Retour à Forum Microsoft Windows

HijackThis log

  • SB
  • Moderator
  • Genius
  • Avatar de l’utilisateur
  • Inscription: Nov 16, 2004
  • Messages: 8685
  • Loc: Aberdeen, Scotland
  • Status: Offline

Message Septembre 24th, 2008, 4:08 am

Un autre détournement de ce journal.

Quote:
Logfile de HijackThis v1.99.1
Scan sauvé à 11:38:46, le 24/09/2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost. exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ drivers \ CDAC11BA.EXE
C: \ WINDOWS \ system32 \ drivers \ CDANTSRV.EXE
C: \ WINDOWS \ system32 \ Cisvc.exe
C: \ WINDOWS \ system32 \ inetsrv \ inetinfo.exe
C: \ Program Files \ McAfee \ SiteAdvisor \ McSACore.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ Program Files \ Common Files \ McAfee \ MNA \ mcnasvc. exe
c: \ PROGRA ~ 1 \ Common ~ 1 \ mcafee \ mcproxy \ mcproxy.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
C: \ Program Files \ McAfee \ MWL \ MwlSvc.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ Srvany.exe
C: \ Program Files \ burrotech \ courrier \ off_mail.exe
C: \ WINDOWS \ system32 \ slmdmsr.exe
c: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ WINDOWS \ System32 \ Snmp.exe
C: \ Program Files \ Java \ jre1.6. 0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ wfxsnt40.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ WorkFlowTray.exe
C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ Opware14.exe
C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ OpScheduler.exe
C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ McAfee \ MWL \ MWLGui. exe
C: \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe
C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe
C: \ WINDOWS \ VM_STI.EXE
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ PowerISO \ PWRISOVM.EXE
C: \ Program Files \ Unlocker \ UnlockerAssistant.exe
C: \ Program Files \ Thomson \ SpeedTouch USB \ dragdiag.exe
C: \ WINDOWS \ system32 \ lphc7jlj0eafg. exe
C: \ Program Files \ rhc3jlj0eafg \ rhc3jlj0eafg.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Phone \ Skype.exe
C: \ Program Files \ NOVOSOFT \ Handy Backup 3.5 \ hbagent.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C: \ Documents and Settings \ James Campbell \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate. exe
C: \ WINDOWS \ system32 \ mqsvc.exe
C: \ orant \ BIN \ OLITRM36.EXE
C: \ WINDOWS \ system32 \ mqtgsvc.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Plugin Manager \ skypePM.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ ssu.exe
C: \ WINDOWS \ system32 \ cidaemon.exe
C: \ WINDOWS \ system32 \ cidaemon.exe
c: \ PROGRA ~ 1 \ mcafee \ VIRUSS ~ 1 \ mcvsshld. exe
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Documents and Settings \ James Campbell \ Desktop \ HijackThis. exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://internetsearchservice.com/ie6.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://internetsearchservice.com/ie6.html
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://internetsearchservice.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Microsoft Internet Explorer fourni par BT Broadband Business
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
O2 - BHO: Yahoo! Companion BHO - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Skype add-on (mastermind) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - (27B4851A-3207-45A2-B947-BE8AFE6163AB) - c: \ PROGRA ~ 1 \ McAfee \ MSK \ mskapbho.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - c: \ PROGRA ~ 1 \ mcafee \ VIRUSS ~ 1 \ scriptsn. dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - (AE7CD045-E861-484f-8273-0445EE161910) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll
O2 - BHO: McAfee SiteAdvisor BHO - (B164E929-A1B6-4A06-B104-2CD0E90A88FF) - c: \ PROGRA ~ 1 \ mcafee \ SITEAD ~ 1 \ mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb.dll
O2 - BHO: SpyWarningBHO Class - (F58FF278-2198-403b-9170-C95022A194C6) - C: \ Program Files \ ASpyC \ SpyWarning. dll (file missing)
O2 - BHO: 461942 helper - (F75B6637-89E2-4EA0-8343-F8BF98103654) - (no file)
O3 - Toolbar: Adobe PDF - (47833539-D0C5-4125-9FA8-0819E2EAAC93) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll
O3 - Toolbar: (no name) - (0BF43445-2F28-4351-9252-17FE6E806AA0) - (no file)
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb. dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - (0EBBBE48-bad4-4B4C-8E5A-516ABECAE064) - c: \ PROGRA ~ 1 \ mcafee \ SITEAD ~ 1 \ mcieplg.dll
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [NvCplDaemon] "RUNDLL32.EXE" C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] "nwiz.exe" / install
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM \ .. \ Run: [SSBkgdUpdate] "C: \ Program Files \ Common Files \ Scansoft Shared \ SSBkgdUpdate \ ssbkgdupdate.exe"-Embedding-boot
O4 - HKLM \ .. \ Run: [WorkFlowTray] "C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ WorkFlowTray.exe"
O4 - HKLM \ .. \ Run: [Opware14] "C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ Opware14.exe"
O4 - HKLM \ .. \ Run: [OpScheduler] "C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ OpScheduler. exe "
O4 - HKLM \ .. \ Run: [NvMediaCenter] "RUNDLL32.EXE" C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Acrobat Assistant 7.0] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe"
O4 - HKLM \ .. \ Run: [sonorisateur] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe" / startup
O4 - HKLM \ .. \ Run: [MWLExe] "C: \ Program Files \ McAfee \ MWL \ MWLGui.exe" / Start
O4 - HKLM \ .. \ Run: [McENUI] "C: \ PROGRA ~ 1 \ McAfee \ MHN \ McENUI.exe" / cacher
O4 - HKLM \ .. \ Run: [USB2Check] "RUNDLL32.EXE" C: \ WINDOWS \ system32 \ PCLECoInst.dll ", CheckUSBController
O4 - HKLM \ .. \ Run: [TrueImageMonitor. exe] "C: \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe"
O4 - HKLM \ .. \ Run: [AcronisTimounterMonitor] "C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe"
O4 - HKLM \ .. \ Run: [Acronis Scheduler2 Service] "C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe"
O4 - HKLM \ .. \ Run: [BigDogPath] "C: \ WINDOWS \ VM_STI.EXE" PHILIPS PC Camera
O4 - HKLM \ .. \ Run: [Zune Launcher] "C: \ Program Files \ Zune \ ZuneLauncher. exe "
O4 - HKLM \ .. \ Run: [mcagent_exe] "C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe" / runkey
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] "C: \ Program Files \ PowerISO \ PWRISOVM.EXE"
O4 - HKLM \ .. \ Run: [UnlockerAssistant] "C: \ Program Files \ Unlocker \ UnlockerAssistant.exe"
O4 - HKLM \ .. \ Run: [SpeedTouch USB Diagnostics] "C: \ Program Files \ Thomson \ SpeedTouch USB \ dragdiag.exe" / icon
O4 - HKLM \ .. \ Run: [advap32] "C: \ Documents and Settings \ LocalService \ Application Data \ 1108750878.exe" / r
O4 - HKLM \ .. \ Run: [lphc7jlj0eafg] C: \ WINDOWS \ system32 \ lphc7jlj0eafg.exe
O4 - HKLM \ .. \ Run: [SMrhc3jlj0eafg] "C: \ Program Files \ rhc3jlj0eafg \ rhc3jlj0eafg. exe "
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [Skype] "C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Phone \ Skype.exe" / nosplash / minimiser
O4 - HKCU \ .. \ Run: [Handy Backup 3.5] "C: \ Program Files \ NOVOSOFT \ Handy Backup 3. 5 \ hbagent.exe "/ logon
O4 - HKCU \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] "C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Google Update] "C: \ Documents and Settings \ James Campbell \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - Startup: administrateur Oracle Lite Cleanup.lnk = C: \ orant \ BIN \ OLITRM36. EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk =?
O8 - Extra du menu contextuel: & Windows Live Search -- res://C : \ Program Files \ Windows Live Toolbar \ msntb.dll / search.htm
O8 - Extra du menu contextuel: Convertir la cible au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la cible à des PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convertir les liens sélectionnés au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECaptureSelLinks.html
O8 - Extra du menu contextuel: Convertir liens existants PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppendSelLinks.html
O8 - Extra du menu contextuel: Convertir la sélection au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7. 0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la sélection au PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convert to Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir en PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll / AcroIEAppend.html
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra du menu contextuel: Ouvrir dans un nouvel onglet -- res://C : \ Program Files \ Windows Live Toolbar \ Components \ fr-fr \ msntabres.dll.mui/229? 6135ae7e39ab43b6bcc56c4e8f5e8190
O8 - Extra du menu contextuel: Ouvrir dans un nouvel onglet de premier -- res://C : \ Program Files \ Windows Live Toolbar \ Components \ fr-fr \ msntabres.dll. mui/230? 6135ae7e39ab43b6bcc56c4e8f5e8190
O8 - Extra du menu contextuel: Ouvrir le fichier PDF dans Word -- res://C : \ Program Files \ ScanSoft \ OmniPagePro14.0 \ PdfCnv \ IEShellExt.dll / 100
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv. dll
O9 - Extra button: Blog This - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra "Outils" menuitem: Ce Blog & Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Toolbars \ Internet Explorer \ SkypeIEPlugin. dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag. exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra button: Homepage - (434B94D1-DB7B-4E66-B4FD-6DD829E3D8D7) -- http://www.btopenworld.com/default (file missing) (HKCU)
O9 - Extra button: BT - (93048F06-E7F8-475B-8460-C8666E19633B) -- http://www.bt.com (file missing) (HKCU)
O10 - Unknown file dans Winsock LSP: c: \ program files \ bonjour \ mdnsnsp. dll
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21) (McAfee. com Operating System Class) -- http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: (BCC0FF27-31D9-4614-A68E-C18E1ADA4389) (DwnldGroupMgr Class) -- http://download.mcafee.com/molbin/share ... cgdmgr.cab
O16 - DPF: (CE8267C2-D41A-4A50-A69D-F32B5C289F14) (FileOpenInstaller) -- http://plugin.fileopen.com/current/FileOpen.CAB
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ WI1F86 ~ 1 \ MESSEN ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ WI1F86 ~ 1 \ MESSEN ~ 1 \ MSGRAP ~ 1. DLL
O18 - Protocol: sacore - (5513F07E-936B-4E52-9B00-067394E91CC5) - c: \ PROGRA ~ 1 \ mcafee \ SITEAD ~ 1 \ mcieplg.dll
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ Common ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O20 - Winlogon Notify: WinCtrl32 - WinCtrl32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C: \ WINDOWS \ SYSTEM32 \ WRLogonNTF. dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O21 - SSODL: HcrTKU - (A0F5E923-0A5F-4389-8B0D-84B69A10F763) - C: \ WINDOWS \ system32 \ eeb.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: # #Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 ##(Bonjour Service) - Apple Computer, Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C: \ WINDOWS \ system32 \ drivers \ CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C: \ WINDOWS \ system32 \ drivers \ CDANTSRV.EXE
O23 - Service: CbEvnSvc - Unknown owner - C: \ WINDOWS \ System32 \ CbEvnSvc.exe
O23 - Service: CbEvtSvc - Unknown owner - C: \ WINDOWS \ System32 \ CbEvtSvc. exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Fichiers communs \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: MBackMonitor - McAfee - C: \ Program Files \ McAfee \ MBK \ MBackMonitor. exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C: \ Program Files \ McAfee \ SiteAdvisor \ McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc - c: \ Program Files \ Common Files \ McAfee \ MNA \ McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - C: \ PROGRA ~ 1 \ Common ~ 1 \ mcafee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc - C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc - C: \ Program Files \ McAfee \ MWL \ MwlSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Office Mail - Unknown owner - C: \ WINDOWS \ Srvany.exe
O23 - Service: SmartLinkService (SLService) - - C: \ WINDOWS \ SYSTEM32 \ slmdmsr. exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C: \ WINDOWS \ system32 \ WFXSVC.EXE



Any help appreciated!
  • Anonymous
  • Bot
  • No Avatar
  • Inscription: 25 Feb 2008
  • Messages: ?
  • Loc: Ozzuland
  • Status: Online

Message Septembre 24th, 2008, 4:08 am

  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Inscription: Nov 21, 2006
  • Messages: 4924
  • Loc: NY
  • Status: Offline

Message Septembre 24th, 2008, 5:12 am

Supprimer ce que j'ai énumérés ci-après, sauf tout ce que j'ai dit que je n'étais pas sûr de ceux-ci sont à vous. Après cela, téléchargez de la lutte contre les logiciels malveillants http://www.malwarebytes.org l'installer et l'exécuter.


C: \ WINDOWS \ system32 \ lphc7jlj0eafg.exe

C: \ Program Files \ rhc3jlj0eafg \ rhc3jlj0eafg.exe

C: \ orant \ BIN \ OLITRM36.EXE
Pas sûr que ^^^^.

O2 - BHO: SpyWarningBHO Class - (F58FF278-2198-403b-9170-C95022A194C6) - C: \ Program Files \ ASpyC \ SpyWarning.dll (file missing)

O2 - BHO: 461942 helper - (F75B6637-89E2-4EA0-8343-F8BF98103654) - (no file)

O4 - HKLM \ .. \ Run: [advap32] "C: \ Documents and Settings \ LocalService \ Application Data \ 1108750878.exe" / r

O4 - HKLM \ .. \ Run: [lphc7jlj0eafg] C: \ WINDOWS \ system32 \ lphc7jlj0eafg.exe

O4 - HKLM \ .. \ Run: [SMrhc3jlj0eafg] "C: \ Program Files \ rhc3jlj0eafg \ rhc3jlj0eafg.exe"

O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
Il arrive que l'on peut être faux ^^^^.

O9 - Extra button: Homepage - (434B94D1-DB7B-4E66-B4FD-6DD829E3D8D7) -- http://www.btopenworld.com/default (file missing) (HKCU)


O9 - Extra button: BT - (93048F06-E7F8-475B-8460-C8666E19633B) -- http://www.bt.com (file missing) (HKCU)

O20 - Winlogon Notify: WinCtrl32 - WinCtrl32. dll (file missing)
How do you know when a politician is lying? His mouth is moving.
  • SB
  • Moderator
  • Genius
  • Avatar de l’utilisateur
  • Inscription: Nov 16, 2004
  • Messages: 8685
  • Loc: Aberdeen, Scotland
  • Status: Offline

Message Septembre 24th, 2008, 4:08 pm

Merci Don2007, malheureusement il ya toujours un problème.

Quote:
Logfile de HijackThis v1.99.1
Scan sauvé à 22:13:01, le 24/09/2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost. exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ drivers \ CDAC11BA.EXE
C: \ WINDOWS \ system32 \ drivers \ CDANTSRV.EXE
C: \ WINDOWS \ system32 \ Cisvc.exe
C: \ WINDOWS \ system32 \ inetsrv \ inetinfo.exe
C: \ Program Files \ McAfee \ SiteAdvisor \ McSACore.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ Program Files \ Common Files \ McAfee \ MNA \ mcnasvc. exe
c: \ PROGRA ~ 1 \ Common ~ 1 \ mcafee \ mcproxy \ mcproxy.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
C: \ Program Files \ McAfee \ MWL \ MwlSvc.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ Srvany.exe
C: \ Program Files \ burrotech \ courrier \ off_mail.exe
C: \ WINDOWS \ system32 \ slmdmsr.exe
C: \ WINDOWS \ System32 \ Snmp.exe
C: \ WINDOWS \ system32 \ svchost.exe
c: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent. exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ wfxsnt40.exe
C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ WorkFlowTray.exe
C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ Opware14.exe
C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ OpScheduler.exe
C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ McAfee \ MWL \ MWLGui. exe
C: \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe
C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe
C: \ WINDOWS \ VM_STI.EXE
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ PowerISO \ PWRISOVM.EXE
C: \ Program Files \ Unlocker \ UnlockerAssistant.exe
C: \ Program Files \ Thomson \ SpeedTouch USB \ dragdiag.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI. exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Phone \ Skype.exe
C: \ Program Files \ NOVOSOFT \ Handy Backup 3.5 \ hbagent.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe
C: \ Documents and Settings \ James Campbell \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ WINDOWS \ system32 \ mqsvc.exe
C: \ WINDOWS \ system32 \ mqtgsvc.exe
C: \ orant \ BIN \ OLITRM36. EXE
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
C: \ Documents and Settings \ NetworkService \ Application Data \ 1150630937.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ ssu.exe
C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Plugin Manager \ skypePM.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Common Files \ McAfee \ HackerWatch \ HWUpdChk.exe
C: \ WINDOWS \ system32 \ cidaemon. exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ cidaemon.exe
C: \ Program Files \ Malwarebytes Anti-Malware \ mbam.exe
C: \ Documents and Settings \ James Campbell \ Desktop \ HijackThis. exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://internetsearchservice.com/ie6.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://internetsearchservice.com/ie6.html
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://internetsearchservice.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Microsoft Internet Explorer fourni par BT Broadband Business
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
O2 - BHO: Yahoo! Companion BHO - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ ycomp5_5_7_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Skype add-on (mastermind) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - (27B4851A-3207-45A2-B947-BE8AFE6163AB) - c: \ PROGRA ~ 1 \ McAfee \ MSK \ mskapbho.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - c: \ PROGRA ~ 1 \ mcafee \ VIRUSS ~ 1 \ scriptsn. dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - (AE7CD045-E861-484f-8273-0445EE161910) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll
O2 - BHO: McAfee SiteAdvisor BHO - (B164E929-A1B6-4A06-B104-2CD0E90A88FF) - c: \ PROGRA ~ 1 \ mcafee \ SITEAD ~ 1 \ mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb.dll
O3 - Toolbar: Adobe PDF - (47833539-D0C5-4125-9FA8-0819E2EAAC93) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - (0EBBBE48-bad4-4B4C-8E5A-516ABECAE064) - c: \ PROGRA ~ 1 \ mcafee \ SITEAD ~ 1 \ mcieplg.dll
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [NvCplDaemon] "RUNDLL32.EXE" C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] "nwiz. exe "/ install
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM \ .. \ Run: [SSBkgdUpdate] "C: \ Program Files \ Common Files \ Scansoft Shared \ SSBkgdUpdate \ ssbkgdupdate.exe"-Embedding-boot
O4 - HKLM \ .. \ Run: [WorkFlowTray] "C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ WorkFlowTray.exe"
O4 - HKLM \ .. \ Run: [Opware14] "C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ Opware14.exe"
O4 - HKLM \ .. \ Run: [OpScheduler] "C: \ Program Files \ ScanSoft \ OmniPagePro14.0 \ OpScheduler.exe"
O4 - HKLM \ .. \ Run: [NvMediaCenter] "RUNDLL32.EXE" C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Acrobat Assistant 7.0] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Distillr \ Acrotray.exe"
O4 - HKLM \ .. \ Run: [sonorisateur] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe" / startup
O4 - HKLM \ .. \ Run: [MWLExe] "C: \ Program Files \ McAfee \ MWL \ MWLGui.exe" / Start
O4 - HKLM \ .. \ Run: [McENUI] "C: \ PROGRA ~ 1 \ McAfee \ MHN \ McENUI.exe" / cacher
O4 - HKLM \ .. \ Run: [USB2Check] "RUNDLL32.EXE" C: \ WINDOWS \ system32 \ PCLECoInst.dll ", CheckUSBController
O4 - HKLM \ .. \ Run: [TrueImageMonitor.exe] "C: \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe"
O4 - HKLM \ .. \ Run: [AcronisTimounterMonitor] "C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe"
O4 - HKLM \ .. \ Run: [Acronis Scheduler2 Service] "C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe"
O4 - HKLM \ .. \ Run: [BigDogPath] "C: \ WINDOWS \ VM_STI.EXE" PHILIPS PC Camera
O4 - HKLM \ .. \ Run: [Zune Launcher] "C: \ Program Files \ Zune \ ZuneLauncher.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] "C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe" / runkey
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched. exe "-osboot
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] "C: \ Program Files \ PowerISO \ PWRISOVM.EXE"
O4 - HKLM \ .. \ Run: [UnlockerAssistant] "C: \ Program Files \ Unlocker \ UnlockerAssistant.exe"
O4 - HKLM \ .. \ Run: [SpeedTouch USB Diagnostics] "C: \ Program Files \ Thomson \ SpeedTouch USB \ dragdiag.exe" / icon
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [lphc7jlj0eafg] C: \ WINDOWS \ system32 \ lphc7jlj0eafg.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [Skype] "C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Phone \ Skype.exe" / nosplash / minimiser
O4 - HKCU \ .. \ Run: [Handy Backup 3.5] "C: \ Program Files \ NOVOSOFT \ Handy Backup 3.5 \ hbagent.exe" / logon
O4 - HKCU \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] "C: \ Program Files \ Uniblue \ RegistryBooster 2 \ RegistryBooster.exe / S
O4 - HKCU \ .. \ Run: [Google Update] "C: \ Documents and Settings \ James Campbell \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - Startup: Oracle Lite Administrateur Cleanup.lnk = C: \ orant \ BIN \ OLITRM36. EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk =?
O8 - Extra du menu contextuel: & Windows Live Search -- res://C : \ Program Files \ Windows Live Toolbar \ msntb.dll / search.htm
O8 - Extra du menu contextuel: Convertir la cible au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la cible à des PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convertir les liens sélectionnés au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECaptureSelLinks.html
O8 - Extra du menu contextuel: Convertir liens existants PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppendSelLinks.html
O8 - Extra du menu contextuel: Convertir la sélection au format Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7. 0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir la sélection au PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra du menu contextuel: Convert to Adobe PDF -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra du menu contextuel: Convertir en PDF existant -- res://C : \ Program Files \ Adobe \ Acrobat 7.0 \ Acrobat \ AcroIEFavClient. dll / AcroIEAppend.html
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra du menu contextuel: Ouvrir dans un nouvel onglet -- res://C : \ Program Files \ Windows Live Toolbar \ Components \ fr-fr \ msntabres.dll.mui/229? 6135ae7e39ab43b6bcc56c4e8f5e8190
O8 - Extra du menu contextuel: Ouvrir dans un nouvel onglet de premier -- res://C : \ Program Files \ Windows Live Toolbar \ Components \ fr-fr \ msntabres.dll. mui/230? 6135ae7e39ab43b6bcc56c4e8f5e8190
O8 - Extra du menu contextuel: Ouvrir le fichier PDF dans Word -- res://C : \ Program Files \ ScanSoft \ OmniPagePro14.0 \ PdfCnv \ IEShellExt.dll / 100
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv. dll
O9 - Extra button: Blog This - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra "Outils" menuitem: Ce Blog & Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ WINDOWS \ system32 \ config \ systemprofile \ Desktop \ Toolbars \ Internet Explorer \ SkypeIEPlugin. dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag. exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O10 - Unknown file dans Winsock LSP: c: \ program files \ bonjour \ mdnsnsp. dll
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21) (McAfee. com Operating System Class) -- http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: (BCC0FF27-31D9-4614-A68E-C18E1ADA4389) (DwnldGroupMgr Class) -- http://download.mcafee.com/molbin/share ... cgdmgr.cab
O16 - DPF: (CE8267C2-D41A-4A50-A69D-F32B5C289F14) (FileOpenInstaller) -- http://plugin.fileopen.com/current/FileOpen.CAB
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ WI1F86 ~ 1 \ MESSEN ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ WI1F86 ~ 1 \ MESSEN ~ 1 \ MSGRAP ~ 1. DLL
O18 - Protocol: sacore - (5513F07E-936B-4E52-9B00-067394E91CC5) - c: \ PROGRA ~ 1 \ mcafee \ SITEAD ~ 1 \ mcieplg.dll
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ Common ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C: \ WINDOWS \ SYSTEM32 \ WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj. dll
O21 - SSODL: HcrTKU - (A0F5E923-0A5F-4389-8B0D-84B69A10F763) - C: \ WINDOWS \ system32 \ eeb.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: ##Id_String1. 6844F930_1628_4223_B5CC_5BB94B879762 ##(Bonjour Service) - Apple Computer, Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C: \ WINDOWS \ system32 \ drivers \ CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C: \ WINDOWS \ system32 \ drivers \ CDANTSRV.EXE
O23 - Service: CbEvnSvc - Unknown owner - C: \ WINDOWS \ System32 \ CbEvnSvc.exe
O23 - Service: CbEvtSvc - Unknown owner - C: \ WINDOWS \ System32 \ CbEvtSvc. exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Fichiers communs \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: MBackMonitor - McAfee - C: \ Program Files \ McAfee \ MBK \ MBackMonitor. exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C: \ Program Files \ McAfee \ SiteAdvisor \ McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc - c: \ Program Files \ Common Files \ McAfee \ MNA \ McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - C: \ PROGRA ~ 1 \ Common ~ 1 \ mcafee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc - C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc - C: \ Program Files \ McAfee \ MWL \ MwlSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Office Mail - Unknown owner - C: \ WINDOWS \ Srvany.exe
O23 - Service: SmartLinkService (SLService) - - C: \ WINDOWS \ SYSTEM32 \ slmdmsr. exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C: \ WINDOWS \ system32 \ WFXSVC.EXE


Im pas personnellement la fixation de ce qui est irritant. Toute autre idée sur ce qui pourrait être fait?

J'apprécie l'aide.
  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Inscription: Nov 21, 2006
  • Messages: 4924
  • Loc: NY
  • Status: Offline

Message Septembre 24th, 2008, 4:53 pm

J'ai eu un sentiment, il serait peut-être encore une question qui est la raison pour laquelle je propose de télécharger et d'exécuter malwarebytes anti malware http://www.malwarebytes.org
How do you know when a politician is lying? His mouth is moving.
  • SB
  • Moderator
  • Genius
  • Avatar de l’utilisateur
  • Inscription: Nov 16, 2004
  • Messages: 8685
  • Loc: Aberdeen, Scotland
  • Status: Offline

Message Septembre 24th, 2008, 5:08 pm

Problème avec qui quand vous faites le balayage rapide, ou le programme à long scan s'arrête. Je this qu'il s'arrête, parce que je ne peux pas dire avec certitude si l'ordinateur avant de réinitialiser le scanner ou ce qui se termine, car l'ordinateur est livré à lui-même.

J'ai installé sur mon ordinateur portable et fait un scan et il a été bon. Vu comment elle a conclu, de sorte Je savais ce que je pourrais dire à faire après avoir terminé le balayage, mais lorsque la personne revient à l'ordinateur, le programme n'est plus fait de son peu.

Voilà deux fois, il a été fait et rien.
  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Inscription: Nov 21, 2006
  • Messages: 4924
  • Loc: NY
  • Status: Offline

Message Septembre 25th, 2008, 5:52 am

Ils pensent que ça a cessé, mais il n'a pas fait. Vous devez lui donner une chance. Même l'analyse rapide peut prendre 20 minutes si il ya beaucoup de fichiers.
How do you know when a politician is lying? His mouth is moving.
  • SB
  • Moderator
  • Genius
  • Avatar de l’utilisateur
  • Inscription: Nov 16, 2004
  • Messages: 8685
  • Loc: Aberdeen, Scotland
  • Status: Offline

Message Septembre 25th, 2008, 3:37 pm

Ils ont fait un scan et j'ai vu tout au long, un message d'erreur surgit après l'analyse (qui a pris environ 3 heures car il ya beaucoup de fichiers) en disant qu'elle ne pouvait pas continuer. Le programme se ferme alors. Understandly une douleur dans la cuisse.
  • Don2007
  • Web Master
  • Web Master
  • No Avatar
  • Inscription: Nov 21, 2006
  • Messages: 4924
  • Loc: NY
  • Status: Offline

Message Septembre 25th, 2008, 5:24 pm

Attendez une minute. Je viens de voir plus de choses qui devraient être supprimés en utilisant Hijack This.

O21 - SSODL: HcrTKU - (A0F5E923-0A5F-4389-8B0D-84B69A10F763) - C: \ WINDOWS \ system32 \ eeb.dll

O23 - Service: CbEvnSvc - Unknown owner - C: \ WINDOWS \ System32 \ CbEvnSvc.exe

O23 - Service: CbEvtSvc - Unknown owner - C: \ WINDOWS \ System32 \ CbEvtSvc.exe
How do you know when a politician is lying? His mouth is moving.
  • SB
  • Moderator
  • Genius
  • Avatar de l’utilisateur
  • Inscription: Nov 16, 2004
  • Messages: 8685
  • Loc: Aberdeen, Scotland
  • Status: Offline

Message Septembre 26th, 2008, 12:50 am

Merci Don2007, mal de voir comment et qui va vous permettre de savoir.

L'aide est vraiment appréciée.

Page 1 sur 1

Afficher de l'information

  • Total des messages de ce sujet: 9 messages
  • Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 95 invités
  • Vous ne pouvez pas poster de nouveaux sujets
  • Vous ne pouvez pas répondre aux sujets
  • Vous ne pouvez pas éditer vos messages
  • Vous ne pouvez pas supprimer vos messages
  • Vous ne pouvez pas joindre des fichiers
 
 

© 2011 Unmelted, LLC. Ozzu® est une marque déposée de Unmelted, LLC