:Program FilesApache GroupApache2inApacheMonitor.exe
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:Program FilesApache GroupApache2inApache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
j ai fait ce que tu as dit
Logfile of HijackThis v1.99.1
Scan saved at 23:32:44, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesLexmark 4200 Serieslxbmbmgr.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesSlySoftAnyDVDAnyDVD.exe
C:Program FilesWebrootWasherwwDisp.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe
C:Program FilesLexmark 4200 Serieslxbmbmon.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsVeroBureauHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
ca donne ca . reste a voir ci d ici 15 minutes m a encore avoir une alerte comme quoi j ai repogner le virus grrr
Logfile of HijackThis v1.99.1
Scan saved at 23:32:44, on 2005-05-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAheadInCDInCDsrv.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesMicrosoft HardwareKeyboard ype32.exe
C:Program FilesLexmark 4200 Serieslxbmbmgr.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesWinampwinampa.exe
C:Program FilesAheadInCDInCD.exe
C:Program FilesSlySoftAnyDVDAnyDVD.exe
C:Program FilesWebrootWasherwwDisp.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe
C:Program FilesLexmark 4200 Serieslxbmbmon.exe
C:Program FilesATI TechnologiesATI.ACECLI.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsVeroBureauHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [IntelliType] "C:Program FilesMicrosoft HardwareKeyboard ype32.exe"
O4 - HKLM..Run: [Lexmark 4200 Series] "C:Program FilesLexmark 4200 Serieslxbmbmgr.exe"
O4 - HKLM..Run: [FaxCenterServer4_in_1] "C:Program FilesLexmark 4200 SeriesFaxfm3032.exe" /s
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [MediaFace Integration] C:Program FilesFellowesMediaFACE 4.0SetHook.exe
O4 - HKLM..Run: [InCD] C:Program FilesAheadInCDInCD.exe
O4 - HKLM..Run: [AnyDVD] C:Program FilesSlySoftAnyDVDAnyDVD.exe
O4 - HKCU..Run: [Window Washer] C:Program FilesWebrootWasherwwDisp.exe
O4 - HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe -Hide
O4 - HKCU..Run: [Gadwin PrintScreen 2.6] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:Program FilesAheadInCDInCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:Program FilesTGTSoftStyleXPStyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:WINDOWSsvcproc.exe
ca donne ca . reste a voir ci d ici 15 minutes m a encore avoir une alerte comme quoi j ai repogner le virus grrr
[img]http://i42.tinypic.com/28u466t.png[/img]