Ports : à nouveau...

1 réponse

veroniqueduhaut

09/07/2004 à 15:07

Salut à tous,
Un petit log hijackthis...
Merci de vos commentaires et remarques.

Véro

PS : On ne regarde pas sous mes jupes !

Logfile of HijackThis v1.98.0
Scan saved at 14:55:32, on 09/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\mgabg.exe
C:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\PDesk\PDesk.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\NsUpdate.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Panicware\Pop-Up Stopper\dpps2.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\eDonkey2000\eDonkey2000.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Microsoft Office\Office\1036\OLFSNT40.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AOL 7.0c\waol.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Documents and Settings\duhaut\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.voila.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://search.yahoo.com/search?p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CN
etscape_France.src"); (C:\Documents and Settings\duhaut\Application
Data\Mozilla\Profiles\default\odpk555l.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.dll
O2 - BHO: vlynlgvowvbyupcysiit - {4360beac-b9d8-4a13-9623-5d326819b4e5} -
C:\DOCUME~1\duhaut\APPLIC~1\thkoareocr.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:\PROGRA~1\FICHIE~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Compagnon - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:\PROGRA~1\FICHIE~1\Real\Toolbar\realbar.dll
O3 - Toolbar: ibrbrschxox - {a487bc2b-7b5c-4461-ad01-179c8f4dbce4} -
C:\DOCUME~1\duhaut\APPLIC~1\thkoareocr.dll
O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDesk.exe
/Autolaunch
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers
communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator
5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\Program Files\Panicware\Pop-Up
Stopper\dpps2.exe"
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [Device Detector] "C:\Program Files\Fichiers communs\ACD
Systems\FR\DevDetect.exe" -autorun
O4 - HKLM\..\Run: [eDonkey2000] C:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers
communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Kaspersky Lab\Kaspersky
Anti-Virus Personal\kav.exe /minimize
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program
Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - Startup: LastChance.lnk = C:\Documents and Settings\duhaut\Mes
documents\lastchance.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers
communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Icône AOL.lnk = C:\Program Files\AOL 7.0c\aoltray.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program
Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program
Files\Microsoft Office\Office\1036\OLFSNT40.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers
communs\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no
file)
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM95\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no
file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}
- C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} -
C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers
communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://api.ehmel.hachette-multimedia.fr/ehm/includes/js/tdserver.cab
O16 - DPF: {2ABE804B-4D3A-41BF-A172-304627874B45} -
http://akamai.downloadv3.com/binaries/DialHTML/EGDHTML_XP.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://aol.metaboli.fr/components/ExentCtl.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/hou
secall/xscan53.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) -
http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.axis.com/products/camera_servers/AxisCamControl.ocx
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} (HTMLAccess Class) -
http://usa-download.video-party.com/download/Object/DialerHTML/DHTMLAccess
XP1043.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} -
http://www.portailsexy.com/connection/PortailSexy_adsl.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) -
http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Compagnon) -
http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6
_0.cab
O16 - DPF: {F48EAB92-8BCE-4C77-BE98-D10060BD8590} (SpyBouncer.SBDownloader) -
http://www.spybouncer.com/downloader/downloader.ocx
O16 - DPF: {FB5847A7-C125-4A35-8903-38E7FE26F67F} (UrlExecute) -
http://sexy-hardcore.de/ocx/UrlExecute.ocx
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client)
- http://ccon.madonion.com/global/msc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C3645C7-7744-495F-A630-A2C287318EF1}:
NameServer = 205.188.146.146

1 réponse

Jeuf

09/07/2004 à 15:51

"Veroniqueduhaut" souleva ses jupes...

Merci de vos commentaires et remarques.

Très jolie vue :-)

PS : On ne regarde pas sous mes jupes !

Trop tard ! J'ai vu :
Une carte Matrox, une souris Microsoft, une tablette graphique,
un graveur (euh... graveur DVD, je suppose)
un modem ADSL Alcatel, une imprimante HP,
une webcam Logitech,
Un antivirus Kaspersky, un abonnement à AOL,
un bureau virtuel PDesk,
un filtre anti-popups, un viewer ACDSee,
sans doute Photoshop
et, petite coquine, un eDonkey en fonctionnement
et un Alcohol120%.
Sans parler de FlashGet... Pas bien, tout ça :-)))

Blague à part, il ne me semble pas avoir vu de virus quelconque.
Mais il y a des trucs qui ralentissent certainement ta machine :
Les nombreuses toolbar (SpyBot ne trouve rien à redire ? Essaye ad-aware au
http://www.ad-aware.com)
RealBar est-il vraiment indispensable ? De même pour
Matrox PowerDesk ou Share-to-web de HP (utile uniquement si tu partages ton
imprimante sur le web)

La présence de trois navigateurs : IExplorer, AOL et Netscape.
Des choses que tu ferais mieux de virer si tu ne les utilises pas (comme
DirectCD, très gourmand en ressources)
ou DevDetector de ACDSee (Device Detector)
De même, LastChance n'est vraiment pas indispensable sous XP.

...N'hésite pas à supprimer sauvagement la clé Run incriminée, par exemple :

O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
(qui ne sert qu'à vérifier les nouvelles versions de realplayer)

Pour supprimer ça, le plus simple est de lancer la base de registres
(bouton Démarrer/Exécuter, taper REGEDIT [Entrée]
puis de faire une recherche (menu Edition/Rechercher) sur
update_obrealsched.exe
par exemple.
Lorsque tu le trouves, tu le vires (touche Suppr).

Bisous

---------------------
JFV - Plutôt du bas
---------------------

(je sais : mauvais jeu de mots. Désolé)

Logfile of HijackThis v1.98.0
Scan saved at 14:55:32, on 09/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAVPersonalAVGUARD.EXE
C:Program FilesAVPersonalAVWUPSRV.EXE
C:WINDOWSSystem32mgabg.exe
C:Program FilesPhotodexCompuPicProScsiAccess.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32Tablet.exe
C:WINDOWSwanmpsvc.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:WINDOWSSystem32PDeskPDesk.exe
C:Program FilesAlcatelSpeedTouch USBDragdiag.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesFichiers communsLogitechQCDriverLVCOMS.EXE
C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:WINDOWSNsUpdate.exe
C:Program FilesMicrosoft HardwareMousepoint32.exe
C:Program FilesPanicwarePop-Up Stopperdpps2.exe
C:Program FilesAVPersonalAVGNT.EXE
C:Program FilesFichiers communsACD SystemsFRDevDetect.exe
C:Program FileseDonkey2000eDonkey2000.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesInterVideoCommonBinWinCinemaMgr.exe
C:Program FilesMicrosoft OfficeOffice1036OLFSNT40.EXE
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesAOL 7.0cwaol.exe
C:WINDOWSexplorer.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Documents and SettingsduhautBureauHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.voila.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) > http://search.yahoo.com/search?p=%s
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName Liens
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CN
etscape_France.src"); (C:Documents and SettingsduhautApplication
DataMozillaProfilesdefaultodpk555l.sltprefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:WINDOWSDownloaded Program Filesycomp5_1_6_0.dll
O2 - BHO: vlynlgvowvbyupcysiit - {4360beac-b9d8-4a13-9623-5d326819b4e5} -
C:DOCUME~1duhautAPPLIC~1thkoareocr.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1FICHIE~1RealToolbarrealbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1spybotSPYBOT~1SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:PROGRA~1FlashGetjccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Yahoo! Compagnon - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:WINDOWSDownloaded Program Filesycomp5_1_6_0.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1FICHIE~1RealToolbarrealbar.dll
O3 - Toolbar: ibrbrschxox - {a487bc2b-7b5c-4461-ad01-179c8f4dbce4} -
C:DOCUME~1duhautAPPLIC~1thkoareocr.dll
O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no
file)

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [Matrox Powerdesk] C:WINDOWSSystem32PDeskPDesk.exe
/Autolaunch
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [LVCOMS] C:Program FilesFichiers
communsLogitechQCDriverLVCOMS.EXE
O4 - HKLM..Run: [AdaptecDirectCD] C:Program FilesRoxioEasy CD Creator
5DirectCDDirectCD.exe
O4 - HKLM..Run: [NsUpdate] C:WINDOWSNsUpdate.exe UPDATE
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [Pop-Up Stopper] "C:Program FilesPanicwarePop-Up
Stopperdpps2.exe"
O4 - HKLM..Run: [AVGCtrl] C:Program FilesAVPersonalAVGNT.EXE /min
O4 - HKLM..Run: [Device Detector] "C:Program FilesFichiers communsACD
SystemsFRDevDetect.exe" -autorun
O4 - HKLM..Run: [eDonkey2000] C:Program
FileseDonkey2000eDonkey2000.exe -t

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KAVPersonal50] C:Program FilesKaspersky LabKaspersky
Anti-Virus Personalkav.exe /minimize
O4 - HKCU..Run: [Yahoo! Pager]
C:PROGRA~1Yahoo!MESSEN~1ypager.exe -quiet

O4 - HKCU..Run: [Mozilla Quick Launch] "C:Program
FilesNetscapeNetscapeNetscp.exe" -turbo
O4 - Startup: LastChance.lnk = C:Documents and SettingsduhautMes
documentslastchance.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Icône AOL.lnk = C:Program FilesAOL 7.0caoltray.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program
FilesInterVideoCommonBinWinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:Program
FilesMicrosoft OfficeOffice1036OLFSNT40.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions
present

O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present

O8 - Extra context menu item: Sothink SWF Catcher - C:Program
FilesFichiers

communsSourceTecSWF CatcherInternetExplorer.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
(no

file)
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:Program

FilesAIM95aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
(no

file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}

- C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} -
C:Program FilesFichiers communsSourceTecSWF
CatcherInternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesFichiers
communsSourceTecSWF CatcherInternetExplorer.htm
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1Yahoo!MESSEN~1YPager.exe

O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://api.ehmel.hachette-multimedia.fr/ehm/includes/js/tdserver.cab
O16 - DPF: {2ABE804B-4D3A-41BF-A172-304627874B45} -
http://akamai.downloadv3.com/binaries/DialHTML/EGDHTML_XP.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://aol.metaboli.fr/components/ExentCtl.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/hou
secall/xscan53.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) -
http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.axis.com/products/camera_servers/AxisCamControl.ocx
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} (HTMLAccess Class) -
http://usa-download.video-party.com/download/Object/DialerHTML/DHTMLAccess
XP1043.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} -
http://www.portailsexy.com/connection/PortailSexy_adsl.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) -
http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Compagnon) -
http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6
_0.cab
O16 - DPF: {F48EAB92-8BCE-4C77-BE98-D10060BD8590}
(SpyBouncer.SBDownloader) -

http://www.spybouncer.com/downloader/downloader.ocx
O16 - DPF: {FB5847A7-C125-4A35-8903-38E7FE26F67F} (UrlExecute) -
http://sexy-hardcore.de/ocx/UrlExecute.ocx
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service
Client)

- http://ccon.madonion.com/global/msc.cab
O17 -
HKLMSystemCCSServicesTcpip..{7C3645C7-7744-495F-A630-A2C287318EF1}:

NameServer = 205.188.146.146

"Veroniqueduhaut" souleva ses jupes...

Merci de vos commentaires et remarques.

Très jolie vue :-)

PS : On ne regarde pas sous mes jupes !

O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
(qui ne sert qu'à vérifier les nouvelles versions de realplayer)

Logfile of HijackThis v1.98.0
Scan saved at 14:55:32, on 09/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAVPersonalAVGUARD.EXE
C:Program FilesAVPersonalAVWUPSRV.EXE
C:WINDOWSSystem32mgabg.exe
C:Program FilesPhotodexCompuPicProScsiAccess.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32Tablet.exe
C:WINDOWSwanmpsvc.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:WINDOWSSystem32PDeskPDesk.exe
C:Program FilesAlcatelSpeedTouch USBDragdiag.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesFichiers communsLogitechQCDriverLVCOMS.EXE
C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:WINDOWSNsUpdate.exe
C:Program FilesMicrosoft HardwareMousepoint32.exe
C:Program FilesPanicwarePop-Up Stopperdpps2.exe
C:Program FilesAVPersonalAVGNT.EXE
C:Program FilesFichiers communsACD SystemsFRDevDetect.exe
C:Program FileseDonkey2000eDonkey2000.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesInterVideoCommonBinWinCinemaMgr.exe
C:Program FilesMicrosoft OfficeOffice1036OLFSNT40.EXE
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesAOL 7.0cwaol.exe
C:WINDOWSexplorer.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Documents and SettingsduhautBureauHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.voila.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) > http://search.yahoo.com/search?p=%s
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName Liens
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CN
etscape_France.src"); (C:Documents and SettingsduhautApplication
DataMozillaProfilesdefaultodpk555l.sltprefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:WINDOWSDownloaded Program Filesycomp5_1_6_0.dll
O2 - BHO: vlynlgvowvbyupcysiit - {4360beac-b9d8-4a13-9623-5d326819b4e5} -
C:DOCUME~1duhautAPPLIC~1thkoareocr.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1FICHIE~1RealToolbarrealbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1spybotSPYBOT~1SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:PROGRA~1FlashGetjccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Yahoo! Compagnon - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:WINDOWSDownloaded Program Filesycomp5_1_6_0.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1FICHIE~1RealToolbarrealbar.dll
O3 - Toolbar: ibrbrschxox - {a487bc2b-7b5c-4461-ad01-179c8f4dbce4} -
C:DOCUME~1duhautAPPLIC~1thkoareocr.dll
O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no
file)

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [Matrox Powerdesk] C:WINDOWSSystem32PDeskPDesk.exe
/Autolaunch
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [LVCOMS] C:Program FilesFichiers
communsLogitechQCDriverLVCOMS.EXE
O4 - HKLM..Run: [AdaptecDirectCD] C:Program FilesRoxioEasy CD Creator
5DirectCDDirectCD.exe
O4 - HKLM..Run: [NsUpdate] C:WINDOWSNsUpdate.exe UPDATE
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [Pop-Up Stopper] "C:Program FilesPanicwarePop-Up
Stopperdpps2.exe"
O4 - HKLM..Run: [AVGCtrl] C:Program FilesAVPersonalAVGNT.EXE /min
O4 - HKLM..Run: [Device Detector] "C:Program FilesFichiers communsACD
SystemsFRDevDetect.exe" -autorun
O4 - HKLM..Run: [eDonkey2000] C:Program
FileseDonkey2000eDonkey2000.exe -t

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KAVPersonal50] C:Program FilesKaspersky LabKaspersky
Anti-Virus Personalkav.exe /minimize
O4 - HKCU..Run: [Yahoo! Pager]
C:PROGRA~1Yahoo!MESSEN~1ypager.exe -quiet

O4 - HKCU..Run: [Mozilla Quick Launch] "C:Program
FilesNetscapeNetscapeNetscp.exe" -turbo
O4 - Startup: LastChance.lnk = C:Documents and SettingsduhautMes
documentslastchance.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Icône AOL.lnk = C:Program FilesAOL 7.0caoltray.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program
FilesInterVideoCommonBinWinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:Program
FilesMicrosoft OfficeOffice1036OLFSNT40.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions
present

O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present

O8 - Extra context menu item: Sothink SWF Catcher - C:Program
FilesFichiers

communsSourceTecSWF CatcherInternetExplorer.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
(no

file)
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:Program

FilesAIM95aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
(no

file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}

- C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} -
C:Program FilesFichiers communsSourceTecSWF
CatcherInternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesFichiers
communsSourceTecSWF CatcherInternetExplorer.htm
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1Yahoo!MESSEN~1YPager.exe

O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://api.ehmel.hachette-multimedia.fr/ehm/includes/js/tdserver.cab
O16 - DPF: {2ABE804B-4D3A-41BF-A172-304627874B45} -
http://akamai.downloadv3.com/binaries/DialHTML/EGDHTML_XP.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://aol.metaboli.fr/components/ExentCtl.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/hou
secall/xscan53.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) -
http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.axis.com/products/camera_servers/AxisCamControl.ocx
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} (HTMLAccess Class) -
http://usa-download.video-party.com/download/Object/DialerHTML/DHTMLAccess
XP1043.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} -
http://www.portailsexy.com/connection/PortailSexy_adsl.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) -
http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Compagnon) -
http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6
_0.cab
O16 - DPF: {F48EAB92-8BCE-4C77-BE98-D10060BD8590}
(SpyBouncer.SBDownloader) -

http://www.spybouncer.com/downloader/downloader.ocx
O16 - DPF: {FB5847A7-C125-4A35-8903-38E7FE26F67F} (UrlExecute) -
http://sexy-hardcore.de/ocx/UrlExecute.ocx
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service
Client)

- http://ccon.madonion.com/global/msc.cab
O17 -
HKLMSystemCCSServicesTcpip..{7C3645C7-7744-495F-A630-A2C287318EF1}:

NameServer = 205.188.146.146

Vous avez filtré cet utilisateur ! Consultez son message

"Veroniqueduhaut" souleva ses jupes...

Merci de vos commentaires et remarques.

Très jolie vue :-)

PS : On ne regarde pas sous mes jupes !

O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
(qui ne sert qu'à vérifier les nouvelles versions de realplayer)

Logfile of HijackThis v1.98.0
Scan saved at 14:55:32, on 09/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAVPersonalAVGUARD.EXE
C:Program FilesAVPersonalAVWUPSRV.EXE
C:WINDOWSSystem32mgabg.exe
C:Program FilesPhotodexCompuPicProScsiAccess.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32Tablet.exe
C:WINDOWSwanmpsvc.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:WINDOWSSystem32PDeskPDesk.exe
C:Program FilesAlcatelSpeedTouch USBDragdiag.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesFichiers communsLogitechQCDriverLVCOMS.EXE
C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:WINDOWSNsUpdate.exe
C:Program FilesMicrosoft HardwareMousepoint32.exe
C:Program FilesPanicwarePop-Up Stopperdpps2.exe
C:Program FilesAVPersonalAVGNT.EXE
C:Program FilesFichiers communsACD SystemsFRDevDetect.exe
C:Program FileseDonkey2000eDonkey2000.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesInterVideoCommonBinWinCinemaMgr.exe
C:Program FilesMicrosoft OfficeOffice1036OLFSNT40.EXE
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesAOL 7.0cwaol.exe
C:WINDOWSexplorer.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
C:Documents and SettingsduhautBureauHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.voila.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant > about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) > http://search.yahoo.com/search?p=%s
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName Liens
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CN
etscape_France.src"); (C:Documents and SettingsduhautApplication
DataMozillaProfilesdefaultodpk555l.sltprefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
C:WINDOWSDownloaded Program Filesycomp5_1_6_0.dll
O2 - BHO: vlynlgvowvbyupcysiit - {4360beac-b9d8-4a13-9623-5d326819b4e5} -
C:DOCUME~1duhautAPPLIC~1thkoareocr.dll
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1FICHIE~1RealToolbarrealbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1spybotSPYBOT~1SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:PROGRA~1FlashGetjccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Yahoo! Compagnon - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:WINDOWSDownloaded Program Filesycomp5_1_6_0.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
C:PROGRA~1FICHIE~1RealToolbarrealbar.dll
O3 - Toolbar: ibrbrschxox - {a487bc2b-7b5c-4461-ad01-179c8f4dbce4} -
C:DOCUME~1duhautAPPLIC~1thkoareocr.dll
O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no
file)

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetfgiebar.dll
O4 - HKLM..Run: [Matrox Powerdesk] C:WINDOWSSystem32PDeskPDesk.exe
/Autolaunch
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [LVCOMS] C:Program FilesFichiers
communsLogitechQCDriverLVCOMS.EXE
O4 - HKLM..Run: [AdaptecDirectCD] C:Program FilesRoxioEasy CD Creator
5DirectCDDirectCD.exe
O4 - HKLM..Run: [NsUpdate] C:WINDOWSNsUpdate.exe UPDATE
O4 - HKLM..Run: [POINTER] point32.exe
O4 - HKLM..Run: [Pop-Up Stopper] "C:Program FilesPanicwarePop-Up
Stopperdpps2.exe"
O4 - HKLM..Run: [AVGCtrl] C:Program FilesAVPersonalAVGNT.EXE /min
O4 - HKLM..Run: [Device Detector] "C:Program FilesFichiers communsACD
SystemsFRDevDetect.exe" -autorun
O4 - HKLM..Run: [eDonkey2000] C:Program
FileseDonkey2000eDonkey2000.exe -t

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe"
-atboottime
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [KAVPersonal50] C:Program FilesKaspersky LabKaspersky
Anti-Virus Personalkav.exe /minimize
O4 - HKCU..Run: [Yahoo! Pager]
C:PROGRA~1Yahoo!MESSEN~1ypager.exe -quiet

O4 - HKCU..Run: [Mozilla Quick Launch] "C:Program
FilesNetscapeNetscapeNetscp.exe" -turbo
O4 - Startup: LastChance.lnk = C:Documents and SettingsduhautMes
documentslastchance.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesFichiers
communsAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Icône AOL.lnk = C:Program FilesAOL 7.0caoltray.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:Program
FilesInterVideoCommonBinWinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:Program
FilesMicrosoft OfficeOffice1036OLFSNT40.EXE
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions
present

O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel
present

O8 - Extra context menu item: Sothink SWF Catcher - C:Program
FilesFichiers

communsSourceTecSWF CatcherInternetExplorer.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
C:PROGRA~1FlashGetjc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
C:PROGRA~1FlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
(no

file)
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
C:Program

FilesAIM95aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
(no

file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}

- C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} -
C:Program FilesFichiers communsSourceTecSWF
CatcherInternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher -
{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesFichiers
communsSourceTecSWF CatcherInternetExplorer.htm
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:PROGRA~1Yahoo!MESSEN~1YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1Yahoo!MESSEN~1YPager.exe

O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://api.ehmel.hachette-multimedia.fr/ehm/includes/js/tdserver.cab
O16 - DPF: {2ABE804B-4D3A-41BF-A172-304627874B45} -
http://akamai.downloadv3.com/binaries/DialHTML/EGDHTML_XP.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} -
http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://aol.metaboli.fr/components/ExentCtl.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/hou
secall/xscan53.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) -
http://go.securelive.com/speed/WebInstall.dll
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.axis.com/products/camera_servers/AxisCamControl.ocx
O16 - DPF: {946B0485-8F8C-4C35-A6E7-D2115E3B0B4F} (HTMLAccess Class) -
http://usa-download.video-party.com/download/Object/DialerHTML/DHTMLAccess
XP1043.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} -
http://www.portailsexy.com/connection/PortailSexy_adsl.exe
O16 - DPF: {D1B80EBF-1A26-4FEC-B0B9-DCB934C6507E} (Loader Class) -
http://dialup.carpediem.fr/CABS/1,0,3,8/fr/AccesMembre.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Compagnon) -
http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6
_0.cab
O16 - DPF: {F48EAB92-8BCE-4C77-BE98-D10060BD8590}
(SpyBouncer.SBDownloader) -

http://www.spybouncer.com/downloader/downloader.ocx
O16 - DPF: {FB5847A7-C125-4A35-8903-38E7FE26F67F} (UrlExecute) -
http://sexy-hardcore.de/ocx/UrlExecute.ocx
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service
Client)

- http://ccon.madonion.com/global/msc.cab
O17 -
HKLMSystemCCSServicesTcpip..{7C3645C7-7744-495F-A630-A2C287318EF1}:

NameServer = 205.188.146.146

Ports : à nouveau...

1 réponse

Veuillez sélectionner un problème