Affichage sauvage pages publicitaires

4 réponses

christian.taburet

29/10/2007 à 14:30

Bonjour,

Je suis envahi par des pages publicitaires intempestives lorsque je
suis connect=E9 : pour un ant-virus, des offres de pr=EAts, de jeux de
casiono, etc. Je pense que des pgm importuns r=E9sident sur mon PC.
Ci joint le compte rendu de HiJackthis. Merci de me dire quoi faire et
comment =E9viter l'installation de ces pgm.
cordialement

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:06, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\CTSvcCDA.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\PROGRA~1\VeriSign\NAVI\NAVICL~1.EXE
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Network Associates\VirusScan\Webscanx.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\update.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =3D
http://www.2uid.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =3D
http://go.microsoft.com/fwlink/?LinkId=3D69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
=3D http://go.microsoft.com/fwlink/?LinkId=3D54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =3D
http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =3D
http://go.microsoft.com/fwlink/?LinkId=3D54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =3D
http://go.microsoft.com/fwlink/?LinkId=3D69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant
=3D http://2uid.info
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =3D
Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName
=3D Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-
A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-
nav_4_2_0.dll
R3 - URLSearchHook: (no name) - {8A4E1972-8F42-4B50-AA71-29DCA9F336BC}
- (no file)
O1 - Hosts: 8.4.112.108 L2authd.lineage2.com
O1 - Hosts: 8.4.112.108 L2testauthd.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-
B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat
\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1D09A743-00ED-4713-BCC4-32D590D1087A} - (no
file)
O2 - BHO: ECarteBleueBrowserHelper Class -
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS
\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier
\2.1.615.5858\swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
(no file)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F}
- C:\Program Files\VeriSign\i-Nav\i-nav_4_2_0.dll
O3 - Toolbar: (no name) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - (no
file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS
\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video
\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video
\LogiTray.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro
\type32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime
\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE
\opware32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS
\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft
IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java
\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker
\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Ping upload extra road] C:\Documents and Settings
\All Users\Application Data\burn spam ping upload\First Face.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor
\SDTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe
\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech
\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe
appLaunchClientZone.shl|DEFAULT=3Dcnx|PARAM=3D
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
(User 'SERVICE R=C9SEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
(User 'Default user')
O4 - Startup: Utilitaire r=E9seau pour SAGEM Wi-Fi 11g USB adapter.lnk
=3D ?
O4 - Global Startup: Utilitaire r=E9seau pour SAGEM Wi-Fi 11g USB
adapter.lnk =3D ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
- C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F}
- http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-
A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/=
index.jsp
(file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F}
- C:\Program Files\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-
A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-
nav_4_2_0.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-
d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic
\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connex=
ion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messeng=
erStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
- C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro
Activex control v6) - http://www.ffjudo.com/ffjdanew/extranet/teechart6.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown
Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messeng=
erStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.c=
ab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games -
Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl
Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI
Registry Information Class) - http://security.symantec.com/sscv6/SharedCont=
ent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files
\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program
Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS
\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver
\1150\Intel 32\IDriverT.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Fichiers
communs\Network Associates\McShield\Mcshield.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program
Files\VeriSign\NAVI\naviagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:\Program Files\Spyware Doctor\swdsvc.exe

--
End of file - 12267 bytes

4 réponses

oéoé re

29/10/2007 à 22:42

a écrit dans le message de news:

Bonjour,

Je suis envahi par des pages publicitaires intempestives lorsque je
suis connecté : pour un ant-virus, des offres de prêts, de jeux de
casiono, etc. Je pense que des pgm importuns résident sur mon PC.
Ci joint le compte rendu de HiJackthis. Merci de me dire quoi faire et
comment éviter l'installation de ces pgm.
cordialement

Bonsoir,
analyse ici, faite par robot
www.hijackthis.de

ATTENTION avant de fixer (supprimer)

jav

30/10/2007 à 00:26

Bonjour,

ça ressemble à un pb de rootkit, non ?
va voir là:
http://www.avgfrance.com/doc/products-avg-anti-rootkit-free-edition/fr/crp/0
A+
jav

traminot

18/11/2007 à 17:52

je recois des clips publicitaires pornographique ainsi que des pages de site
porno et je n'arrive pas a m'en defaire,cela revient regulierement et cela
commence a bien faire .comment resoudre ce probleme?MERCI
--
traminot

Bonjour,

Je suis envahi par des pages publicitaires intempestives lorsque je
suis connecté : pour un ant-virus, des offres de prêts, de jeux de
casiono, etc. Je pense que des pgm importuns résident sur mon PC.
Ci joint le compte rendu de HiJackthis. Merci de me dire quoi faire et
comment éviter l'installation de ces pgm.
cordialement

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:06, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNetwork AssociatesVirusScanAvsynmgr.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:WINDOWSSystem32CTSvcCDA.exe
C:WINDOWSSystem32FTRTSVC.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesMicrosoft SQL ServerMSSQLBinnsqlservr.exe
C:Program FilesVeriSignNAVInaviagent.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesSpyware Doctorsvcntaux.exe
C:PROGRA~1VeriSignNAVINAVICL~1.EXE
C:Program FilesNetwork AssociatesVirusScanVsStat.exe
C:WINDOWSExplorer.EXE
C:Program FilesSpyware Doctorswdsvc.exe
C:Program FilesNetwork AssociatesVirusScanWebscanx.exe
C:Program FilesNetwork AssociatesVirusScanAvconsol.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesSpyware DoctorSDTrayApp.exe
C:Program FilesMicrosoft IntelliType Protype32.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesScanSoftOmniPageSEopware32.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesMicrosoft IntelliPointpoint32.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesJavajre1.6.0_02binjusched.exe
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSAGEM WiFi managerWLANUTL.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSpyware Doctorupdate.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.2uid.info/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL > http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page > http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant
= http://2uid.info
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title > Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
R3 - URLSearchHook: (no name) - {8A4E1972-8F42-4B50-AA71-29DCA9F336BC}
- (no file)
O1 - Hosts: 8.4.112.108 L2authd.lineage2.com
O1 - Hosts: 8.4.112.108 L2testauthd.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-
B87D-784B7D6BE0B3} - C:Program FilesFichiers communsAdobeAcrobat
ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {1D09A743-00ED-4713-BCC4-32D590D1087A} - (no
file)
O2 - BHO: ECarteBleueBrowserHelper Class -
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:WINDOWS
system32BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
Program FilesJavajre1.6.0_02binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier
2.1.615.5858swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
(no file)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O3 - Toolbar: (no name) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - (no
file)
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWS
System32NvCpl.dll,NvStartup
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideo
ISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideo
LogiTray.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType Pro
type32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTime
qttask.exe" -atboottime
O4 - HKLM..Run: [Omnipage] C:Program FilesScanSoftOmniPageSE
opware32.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWS
system32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [AtiPTA] atiptaxx.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJava
jre1.6.0_02binjusched.exe"
O4 - HKLM..Run: [UnlockerAssistant] "C:Program FilesUnlocker
UnlockerAssistant.exe"
O4 - HKLM..Run: [Ping upload extra road] C:Documents and Settings
All UsersApplication Databurn spam ping uploadFirst Face.exe
O4 - HKLM..Run: [SDTray] "C:Program FilesSpyware Doctor
SDTrayApp.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobe
Reader 8.0ReaderReader_sl.exe"
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitech
VideoManifestEngine.exe" boot
O4 - HKCU..Run: [WOOKIT] C:Program FilesWanadooShell.exe
appLaunchClientZone.shl|DEFAULT=cnx|PARAM > O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
= ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB
adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
- C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F}
- http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-
A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp
(file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-
d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnostic
xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
- C:Program FilesYahoo!Commonyinsthelper.dll
O16 - DPF: {536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro
Activex control v6) - http://www.ffjudo.com/ffjdanew/extranet/teechart6.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown
Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games -
Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl
Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI
Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:Program Files
Fichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:Program
FilesNetwork AssociatesVirusScanAvsynmgr.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWS
system32driversCDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:WINDOWSSystem32CTSvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:Program FilesFichiers communsInstallShieldDriver
1150Intel 32IDriverT.exe
O23 - Service: McShield - Unknown owner - C:Program FilesFichiers
communsNetwork AssociatesMcShieldMcshield.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:Program
FilesVeriSignNAVInaviagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:Program FilesSpyware Doctorsvcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:Program FilesSpyware Doctorswdsvc.exe

--
End of file - 12267 bytes

Vous avez filtré cet utilisateur ! Consultez son message

Bonjour,

Je suis envahi par des pages publicitaires intempestives lorsque je
suis connecté : pour un ant-virus, des offres de prêts, de jeux de
casiono, etc. Je pense que des pgm importuns résident sur mon PC.
Ci joint le compte rendu de HiJackthis. Merci de me dire quoi faire et
comment éviter l'installation de ces pgm.
cordialement

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:06, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNetwork AssociatesVirusScanAvsynmgr.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:WINDOWSSystem32CTSvcCDA.exe
C:WINDOWSSystem32FTRTSVC.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesMicrosoft SQL ServerMSSQLBinnsqlservr.exe
C:Program FilesVeriSignNAVInaviagent.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesSpyware Doctorsvcntaux.exe
C:PROGRA~1VeriSignNAVINAVICL~1.EXE
C:Program FilesNetwork AssociatesVirusScanVsStat.exe
C:WINDOWSExplorer.EXE
C:Program FilesSpyware Doctorswdsvc.exe
C:Program FilesNetwork AssociatesVirusScanWebscanx.exe
C:Program FilesNetwork AssociatesVirusScanAvconsol.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesSpyware DoctorSDTrayApp.exe
C:Program FilesMicrosoft IntelliType Protype32.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesScanSoftOmniPageSEopware32.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesMicrosoft IntelliPointpoint32.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesJavajre1.6.0_02binjusched.exe
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSAGEM WiFi managerWLANUTL.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSpyware Doctorupdate.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.2uid.info/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL > http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page > http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant
= http://2uid.info
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title > Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
R3 - URLSearchHook: (no name) - {8A4E1972-8F42-4B50-AA71-29DCA9F336BC}
- (no file)
O1 - Hosts: 8.4.112.108 L2authd.lineage2.com
O1 - Hosts: 8.4.112.108 L2testauthd.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-
B87D-784B7D6BE0B3} - C:Program FilesFichiers communsAdobeAcrobat
ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {1D09A743-00ED-4713-BCC4-32D590D1087A} - (no
file)
O2 - BHO: ECarteBleueBrowserHelper Class -
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:WINDOWS
system32BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
Program FilesJavajre1.6.0_02binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier
2.1.615.5858swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
(no file)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O3 - Toolbar: (no name) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - (no
file)
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWS
System32NvCpl.dll,NvStartup
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideo
ISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideo
LogiTray.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType Pro
type32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTime
qttask.exe" -atboottime
O4 - HKLM..Run: [Omnipage] C:Program FilesScanSoftOmniPageSE
opware32.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWS
system32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [AtiPTA] atiptaxx.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJava
jre1.6.0_02binjusched.exe"
O4 - HKLM..Run: [UnlockerAssistant] "C:Program FilesUnlocker
UnlockerAssistant.exe"
O4 - HKLM..Run: [Ping upload extra road] C:Documents and Settings
All UsersApplication Databurn spam ping uploadFirst Face.exe
O4 - HKLM..Run: [SDTray] "C:Program FilesSpyware Doctor
SDTrayApp.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobe
Reader 8.0ReaderReader_sl.exe"
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitech
VideoManifestEngine.exe" boot
O4 - HKCU..Run: [WOOKIT] C:Program FilesWanadooShell.exe
appLaunchClientZone.shl|DEFAULT=cnx|PARAM > O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
= ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB
adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
- C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F}
- http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-
A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp
(file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-
d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnostic
xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
- C:Program FilesYahoo!Commonyinsthelper.dll
O16 - DPF: {536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro
Activex control v6) - http://www.ffjudo.com/ffjdanew/extranet/teechart6.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown
Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games -
Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl
Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI
Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:Program Files
Fichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:Program
FilesNetwork AssociatesVirusScanAvsynmgr.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWS
system32driversCDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:WINDOWSSystem32CTSvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:Program FilesFichiers communsInstallShieldDriver
1150Intel 32IDriverT.exe
O23 - Service: McShield - Unknown owner - C:Program FilesFichiers
communsNetwork AssociatesMcShieldMcshield.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:Program
FilesVeriSignNAVInaviagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:Program FilesSpyware Doctorsvcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:Program FilesSpyware Doctorswdsvc.exe

--
End of file - 12267 bytes

chris

12/02/2008 à 13:17

bonjour,

Cela ma donner le meme parcourt quand j'ai mis C:Program FilesSpyware
Doctorsvcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:Program FilesSpyware Doctorswdsvc.exe

Plutot enlever ce sofware et faite tres attention quand vous utilser votre
anti-virus, il y a surment un conflit entre eux, surtout sur XP machine

"traminot" wrote:

je recois des clips publicitaires pornographique ainsi que des pages de site
porno et je n'arrive pas a m'en defaire,cela revient regulierement et cela
commence a bien faire .comment resoudre ce probleme?MERCI
--
traminot

Bonjour,

Je suis envahi par des pages publicitaires intempestives lorsque je
suis connecté : pour un ant-virus, des offres de prêts, de jeux de
casiono, etc. Je pense que des pgm importuns résident sur mon PC.
Ci joint le compte rendu de HiJackthis. Merci de me dire quoi faire et
comment éviter l'installation de ces pgm.
cordialement

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:06, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNetwork AssociatesVirusScanAvsynmgr.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:WINDOWSSystem32CTSvcCDA.exe
C:WINDOWSSystem32FTRTSVC.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesMicrosoft SQL ServerMSSQLBinnsqlservr.exe
C:Program FilesVeriSignNAVInaviagent.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesSpyware Doctorsvcntaux.exe
C:PROGRA~1VeriSignNAVINAVICL~1.EXE
C:Program FilesNetwork AssociatesVirusScanVsStat.exe
C:WINDOWSExplorer.EXE
C:Program FilesSpyware Doctorswdsvc.exe
C:Program FilesNetwork AssociatesVirusScanWebscanx.exe
C:Program FilesNetwork AssociatesVirusScanAvconsol.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesSpyware DoctorSDTrayApp.exe
C:Program FilesMicrosoft IntelliType Protype32.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesScanSoftOmniPageSEopware32.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesMicrosoft IntelliPointpoint32.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesJavajre1.6.0_02binjusched.exe
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSAGEM WiFi managerWLANUTL.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSpyware Doctorupdate.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > > http://www.2uid.info/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL > > http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > > http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page > > http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > > http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant
= http://2uid.info
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title > > Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
R3 - URLSearchHook: (no name) - {8A4E1972-8F42-4B50-AA71-29DCA9F336BC}
- (no file)
O1 - Hosts: 8.4.112.108 L2authd.lineage2.com
O1 - Hosts: 8.4.112.108 L2testauthd.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-
B87D-784B7D6BE0B3} - C:Program FilesFichiers communsAdobeAcrobat
ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {1D09A743-00ED-4713-BCC4-32D590D1087A} - (no
file)
O2 - BHO: ECarteBleueBrowserHelper Class -
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:WINDOWS
system32BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
Program FilesJavajre1.6.0_02binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier
2.1.615.5858swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
(no file)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O3 - Toolbar: (no name) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - (no
file)
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWS
System32NvCpl.dll,NvStartup
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideo
ISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideo
LogiTray.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType Pro
type32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTime
qttask.exe" -atboottime
O4 - HKLM..Run: [Omnipage] C:Program FilesScanSoftOmniPageSE
opware32.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWS
system32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [AtiPTA] atiptaxx.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJava
jre1.6.0_02binjusched.exe"
O4 - HKLM..Run: [UnlockerAssistant] "C:Program FilesUnlocker
UnlockerAssistant.exe"
O4 - HKLM..Run: [Ping upload extra road] C:Documents and Settings
All UsersApplication Databurn spam ping uploadFirst Face.exe
O4 - HKLM..Run: [SDTray] "C:Program FilesSpyware Doctor
SDTrayApp.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobe
Reader 8.0ReaderReader_sl.exe"
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitech
VideoManifestEngine.exe" boot
O4 - HKCU..Run: [WOOKIT] C:Program FilesWanadooShell.exe
appLaunchClientZone.shl|DEFAULT=cnx|PARAM > > O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
= ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB
adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
- C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F}
- http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-
A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp
(file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-
d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnostic
xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
- C:Program FilesYahoo!Commonyinsthelper.dll
O16 - DPF: {536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro
Activex control v6) - http://www.ffjudo.com/ffjdanew/extranet/teechart6.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown
Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games -
Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl
Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI
Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:Program Files
Fichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:Program
FilesNetwork AssociatesVirusScanAvsynmgr.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWS
system32driversCDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:WINDOWSSystem32CTSvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:Program FilesFichiers communsInstallShieldDriver
1150Intel 32IDriverT.exe
O23 - Service: McShield - Unknown owner - C:Program FilesFichiers
communsNetwork AssociatesMcShieldMcshield.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:Program
FilesVeriSignNAVInaviagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:Program FilesSpyware Doctorsvcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:Program FilesSpyware Doctorswdsvc.exe

--
End of file - 12267 bytes

Vous avez filtré cet utilisateur ! Consultez son message

je recois des clips publicitaires pornographique ainsi que des pages de site
porno et je n'arrive pas a m'en defaire,cela revient regulierement et cela
commence a bien faire .comment resoudre ce probleme?MERCI
--
traminot

Bonjour,

Je suis envahi par des pages publicitaires intempestives lorsque je
suis connecté : pour un ant-virus, des offres de prêts, de jeux de
casiono, etc. Je pense que des pgm importuns résident sur mon PC.
Ci joint le compte rendu de HiJackthis. Merci de me dire quoi faire et
comment éviter l'installation de ces pgm.
cordialement

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:06, on 29/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNetwork AssociatesVirusScanAvsynmgr.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
C:WINDOWSSystem32CTSvcCDA.exe
C:WINDOWSSystem32FTRTSVC.exe
C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
C:Program FilesMicrosoft SQL ServerMSSQLBinnsqlservr.exe
C:Program FilesVeriSignNAVInaviagent.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesSpyware Doctorsvcntaux.exe
C:PROGRA~1VeriSignNAVINAVICL~1.EXE
C:Program FilesNetwork AssociatesVirusScanVsStat.exe
C:WINDOWSExplorer.EXE
C:Program FilesSpyware Doctorswdsvc.exe
C:Program FilesNetwork AssociatesVirusScanWebscanx.exe
C:Program FilesNetwork AssociatesVirusScanAvconsol.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesSpyware DoctorSDTrayApp.exe
C:Program FilesMicrosoft IntelliType Protype32.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesScanSoftOmniPageSEopware32.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesMicrosoft IntelliPointpoint32.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesJavajre1.6.0_02binjusched.exe
C:Program FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSAGEM WiFi managerWLANUTL.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSpyware Doctorupdate.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSSystem32wbemwmiprvse.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > > http://www.2uid.info/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL > > http://go.microsoft.com/fwlink/?LinkIdi157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkIdT896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar > > http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page > > http://go.microsoft.com/fwlink/?LinkIdT896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page > > http://go.microsoft.com/fwlink/?LinkIdi157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant
= http://2uid.info
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title > > Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName
= Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
R3 - URLSearchHook: (no name) - {8A4E1972-8F42-4B50-AA71-29DCA9F336BC}
- (no file)
O1 - Hosts: 8.4.112.108 L2authd.lineage2.com
O1 - Hosts: 8.4.112.108 L2testauthd.lineage2.com
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-
B87D-784B7D6BE0B3} - C:Program FilesFichiers communsAdobeAcrobat
ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {1D09A743-00ED-4713-BCC4-32D590D1087A} - (no
file)
O2 - BHO: ECarteBleueBrowserHelper Class -
{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:WINDOWS
system32BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:
Program FilesJavajre1.6.0_02binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no
file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier
2.1.615.5858swg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
(no file)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O3 - Toolbar: (no name) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - (no
file)
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWS
System32NvCpl.dll,NvStartup
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideo
ISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideo
LogiTray.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 - HKLM..Run: [type32] "C:Program FilesMicrosoft IntelliType Pro
type32.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTime
qttask.exe" -atboottime
O4 - HKLM..Run: [Omnipage] C:Program FilesScanSoftOmniPageSE
opware32.exe
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWS
system32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft
IntelliPointpoint32.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [AtiPTA] atiptaxx.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJava
jre1.6.0_02binjusched.exe"
O4 - HKLM..Run: [UnlockerAssistant] "C:Program FilesUnlocker
UnlockerAssistant.exe"
O4 - HKLM..Run: [Ping upload extra road] C:Documents and Settings
All UsersApplication Databurn spam ping uploadFirst Face.exe
O4 - HKLM..Run: [SDTray] "C:Program FilesSpyware Doctor
SDTrayApp.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobe
Reader 8.0ReaderReader_sl.exe"
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitech
VideoManifestEngine.exe" boot
O4 - HKCU..Run: [WOOKIT] C:Program FilesWanadooShell.exe
appLaunchClientZone.shl|DEFAULT=cnx|PARAM > > O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SERVICE RÉSEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE
(User 'Default user')
O4 - Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk
= ?
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB
adapter.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:Program FilesJavajre1.6.0_02binssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263}
- C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F}
- http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-
A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp
(file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F}
- C:Program FilesVeriSigni-Navi-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-
A58C-4441-8938-744CD72AB27F} - C:Program FilesVeriSigni-Navi-
nav_4_2_0.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-
d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnostic
xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM
ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags
Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class)
- C:Program FilesYahoo!Commonyinsthelper.dll
O16 - DPF: {536600D3-70FE-4C50-92FB-640F6BFC49AD} (TeeChart Pro
Activex control v6) - http://www.ffjudo.com/ffjdanew/extranet/teechart6.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown
Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D}
(MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games -
Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl
Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI
Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:Program Files
Fichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:Program
FilesNetwork AssociatesVirusScanAvsynmgr.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:WINDOWS
system32driversCDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:WINDOWSSystem32CTSvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program
FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:Program FilesFichiers communsInstallShieldDriver
1150Intel 32IDriverT.exe
O23 - Service: McShield - Unknown owner - C:Program FilesFichiers
communsNetwork AssociatesMcShieldMcshield.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:Program
FilesVeriSignNAVInaviagent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools -
C:Program FilesSpyware Doctorsvcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools -
C:Program FilesSpyware Doctorswdsvc.exe

--
End of file - 12267 bytes

Affichage sauvage pages publicitaires

4 réponses

Veuillez sélectionner un problème