Restriction

WikiPierre

04/09/2005 à 17:32

Bonjour,
Je pense que tu as été victime d'un Spyware.

Le changement de page de démarrage est typique des Spyware.

Il vaudrais que tu scanne ton ordinateur avec les logiciels Suivant :
- Ad-Aware
- Spybot S&D
- Microsoft Anti-Spyware

Avec le scann de ton Ordinateur avec ces trois logiciels devrait régler ton
problème.
--

Reviens nous dire si cela a marcher.
@++

------------------------------------------------------------------
Pierre
http://wikims.free.fr/phpBB2/index.php - http://wikims.free.fr/blog/ -
http://communautes-ms.akro-net.org - http://wikims.free.fr

"isabelle" a écrit dans le message de
news:

Bonjour j'ai un petit problème avec Internet explorer je ne peux accéder
mes
option internet car j'ai une restriction (comment cela a t'il été activer
aucune idée) de plus ma page de démarrage a été changer sans que je sois
consulter se n'est plus google...
SVP je ne connait pas beaucoup les ordi j'ai besoin d'aide
--
merci
Isa

isabelle

05/09/2005 à 01:31

Bonjour`j'ai downloader microsoft anti - Spyware et tout va bien j'ai reussi
a retrouver ma page.

De plus je ne connait pas cela du tout mais j'avais 10 (infected file)

le seule problème est que si j'essaye d'aller dans mes option internet j'ai
encore une restriction...
merci Pierre... et a l'aide encore un fois
--
merci
Isa

"WikiPierre" wrote:

Bonjour,
Je pense que tu as été victime d'un Spyware.

Le changement de page de démarrage est typique des Spyware.

Il vaudrais que tu scanne ton ordinateur avec les logiciels Suivant :
- Ad-Aware
- Spybot S&D
- Microsoft Anti-Spyware

Avec le scann de ton Ordinateur avec ces trois logiciels devrait régler ton
problème.
--

Reviens nous dire si cela a marcher.
@++

------------------------------------------------------------------
Pierre
http://wikims.free.fr/phpBB2/index.php - http://wikims.free.fr/blog/ -
http://communautes-ms.akro-net.org - http://wikims.free.fr

"isabelle" a écrit dans le message de
news:
Bonjour j'ai un petit problème avec Internet explorer je ne peux accéder
mes
option internet car j'ai une restriction (comment cela a t'il été activer
aucune idée) de plus ma page de démarrage a été changer sans que je sois
consulter se n'est plus google...
SVP je ne connait pas beaucoup les ordi j'ai besoin d'aide
--
merci
Isa

isabelle

05/09/2005 à 21:47

Ok plus rien ne va... anti spyware me donne un message d,erreur je ne peut
plus le mettre en marche donc j'ai downloader autre spyware cela a marche
pour le premier scan et après encore retour a page internet changer et de
plus plein d'icone sont apparue sur mon desktop...site porno et tout le
tralala la...
je ne sais plus quoi faire... Aider moi
--
merci
Isa

"isabelle" wrote:

Bonjour`j'ai downloader microsoft anti - Spyware et tout va bien j'ai reussi
a retrouver ma page.

De plus je ne connait pas cela du tout mais j'avais 10 (infected file)

le seule problème est que si j'essaye d'aller dans mes option internet j'ai
encore une restriction...
merci Pierre... et a l'aide encore un fois
--
merci
Isa

"WikiPierre" wrote:

Bonjour,
Je pense que tu as été victime d'un Spyware.

Le changement de page de démarrage est typique des Spyware.

Il vaudrais que tu scanne ton ordinateur avec les logiciels Suivant :
- Ad-Aware
- Spybot S&D
- Microsoft Anti-Spyware

Avec le scann de ton Ordinateur avec ces trois logiciels devrait régler ton
problème.
--

Reviens nous dire si cela a marcher.
@++

------------------------------------------------------------------
Pierre
http://wikims.free.fr/phpBB2/index.php - http://wikims.free.fr/blog/ -
http://communautes-ms.akro-net.org - http://wikims.free.fr

"isabelle" a écrit dans le message de
news:
Bonjour j'ai un petit problème avec Internet explorer je ne peux accéder
mes
option internet car j'ai une restriction (comment cela a t'il été activer
aucune idée) de plus ma page de démarrage a été changer sans que je sois
consulter se n'est plus google...
SVP je ne connait pas beaucoup les ordi j'ai besoin d'aide
--
merci
Isa

MAC GYVER

06/09/2005 à 10:25

"isabelle" a écrit dans le message
news:

Ok plus rien ne va... anti spyware me donne un message d,erreur je ne peut
plus le mettre en marche donc j'ai downloader autre spyware cela a marche
pour le premier scan et après encore retour a page internet changer et de
plus plein d'icone sont apparue sur mon desktop...site porno et tout le
tralala la...
je ne sais plus quoi faire... Aider moi
--
merci
Isa

Essais hijackthis :

http://aikido.perso.cegetel.net/h_fichiers/Informatique.htm

Car c probablement un malware qui engendre ton PB... tu doit avoir des lien
qui se lancent depuis la bdr etc...
Tu peux ensuite afficher le rapport ici pour qu'on te dise quoi virrer.

a+

isabelle

07/09/2005 à 02:11

Voici mon log file MAC GYVER:

Ad-Aware SE Build 1.05
Logfile Created on:6 septembre 2005 18:00:27
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Redirected hostfile entry(TAC index:4):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
========================== Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
========================== Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

2005-09-06 18:00:27 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]

#:2 [csrss.exe]

#:3 [winlogon.exe]

#:4 [services.exe]

#:5 [lsass.exe]

#:6 [svchost.exe]

#:7 [svchost.exe]

#:8 [svchost.exe]

#:9 [svchost.exe]

#:10 [svchost.exe]

#:11 [ccsetmgr.exe]

#:12 [ccevtmgr.exe]

#:13 [explorer.exe]

#:14 [spoolsv.exe]

#:15 [hpsysdrv.exe]

#:16 [hkcmd.exe]

#:17 [kbd.exe]

#:18 [hpqcmon.exe]

#:19 [hpgs2wnd.exe]

#:20 [wkufind.exe]

#:21 [hpwuschd.exe]

#:22 [hpztsb09.exe]

#:23 [mshta.exe]

#:24 [hpgs2wnf.exe]

#:25 [ccapp.exe]

#:26 [windowssearch.exe]

#:27 [windowssearchindexer.exe]

#:28 [navapsvc.exe]

#:29 [savscan.exe]

#:30 [snmp.exe]

#:31 [symlcsvc.exe]

#:32 [wdfmgr.exe]

#:33 [alg.exe]

#:34 [update32.exe]

#:35 [msnmsgr.exe]

#:36 [f3setup1.exe]

#:37 [update32.exe]

#:38 [update32.exe]

#:39 [f3setup1.exe]

#:40 [update32.exe]

#:41 [f3setup1.exe]

#:42 [msn6.exe]

#:43 [ad-aware.exe]

#:44 [update32.exe]

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:WINDOWSsystem32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:DOCUME~1PROPRI~1LOCALS~1Temp
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Scanning Hosts file......
Hosts file location:"C:WINDOWSsystem32driversetchosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Warning!
Bad Hosts file entry:70.85.234.26:www.lavasoftusa.com

Redirected hostfile entry Object Recognized!
Type : Hosts file
Data : 70.85.234.26
Bad Hostfile entry : 70.85.234.26:www.lavasoftusa.com

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
14143 entries scanned.
New critical objects:1
Objects found so far: 1

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 10

18:04:39 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:12.281
Objects scanned:87801
Objects identified:1
Objects ignored:0
New critical objects:1

--
merci
Isa

"MAC GYVER" wrote:

"isabelle" a écrit dans le message
news:
Ok plus rien ne va... anti spyware me donne un message d,erreur je ne peut
plus le mettre en marche donc j'ai downloader autre spyware cela a marche
pour le premier scan et après encore retour a page internet changer et de
plus plein d'icone sont apparue sur mon desktop...site porno et tout le
tralala la...
je ne sais plus quoi faire... Aider moi
--
merci
Isa

Essais hijackthis :

http://aikido.perso.cegetel.net/h_fichiers/Informatique.htm

Car c probablement un malware qui engendre ton PB... tu doit avoir des lien
qui se lancent depuis la bdr etc...
Tu peux ensuite afficher le rapport ici pour qu'on te dise quoi virrer.

a+

Voici mon log file MAC GYVER:

Ad-Aware SE Build 1.05
Logfile Created on:6 septembre 2005 18:00:27
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Redirected hostfile entry(TAC index:4):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
========================== Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
========================== Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

2005-09-06 18:00:27 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]

#:2 [csrss.exe]

#:3 [winlogon.exe]

#:4 [services.exe]

#:5 [lsass.exe]

#:6 [svchost.exe]

#:7 [svchost.exe]

#:8 [svchost.exe]

#:9 [svchost.exe]

#:10 [svchost.exe]

#:11 [ccsetmgr.exe]

#:12 [ccevtmgr.exe]

#:13 [explorer.exe]

#:14 [spoolsv.exe]

#:15 [hpsysdrv.exe]

#:16 [hkcmd.exe]

#:17 [kbd.exe]

#:18 [hpqcmon.exe]

#:19 [hpgs2wnd.exe]

#:20 [wkufind.exe]

#:21 [hpwuschd.exe]

#:22 [hpztsb09.exe]

#:23 [mshta.exe]

#:24 [hpgs2wnf.exe]

#:25 [ccapp.exe]

#:26 [windowssearch.exe]

#:27 [windowssearchindexer.exe]

#:28 [navapsvc.exe]

#:29 [savscan.exe]

#:30 [snmp.exe]

#:31 [symlcsvc.exe]

#:32 [wdfmgr.exe]

#:33 [alg.exe]

#:34 [update32.exe]

#:35 [msnmsgr.exe]

#:36 [f3setup1.exe]

#:37 [update32.exe]

#:38 [update32.exe]

#:39 [f3setup1.exe]

#:40 [update32.exe]

#:41 [f3setup1.exe]

#:42 [msn6.exe]

#:43 [ad-aware.exe]

#:44 [update32.exe]

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:WINDOWSsystem32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:DOCUME~1PROPRI~1LOCALS~1Temp
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Scanning Hosts file......
Hosts file location:"C:WINDOWSsystem32driversetchosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Warning!
Bad Hosts file entry:70.85.234.26:www.lavasoftusa.com

Redirected hostfile entry Object Recognized!
Type : Hosts file
Data : 70.85.234.26
Bad Hostfile entry : 70.85.234.26:www.lavasoftusa.com

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
14143 entries scanned.
New critical objects:1
Objects found so far: 1

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 10

18:04:39 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:12.281
Objects scanned:87801
Objects identified:1
Objects ignored:0
New critical objects:1

--
merci
Isa

"MAC GYVER" wrote:

"isabelle" <isabelle@discussions.microsoft.com> a écrit dans le message
news: 5317B892-886E-4ED5-9786-F2941195BE58@microsoft.com...

Ok plus rien ne va... anti spyware me donne un message d,erreur je ne peut
plus le mettre en marche donc j'ai downloader autre spyware cela a marche
pour le premier scan et après encore retour a page internet changer et de
plus plein d'icone sont apparue sur mon desktop...site porno et tout le
tralala la...
je ne sais plus quoi faire... Aider moi
--
merci
Isa

Essais hijackthis :

http://aikido.perso.cegetel.net/h_fichiers/Informatique.htm

Car c probablement un malware qui engendre ton PB... tu doit avoir des lien
qui se lancent depuis la bdr etc...
Tu peux ensuite afficher le rapport ici pour qu'on te dise quoi virrer.

a+

Vous avez filtré cet utilisateur ! Consultez son message

Voici mon log file MAC GYVER:

Ad-Aware SE Build 1.05
Logfile Created on:6 septembre 2005 18:00:27
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Redirected hostfile entry(TAC index:4):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
========================== Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
========================== Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

2005-09-06 18:00:27 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]

#:2 [csrss.exe]

#:3 [winlogon.exe]

#:4 [services.exe]

#:5 [lsass.exe]

#:6 [svchost.exe]

#:7 [svchost.exe]

#:8 [svchost.exe]

#:9 [svchost.exe]

#:10 [svchost.exe]

#:11 [ccsetmgr.exe]

#:12 [ccevtmgr.exe]

#:13 [explorer.exe]

#:14 [spoolsv.exe]

#:15 [hpsysdrv.exe]

#:16 [hkcmd.exe]

#:17 [kbd.exe]

#:18 [hpqcmon.exe]

#:19 [hpgs2wnd.exe]

#:20 [wkufind.exe]

#:21 [hpwuschd.exe]

#:22 [hpztsb09.exe]

#:23 [mshta.exe]

#:24 [hpgs2wnf.exe]

#:25 [ccapp.exe]

#:26 [windowssearch.exe]

#:27 [windowssearchindexer.exe]

#:28 [navapsvc.exe]

#:29 [savscan.exe]

#:30 [snmp.exe]

#:31 [symlcsvc.exe]

#:32 [wdfmgr.exe]

#:33 [alg.exe]

#:34 [update32.exe]

#:35 [msnmsgr.exe]

#:36 [f3setup1.exe]

#:37 [update32.exe]

#:38 [update32.exe]

#:39 [f3setup1.exe]

#:40 [update32.exe]

#:41 [f3setup1.exe]

#:42 [msn6.exe]

#:43 [ad-aware.exe]

#:44 [update32.exe]

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:WINDOWSsystem32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Disk Scan Result for C:DOCUME~1PROPRI~1LOCALS~1Temp
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Scanning Hosts file......
Hosts file location:"C:WINDOWSsystem32driversetchosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Warning!
Bad Hosts file entry:70.85.234.26:www.lavasoftusa.com

Redirected hostfile entry Object Recognized!
Type : Hosts file
Data : 70.85.234.26
Bad Hostfile entry : 70.85.234.26:www.lavasoftusa.com

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
14143 entries scanned.
New critical objects:1
Objects found so far: 1

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 10

18:04:39 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:12.281
Objects scanned:87801
Objects identified:1
Objects ignored:0
New critical objects:1

--
merci
Isa

"MAC GYVER" wrote:

"isabelle" a écrit dans le message
news:
Ok plus rien ne va... anti spyware me donne un message d,erreur je ne peut
plus le mettre en marche donc j'ai downloader autre spyware cela a marche
pour le premier scan et après encore retour a page internet changer et de
plus plein d'icone sont apparue sur mon desktop...site porno et tout le
tralala la...
je ne sais plus quoi faire... Aider moi
--
merci
Isa

Essais hijackthis :

http://aikido.perso.cegetel.net/h_fichiers/Informatique.htm

Car c probablement un malware qui engendre ton PB... tu doit avoir des lien
qui se lancent depuis la bdr etc...
Tu peux ensuite afficher le rapport ici pour qu'on te dise quoi virrer.

a+

MAC GYVER

07/09/2005 à 10:42

"isabelle" a écrit dans le message
news:

Voici mon log file MAC GYVER:

Ad-Aware SE Build 1.05

J'aurais besoins du log de hijackthis

Tsilefy

07/09/2005 à 20:38

Dans le message news:,
MAC GYVER a écrit:

"isabelle" a écrit dans le
message news:
Voici mon log file MAC GYVER:

Ad-Aware SE Build 1.05

J'aurais besoins du log de hijackthis

Tout à fait ! je mets juste mon grain de sel (je ne fais que passer :-) :
ce scan d'ad aware montre que www.lavasoftusa.com est mis dans le fichier
hosts et apparemment détourné ! Ce qui démontre qu' une sale bestiole est
passé par là. En plus, la liste des running processes contient quelques
entrées louches.
--
Tsilefy

isabelle

09/09/2005 à 01:29

Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

"Tsilefy" wrote:

Dans le message news:,
MAC GYVER a écrit:
"isabelle" a écrit dans le
message news:
Voici mon log file MAC GYVER:

Ad-Aware SE Build 1.05

J'aurais besoins du log de hijackthis

Tout à fait ! je mets juste mon grain de sel (je ne fais que passer :-) :
ce scan d'ad aware montre que www.lavasoftusa.com est mis dans le fichier
hosts et apparemment détourné ! Ce qui démontre qu' une sale bestiole est
passé par là. En plus, la liste des running processes contient quelques
entrées louches.
--
Tsilefy

MAC GYVER

09/09/2005 à 09:19

"isabelle" a écrit dans le message
news:

Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

Clic sur Hijackthis puis "do a system scan et do a log file" puis
sélectionnes ds hijackthis.log tout à partir de "Running processes:" avec le
clic gauche de la souris en maintenant cliqué jusqu'en bas de sorte de tout
selectioner puis fais "ctrl + c" puis "ctrl + v" ici de sorte d'avoir
quelque chose du genre :

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
E:LOGITECHSYSTEMEM_EXEC.EXE
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:WINAMP3WINAMP3.EXE
C:WINDOWSSYSTEMDDHELP.EXE
E:HIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar http://www.google.fr/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName Liens
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFGIEBAR.DLL
O3 - Toolbar: @msdxmLC.dll,,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [EM_EXEC] e:LOGITECHSYSTEMEM_EXEC.EXE
O4 - HKLM..RunServices: [ADSLAutoconnect] C:PROGRAM FILESADSL
AUTOCONNECTADSL AUTOCONNECT.EXE -z
O4 - HKCU..Run: [SkwatAutoconnect] C:PROGRAM FILESADSL AUTOCONNECTADSL
AUTOCONNECT.EXE
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_link.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:FLASHGETFLASHGETFLASHGET.EXE
O11 - Options group: [Accessibilité] Accessibilité
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINSnpqtplugin.dll

a+

"isabelle" <isabelle@discussions.microsoft.com> a écrit dans le message
news: 80AFE4D1-8C17-4891-9DD8-AD2E7A7872F9@microsoft.com...

Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

Clic sur Hijackthis puis "do a system scan et do a log file" puis
sélectionnes ds hijackthis.log tout à partir de "Running processes:" avec le
clic gauche de la souris en maintenant cliqué jusqu'en bas de sorte de tout
selectioner puis fais "ctrl + c" puis "ctrl + v" ici de sorte d'avoir
quelque chose du genre :

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
E:LOGITECHSYSTEMEM_EXEC.EXE
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:WINAMP3WINAMP3.EXE
C:WINDOWSSYSTEMDDHELP.EXE
E:HIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar http://www.google.fr/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName Liens
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFGIEBAR.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [EM_EXEC] e:LOGITECHSYSTEMEM_EXEC.EXE
O4 - HKLM..RunServices: [ADSLAutoconnect] C:PROGRAM FILESADSL
AUTOCONNECTADSL AUTOCONNECT.EXE -z
O4 - HKCU..Run: [SkwatAutoconnect] C:PROGRAM FILESADSL AUTOCONNECTADSL
AUTOCONNECT.EXE
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_link.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:FLASHGETFLASHGETFLASHGET.EXE
O11 - Options group: [Accessibilité] Accessibilité
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINSnpqtplugin.dll

a+

Vous avez filtré cet utilisateur ! Consultez son message

"isabelle" a écrit dans le message
news:

Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

Clic sur Hijackthis puis "do a system scan et do a log file" puis
sélectionnes ds hijackthis.log tout à partir de "Running processes:" avec le
clic gauche de la souris en maintenant cliqué jusqu'en bas de sorte de tout
selectioner puis fais "ctrl + c" puis "ctrl + v" ici de sorte d'avoir
quelque chose du genre :

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
E:LOGITECHSYSTEMEM_EXEC.EXE
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:WINAMP3WINAMP3.EXE
C:WINDOWSSYSTEMDDHELP.EXE
E:HIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar http://www.google.fr/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName Liens
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFGIEBAR.DLL
O3 - Toolbar: @msdxmLC.dll,,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [EM_EXEC] e:LOGITECHSYSTEMEM_EXEC.EXE
O4 - HKLM..RunServices: [ADSLAutoconnect] C:PROGRAM FILESADSL
AUTOCONNECTADSL AUTOCONNECT.EXE -z
O4 - HKCU..Run: [SkwatAutoconnect] C:PROGRAM FILESADSL AUTOCONNECTADSL
AUTOCONNECT.EXE
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_link.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:FLASHGETFLASHGETFLASHGET.EXE
O11 - Options group: [Accessibilité] Accessibilité
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINSnpqtplugin.dll

a+

isabelle

09/09/2005 à 14:01

Ok voici et merci beaucoup

Logfile of HijackThis v1.99.1
Scan saved at 07:57:55, on 2005-09-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hkcmd.exe
C:HPKBDKBD.EXE
C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesFichiers communsMicrosoft SharedWorks SharedWkUFind.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
C:WINDOWSsystem32mshta.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:Program FilesMSN Toolbar
SuiteDS2.05.0000.1082en-usbinWindowsSearch.exe
C:Program FilesMSN Toolbar
SuiteDS2.05.0000.1082en-usbinWindowsSearchIndexer.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSSystem32snmp.exe
C:Program FilesMSNMSNCoreFilesmsn6.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:DOCUME~1PROPRI~1LOCALS~1TempRépertoire temporaire 2 pour
hijackthis_199[1].zipHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchAssistant =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet Explorer,CustomizeSearch =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet Explorer,SearchURL =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://specific911.com/_start/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://specific911.com/_start/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://specific911.com/_start/
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O1 - Hosts: 70.85.234.26 www.spyware-locator.cc
O1 - Hosts: 70.85.234.26 www.rxlist.com
O1 - Hosts: 70.85.234.26 rxlist.com
O1 - Hosts: 70.85.234.26 *.blogspot.com
O1 - Hosts: 70.85.234.26 blogspot.com
O1 - Hosts: 70.85.234.26 pagead2.googlesyndication.com
O1 - Hosts: 70.85.234.26 *.casino-top.org
O1 - Hosts: 70.85.234.26 *.smokaz.com
O1 - Hosts: 70.85.234.26 000info.com
O1 - Hosts: 70.85.234.26 000infocom
O1 - Hosts: 70.85.234.26 007arcadegames.com
O1 - Hosts: 70.85.234.26 008i.com
O1 - Hosts: 70.85.234.26 008i.com
O1 - Hosts: 70.85.234.26 008k.com
O1 - Hosts: 70.85.234.26 008k.com
O1 - Hosts: 70.85.234.26 00fun.com
O1 - Hosts: 70.85.234.26 00hq.com
O1 - Hosts: 70.85.234.26 01.sharedsource.org
O1 - Hosts: 70.85.234.26 010402.com
O1 - Hosts: 70.85.234.26 0190-dialer.com
O1 - Hosts: 70.85.234.26 0-29.com
O1 - Hosts: 70.85.234.26 02pmnzy5eo29bfk4.com
O1 - Hosts: 70.85.234.26 0-2u.com
O1 - Hosts: 70.85.234.26 03.sharedsource.org
O1 - Hosts: 70.85.234.26 05.sharedsource.org
O1 - Hosts: 70.85.234.26 05p.com
O1 - Hosts: 70.85.234.26 07ic5do2myz3vzpk.com
O1 - Hosts: 70.85.234.26 08nigbmwk43i01y6.com
O1 - Hosts: 70.85.234.26 09.sharedsource.org
O1 - Hosts: 70.85.234.26 093qpeuqpmz6ebfa.com
O1 - Hosts: 70.85.234.26 0calories.net
O1 - Hosts: 70.85.234.26 0cat.com
O1 - Hosts: 70.85.234.26 0cj.net
O1 - Hosts: 70.85.234.26 0-days.net
O1 - Hosts: 70.85.234.26 0fkhzhpoxstn717y.com
O1 - Hosts: 70.85.234.26 0i4ixakh2d6hun43.com
O1 - Hosts: 70.85.234.26 0ml.net
O1 - Hosts: 70.85.234.26 0texkax7c6hzuidk.com
O1 - Hosts: 70.85.234.26 0un8yo7rh82m416k.com
O1 - Hosts: 70.85.234.26 0vibd7viihxrtpyu.com
O1 - Hosts: 70.85.234.26 0websearch.com
O1 - Hosts: 70.85.234.26 0ym6ei1saev6eiuw.com
O1 - Hosts: 70.85.234.26 0zoafrqnit8em7xa.com
O1 - Hosts: 70.85.234.26 1.adbrite.com
O1 - Hosts: 70.85.234.26 1.marketbanker.com
O1 - Hosts: 70.85.234.26 1.primaryads.com
O1 - Hosts: 70.85.234.26 10000hits.net
O1 - Hosts: 70.85.234.26 1000funnyvideos.com
O1 - Hosts: 70.85.234.26 1000stars.ru
O1 - Hosts: 70.85.234.26 10016.searchmiracle.com
O1 - Hosts: 70.85.234.26 1001MOVIE.com
O1 - Hosts: 70.85.234.26 1001night.biz
O1 - Hosts: 70.85.234.26 100gal.net
O1 - Hosts: 70.85.234.26 100mature.net
O1 - Hosts: 70.85.234.26 100pantyhose.com
O1 - Hosts: 70.85.234.26 100sexlinks.com
O1 - Hosts: 70.85.234.26 101lottery.com
O1 - Hosts: 70.85.234.26 1089288654
O1 - Hosts: 70.85.234.26 10k1txdk35mt02xx.com
O1 - Hosts: 70.85.234.26 10money.us
O1 - Hosts: 70.85.234.26 11.rtcode.com
O1 - Hosts: 70.85.234.26 1110100011o1window.info
O1 - Hosts: 70.85.234.26 11zz.com
O1 - Hosts: 70.85.234.26 12.tnssearch.com
O1 - Hosts: 70.85.234.26 1234.2bro.com
O1 - Hosts: 70.85.234.26 123count.com
O1 - Hosts: 70.85.234.26 123counter.mycomputer.com
O1 - Hosts: 70.85.234.26 123-find4u.com
O1 - Hosts: 70.85.234.26 123go.com
O1 - Hosts: 70.85.234.26 123Greetings.com
O1 - Hosts: 70.85.234.26 123keno.com
O1 - Hosts: 70.85.234.26 123mania.com
O1 - Hosts: 70.85.234.26 123search.com
O1 - Hosts: 70.85.234.26 123-search.net
O1 - Hosts: 70.85.234.26 123search4u.com
O1 - Hosts: 70.85.234.26 123-search4u.com
O1 - Hosts: 70.85.234.26 123-searchengine.com
O1 - Hosts: 70.85.234.26 123spywar.com
O1 - Hosts: 70.85.234.26 123stat.com
O1 - Hosts: 70.85.234.26 123xxl.com
O1 - Hosts: 70.85.234.26 123zae.biz
O1 - Hosts: 70.85.234.26 130.94.72.17
O1 - Hosts: 70.85.234.26 130.94.72.173
O1 - Hosts: 70.85.234.26 1337creations.com
O1 - Hosts: 70.85.234.26 143fuck.com
O1 - Hosts: 70.85.234.26 146.82.109.220
O1 - Hosts: 70.85.234.26 146.82.67.44
O1 - Hosts: 70.85.234.26 14713804A.l2m.net
O1 - Hosts: 70.85.234.26 157.238.62.14
O1 - Hosts: 70.85.234.26 159.25.16.238
O1 - Hosts: 70.85.234.26 159.25.16.70
O1 - Hosts: 70.85.234.26 159.25.16.71
O1 - Hosts: 70.85.234.26 163.com
O1 - Hosts: 70.85.234.26 17.sharedsource.org
O1 - Hosts: 70.85.234.26 171203.com
O1 - Hosts: 70.85.234.26 17re8px9v1ypc6w7.com
O1 - Hosts: 70.85.234.26 18.sharedsource.org
O1 - Hosts: 70.85.234.26 180solutions.com
O1 - Hosts: 70.85.234.26 18AGE-DOMINATION.COM
O1 - Hosts: 70.85.234.26 18post.com
O1 - Hosts: 70.85.234.26 18uz3wkpu86hbu3v.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
- C:Program FilesMSN Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [StorageGuard] "C:Program FilesFichiers
communsSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [CamMonitor] C:Program FilesHewlett-PackardDigital
ImagingUnloadhpqcmon.exe
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [Microsoft Works Update Detection] C:Program
FilesFichiers communsMicrosoft SharedWorks SharedWkUFind.exe
O4 - HKLM..Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHewlett-PackardHP
Software UpdateHPWuSchd.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility]
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
O4 - HKLM..Run: [SystemBoot] mshta file:///C:/WINDOWS/winsys.hta
O4 - HKLM..Run: [RunOnce] C:y.exe
O4 - HKLM..Run: [SysInfo] C:WINDOWSsystem32sshjp32.exe
O4 - HKLM..Run: [Info] C:WINDOWSsystem32bootok.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe"
O4 - HKCU..Run: [Info] C:WINDOWSsystem32bootok.exe
O4 - HKCU..Run: [SysInfo] C:WINDOWSsystem32bootok.exe
O4 - HKCU..Run: [Spyware Cleaner] "C:Program FilesSpyware
CleanerSpywareCleaner.Exe" /boot
O4 - Global Startup: Windows Desktop Search.lnk = C:Program FilesMSN
Toolbar SuiteDS2.05.0000.1082en-usbinWindowsSearch.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &MSN Search - res://C:Program FilesMSN
Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:Program
FilesMSN Toolbar
SuiteTAB2.05.0000.1110en-usmsntabres.dll/229?f1222fe741eb486dae2bc28ccfafe482
O8 - Extra context menu item: Open in new foreground tab - res://C:Program
FilesMSN Toolbar
SuiteTAB2.05.0000.1110en-usmsntabres.dll/230?f1222fe741eb486dae2bc28ccfafe482
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no
file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O13 - WWW Prefix: http://specific911.net/se.cgi?query O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://ca.msnusers.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) -
http://www.mindavenue.com/downloads/AXELPlayerAX_Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125966916218
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7BA7BCE2-D359-4407-82D9-CDF9A74C487A} (DownLoadStub Class) -
http://www.cartogra.com/downloads/DownloadPhotos.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object)
- http://fr.autos.sympatico.msn.ca/components/ocx/survid/MSSurVid.cab
O16 - DPF: {928B02A5-5760-42B8-AE7A-CA6749CC0A96} (OnlineUsabilityPlugInC
Class) -
http://preview.itracks.com/Usability/OnlineUsabilityPlugIn/ver_1_001_001/OnlineUsabilityPlugIn.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) -
http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object)
- http://fr.autos.sympatico.msn.ca/components/ocx/exterior/Outside.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) -
http://www.photolab.ca/activex/PCAXSetup.cab?
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
O17 -
HKLMSystemCCSServicesTcpip..{C94F7DC8-BEBB-48B7-B06D-23E0B966FB87}:
NameServer = 206.47.244.17 206.47.244.51
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: hpdj3500 - Unknown owner -
C:DOCUME~1PROPRI~1LOCALS~1Temphpdj3500.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

--
merci
Isa

"MAC GYVER" wrote:

"isabelle" a écrit dans le message
news:
Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

Clic sur Hijackthis puis "do a system scan et do a log file" puis
sélectionnes ds hijackthis.log tout à partir de "Running processes:" avec le
clic gauche de la souris en maintenant cliqué jusqu'en bas de sorte de tout
selectioner puis fais "ctrl + c" puis "ctrl + v" ici de sorte d'avoir
quelque chose du genre :

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
E:LOGITECHSYSTEMEM_EXEC.EXE
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:WINAMP3WINAMP3.EXE
C:WINDOWSSYSTEMDDHELP.EXE
E:HIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > http://www.google.fr/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page > http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName > Liens
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFGIEBAR.DLL
O3 - Toolbar: @msdxmLC.dll,,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [EM_EXEC] e:LOGITECHSYSTEMEM_EXEC.EXE
O4 - HKLM..RunServices: [ADSLAutoconnect] C:PROGRAM FILESADSL
AUTOCONNECTADSL AUTOCONNECT.EXE -z
O4 - HKCU..Run: [SkwatAutoconnect] C:PROGRAM FILESADSL AUTOCONNECTADSL
AUTOCONNECT.EXE
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_link.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:FLASHGETFLASHGETFLASHGET.EXE
O11 - Options group: [Accessibilité] Accessibilité
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINSnpqtplugin.dll

a+

Ok voici et merci beaucoup

Logfile of HijackThis v1.99.1
Scan saved at 07:57:55, on 2005-09-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hkcmd.exe
C:HPKBDKBD.EXE
C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesFichiers communsMicrosoft SharedWorks SharedWkUFind.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
C:WINDOWSsystem32mshta.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:Program FilesMSN Toolbar
SuiteDS2.05.0000.1082en-usbinWindowsSearch.exe
C:Program FilesMSN Toolbar
SuiteDS2.05.0000.1082en-usbinWindowsSearchIndexer.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSSystem32snmp.exe
C:Program FilesMSNMSNCoreFilesmsn6.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:DOCUME~1PROPRI~1LOCALS~1TempRépertoire temporaire 2 pour
hijackthis_199[1].zipHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchAssistant =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet Explorer,CustomizeSearch =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet Explorer,SearchURL =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://specific911.com/_start/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://specific911.com/_start/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://specific911.com/_start/
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O1 - Hosts: 70.85.234.26 www.spyware-locator.cc
O1 - Hosts: 70.85.234.26 www.rxlist.com
O1 - Hosts: 70.85.234.26 rxlist.com
O1 - Hosts: 70.85.234.26 *.blogspot.com
O1 - Hosts: 70.85.234.26 blogspot.com
O1 - Hosts: 70.85.234.26 pagead2.googlesyndication.com
O1 - Hosts: 70.85.234.26 *.casino-top.org
O1 - Hosts: 70.85.234.26 *.smokaz.com
O1 - Hosts: 70.85.234.26 000info.com
O1 - Hosts: 70.85.234.26 000infocom
O1 - Hosts: 70.85.234.26 007arcadegames.com
O1 - Hosts: 70.85.234.26 008i.com
O1 - Hosts: 70.85.234.26 008i.com
O1 - Hosts: 70.85.234.26 008k.com
O1 - Hosts: 70.85.234.26 008k.com
O1 - Hosts: 70.85.234.26 00fun.com
O1 - Hosts: 70.85.234.26 00hq.com
O1 - Hosts: 70.85.234.26 01.sharedsource.org
O1 - Hosts: 70.85.234.26 010402.com
O1 - Hosts: 70.85.234.26 0190-dialer.com
O1 - Hosts: 70.85.234.26 0-29.com
O1 - Hosts: 70.85.234.26 02pmnzy5eo29bfk4.com
O1 - Hosts: 70.85.234.26 0-2u.com
O1 - Hosts: 70.85.234.26 03.sharedsource.org
O1 - Hosts: 70.85.234.26 05.sharedsource.org
O1 - Hosts: 70.85.234.26 05p.com
O1 - Hosts: 70.85.234.26 07ic5do2myz3vzpk.com
O1 - Hosts: 70.85.234.26 08nigbmwk43i01y6.com
O1 - Hosts: 70.85.234.26 09.sharedsource.org
O1 - Hosts: 70.85.234.26 093qpeuqpmz6ebfa.com
O1 - Hosts: 70.85.234.26 0calories.net
O1 - Hosts: 70.85.234.26 0cat.com
O1 - Hosts: 70.85.234.26 0cj.net
O1 - Hosts: 70.85.234.26 0-days.net
O1 - Hosts: 70.85.234.26 0fkhzhpoxstn717y.com
O1 - Hosts: 70.85.234.26 0i4ixakh2d6hun43.com
O1 - Hosts: 70.85.234.26 0ml.net
O1 - Hosts: 70.85.234.26 0texkax7c6hzuidk.com
O1 - Hosts: 70.85.234.26 0un8yo7rh82m416k.com
O1 - Hosts: 70.85.234.26 0vibd7viihxrtpyu.com
O1 - Hosts: 70.85.234.26 0websearch.com
O1 - Hosts: 70.85.234.26 0ym6ei1saev6eiuw.com
O1 - Hosts: 70.85.234.26 0zoafrqnit8em7xa.com
O1 - Hosts: 70.85.234.26 1.adbrite.com
O1 - Hosts: 70.85.234.26 1.marketbanker.com
O1 - Hosts: 70.85.234.26 1.primaryads.com
O1 - Hosts: 70.85.234.26 10000hits.net
O1 - Hosts: 70.85.234.26 1000funnyvideos.com
O1 - Hosts: 70.85.234.26 1000stars.ru
O1 - Hosts: 70.85.234.26 10016.searchmiracle.com
O1 - Hosts: 70.85.234.26 1001MOVIE.com
O1 - Hosts: 70.85.234.26 1001night.biz
O1 - Hosts: 70.85.234.26 100gal.net
O1 - Hosts: 70.85.234.26 100mature.net
O1 - Hosts: 70.85.234.26 100pantyhose.com
O1 - Hosts: 70.85.234.26 100sexlinks.com
O1 - Hosts: 70.85.234.26 101lottery.com
O1 - Hosts: 70.85.234.26 1089288654
O1 - Hosts: 70.85.234.26 10k1txdk35mt02xx.com
O1 - Hosts: 70.85.234.26 10money.us
O1 - Hosts: 70.85.234.26 11.rtcode.com
O1 - Hosts: 70.85.234.26 1110100011o1window.info
O1 - Hosts: 70.85.234.26 11zz.com
O1 - Hosts: 70.85.234.26 12.tnssearch.com
O1 - Hosts: 70.85.234.26 1234.2bro.com
O1 - Hosts: 70.85.234.26 123count.com
O1 - Hosts: 70.85.234.26 123counter.mycomputer.com
O1 - Hosts: 70.85.234.26 123-find4u.com
O1 - Hosts: 70.85.234.26 123go.com
O1 - Hosts: 70.85.234.26 123Greetings.com
O1 - Hosts: 70.85.234.26 123keno.com
O1 - Hosts: 70.85.234.26 123mania.com
O1 - Hosts: 70.85.234.26 123search.com
O1 - Hosts: 70.85.234.26 123-search.net
O1 - Hosts: 70.85.234.26 123search4u.com
O1 - Hosts: 70.85.234.26 123-search4u.com
O1 - Hosts: 70.85.234.26 123-searchengine.com
O1 - Hosts: 70.85.234.26 123spywar.com
O1 - Hosts: 70.85.234.26 123stat.com
O1 - Hosts: 70.85.234.26 123xxl.com
O1 - Hosts: 70.85.234.26 123zae.biz
O1 - Hosts: 70.85.234.26 130.94.72.17
O1 - Hosts: 70.85.234.26 130.94.72.173
O1 - Hosts: 70.85.234.26 1337creations.com
O1 - Hosts: 70.85.234.26 143fuck.com
O1 - Hosts: 70.85.234.26 146.82.109.220
O1 - Hosts: 70.85.234.26 146.82.67.44
O1 - Hosts: 70.85.234.26 14713804A.l2m.net
O1 - Hosts: 70.85.234.26 157.238.62.14
O1 - Hosts: 70.85.234.26 159.25.16.238
O1 - Hosts: 70.85.234.26 159.25.16.70
O1 - Hosts: 70.85.234.26 159.25.16.71
O1 - Hosts: 70.85.234.26 163.com
O1 - Hosts: 70.85.234.26 17.sharedsource.org
O1 - Hosts: 70.85.234.26 171203.com
O1 - Hosts: 70.85.234.26 17re8px9v1ypc6w7.com
O1 - Hosts: 70.85.234.26 18.sharedsource.org
O1 - Hosts: 70.85.234.26 180solutions.com
O1 - Hosts: 70.85.234.26 18AGE-DOMINATION.COM
O1 - Hosts: 70.85.234.26 18post.com
O1 - Hosts: 70.85.234.26 18uz3wkpu86hbu3v.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
- C:Program FilesMSN Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [StorageGuard] "C:Program FilesFichiers
communsSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [CamMonitor] C:Program FilesHewlett-PackardDigital
Imaging\Unloadhpqcmon.exe
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [Microsoft Works Update Detection] C:Program
FilesFichiers communsMicrosoft SharedWorks SharedWkUFind.exe
O4 - HKLM..Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHewlett-PackardHP
Software UpdateHPWuSchd.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility]
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
O4 - HKLM..Run: [SystemBoot] mshta file:///C:/WINDOWS/winsys.hta
O4 - HKLM..Run: [RunOnce] C:y.exe
O4 - HKLM..Run: [SysInfo] C:WINDOWSsystem32sshjp32.exe
O4 - HKLM..Run: [Info] C:WINDOWSsystem32bootok.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe"
O4 - HKCU..Run: [Info] C:WINDOWSsystem32bootok.exe
O4 - HKCU..Run: [SysInfo] C:WINDOWSsystem32bootok.exe
O4 - HKCU..Run: [Spyware Cleaner] "C:Program FilesSpyware
CleanerSpywareCleaner.Exe" /boot
O4 - Global Startup: Windows Desktop Search.lnk = C:Program FilesMSN
Toolbar SuiteDS2.05.0000.1082en-usbinWindowsSearch.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &MSN Search - res://C:Program FilesMSN
Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:Program
FilesMSN Toolbar
SuiteTAB2.05.0000.1110en-usmsntabres.dll/229?f1222fe741eb486dae2bc28ccfafe482
O8 - Extra context menu item: Open in new foreground tab - res://C:Program
FilesMSN Toolbar
SuiteTAB2.05.0000.1110en-usmsntabres.dll/230?f1222fe741eb486dae2bc28ccfafe482
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no
file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O13 - WWW Prefix: http://specific911.net/se.cgi?query O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://ca.msnusers.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) -
http://www.mindavenue.com/downloads/AXELPlayerAX_Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125966916218
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7BA7BCE2-D359-4407-82D9-CDF9A74C487A} (DownLoadStub Class) -
http://www.cartogra.com/downloads/DownloadPhotos.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object)
- http://fr.autos.sympatico.msn.ca/components/ocx/survid/MSSurVid.cab
O16 - DPF: {928B02A5-5760-42B8-AE7A-CA6749CC0A96} (OnlineUsabilityPlugInC
Class) -
http://preview.itracks.com/Usability/OnlineUsabilityPlugIn/ver_1_001_001/OnlineUsabilityPlugIn.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) -
http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object)
- http://fr.autos.sympatico.msn.ca/components/ocx/exterior/Outside.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) -
http://www.photolab.ca/activex/PCAXSetup.cab?
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
O17 -
HKLMSystemCCSServicesTcpip..{C94F7DC8-BEBB-48B7-B06D-23E0B966FB87}:
NameServer = 206.47.244.17 206.47.244.51
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: hpdj3500 - Unknown owner -
C:DOCUME~1PROPRI~1LOCALS~1Temphpdj3500.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

--
merci
Isa

"MAC GYVER" wrote:

"isabelle" <isabelle@discussions.microsoft.com> a écrit dans le message
news: 80AFE4D1-8C17-4891-9DD8-AD2E7A7872F9@microsoft.com...

Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

Clic sur Hijackthis puis "do a system scan et do a log file" puis
sélectionnes ds hijackthis.log tout à partir de "Running processes:" avec le
clic gauche de la souris en maintenant cliqué jusqu'en bas de sorte de tout
selectioner puis fais "ctrl + c" puis "ctrl + v" ici de sorte d'avoir
quelque chose du genre :

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
E:LOGITECHSYSTEMEM_EXEC.EXE
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:WINAMP3WINAMP3.EXE
C:WINDOWSSYSTEMDDHELP.EXE
E:HIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > http://www.google.fr/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page > http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName > Liens
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFGIEBAR.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [EM_EXEC] e:LOGITECHSYSTEMEM_EXEC.EXE
O4 - HKLM..RunServices: [ADSLAutoconnect] C:PROGRAM FILESADSL
AUTOCONNECTADSL AUTOCONNECT.EXE -z
O4 - HKCU..Run: [SkwatAutoconnect] C:PROGRAM FILESADSL AUTOCONNECTADSL
AUTOCONNECT.EXE
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_link.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:FLASHGETFLASHGETFLASHGET.EXE
O11 - Options group: [Accessibilité] Accessibilité
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINSnpqtplugin.dll

a+

Vous avez filtré cet utilisateur ! Consultez son message

Ok voici et merci beaucoup

Logfile of HijackThis v1.99.1
Scan saved at 07:57:55, on 2005-09-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:windowssystemhpsysdrv.exe
C:WINDOWSSystem32hkcmd.exe
C:HPKBDKBD.EXE
C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
C:Program FilesFichiers communsMicrosoft SharedWorks SharedWkUFind.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
C:WINDOWSsystem32mshta.exe
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:Program FilesMSN Toolbar
SuiteDS2.05.0000.1082en-usbinWindowsSearch.exe
C:Program FilesMSN Toolbar
SuiteDS2.05.0000.1082en-usbinWindowsSearchIndexer.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSSystem32snmp.exe
C:Program FilesMSNMSNCoreFilesmsn6.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:DOCUME~1PROPRI~1LOCALS~1TempRépertoire temporaire 2 pour
hijackthis_199[1].zipHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchAssistant =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet Explorer,CustomizeSearch =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet Explorer,SearchURL =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://specific911.com/_start/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://specific911.com/_start/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://specific911.com/_start/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://specific911.com/_start/
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://specific911.com/_start/
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
O1 - Hosts: 70.85.234.26 www.spyware-locator.cc
O1 - Hosts: 70.85.234.26 www.rxlist.com
O1 - Hosts: 70.85.234.26 rxlist.com
O1 - Hosts: 70.85.234.26 *.blogspot.com
O1 - Hosts: 70.85.234.26 blogspot.com
O1 - Hosts: 70.85.234.26 pagead2.googlesyndication.com
O1 - Hosts: 70.85.234.26 *.casino-top.org
O1 - Hosts: 70.85.234.26 *.smokaz.com
O1 - Hosts: 70.85.234.26 000info.com
O1 - Hosts: 70.85.234.26 000infocom
O1 - Hosts: 70.85.234.26 007arcadegames.com
O1 - Hosts: 70.85.234.26 008i.com
O1 - Hosts: 70.85.234.26 008i.com
O1 - Hosts: 70.85.234.26 008k.com
O1 - Hosts: 70.85.234.26 008k.com
O1 - Hosts: 70.85.234.26 00fun.com
O1 - Hosts: 70.85.234.26 00hq.com
O1 - Hosts: 70.85.234.26 01.sharedsource.org
O1 - Hosts: 70.85.234.26 010402.com
O1 - Hosts: 70.85.234.26 0190-dialer.com
O1 - Hosts: 70.85.234.26 0-29.com
O1 - Hosts: 70.85.234.26 02pmnzy5eo29bfk4.com
O1 - Hosts: 70.85.234.26 0-2u.com
O1 - Hosts: 70.85.234.26 03.sharedsource.org
O1 - Hosts: 70.85.234.26 05.sharedsource.org
O1 - Hosts: 70.85.234.26 05p.com
O1 - Hosts: 70.85.234.26 07ic5do2myz3vzpk.com
O1 - Hosts: 70.85.234.26 08nigbmwk43i01y6.com
O1 - Hosts: 70.85.234.26 09.sharedsource.org
O1 - Hosts: 70.85.234.26 093qpeuqpmz6ebfa.com
O1 - Hosts: 70.85.234.26 0calories.net
O1 - Hosts: 70.85.234.26 0cat.com
O1 - Hosts: 70.85.234.26 0cj.net
O1 - Hosts: 70.85.234.26 0-days.net
O1 - Hosts: 70.85.234.26 0fkhzhpoxstn717y.com
O1 - Hosts: 70.85.234.26 0i4ixakh2d6hun43.com
O1 - Hosts: 70.85.234.26 0ml.net
O1 - Hosts: 70.85.234.26 0texkax7c6hzuidk.com
O1 - Hosts: 70.85.234.26 0un8yo7rh82m416k.com
O1 - Hosts: 70.85.234.26 0vibd7viihxrtpyu.com
O1 - Hosts: 70.85.234.26 0websearch.com
O1 - Hosts: 70.85.234.26 0ym6ei1saev6eiuw.com
O1 - Hosts: 70.85.234.26 0zoafrqnit8em7xa.com
O1 - Hosts: 70.85.234.26 1.adbrite.com
O1 - Hosts: 70.85.234.26 1.marketbanker.com
O1 - Hosts: 70.85.234.26 1.primaryads.com
O1 - Hosts: 70.85.234.26 10000hits.net
O1 - Hosts: 70.85.234.26 1000funnyvideos.com
O1 - Hosts: 70.85.234.26 1000stars.ru
O1 - Hosts: 70.85.234.26 10016.searchmiracle.com
O1 - Hosts: 70.85.234.26 1001MOVIE.com
O1 - Hosts: 70.85.234.26 1001night.biz
O1 - Hosts: 70.85.234.26 100gal.net
O1 - Hosts: 70.85.234.26 100mature.net
O1 - Hosts: 70.85.234.26 100pantyhose.com
O1 - Hosts: 70.85.234.26 100sexlinks.com
O1 - Hosts: 70.85.234.26 101lottery.com
O1 - Hosts: 70.85.234.26 1089288654
O1 - Hosts: 70.85.234.26 10k1txdk35mt02xx.com
O1 - Hosts: 70.85.234.26 10money.us
O1 - Hosts: 70.85.234.26 11.rtcode.com
O1 - Hosts: 70.85.234.26 1110100011o1window.info
O1 - Hosts: 70.85.234.26 11zz.com
O1 - Hosts: 70.85.234.26 12.tnssearch.com
O1 - Hosts: 70.85.234.26 1234.2bro.com
O1 - Hosts: 70.85.234.26 123count.com
O1 - Hosts: 70.85.234.26 123counter.mycomputer.com
O1 - Hosts: 70.85.234.26 123-find4u.com
O1 - Hosts: 70.85.234.26 123go.com
O1 - Hosts: 70.85.234.26 123Greetings.com
O1 - Hosts: 70.85.234.26 123keno.com
O1 - Hosts: 70.85.234.26 123mania.com
O1 - Hosts: 70.85.234.26 123search.com
O1 - Hosts: 70.85.234.26 123-search.net
O1 - Hosts: 70.85.234.26 123search4u.com
O1 - Hosts: 70.85.234.26 123-search4u.com
O1 - Hosts: 70.85.234.26 123-searchengine.com
O1 - Hosts: 70.85.234.26 123spywar.com
O1 - Hosts: 70.85.234.26 123stat.com
O1 - Hosts: 70.85.234.26 123xxl.com
O1 - Hosts: 70.85.234.26 123zae.biz
O1 - Hosts: 70.85.234.26 130.94.72.17
O1 - Hosts: 70.85.234.26 130.94.72.173
O1 - Hosts: 70.85.234.26 1337creations.com
O1 - Hosts: 70.85.234.26 143fuck.com
O1 - Hosts: 70.85.234.26 146.82.109.220
O1 - Hosts: 70.85.234.26 146.82.67.44
O1 - Hosts: 70.85.234.26 14713804A.l2m.net
O1 - Hosts: 70.85.234.26 157.238.62.14
O1 - Hosts: 70.85.234.26 159.25.16.238
O1 - Hosts: 70.85.234.26 159.25.16.70
O1 - Hosts: 70.85.234.26 159.25.16.71
O1 - Hosts: 70.85.234.26 163.com
O1 - Hosts: 70.85.234.26 17.sharedsource.org
O1 - Hosts: 70.85.234.26 171203.com
O1 - Hosts: 70.85.234.26 17re8px9v1ypc6w7.com
O1 - Hosts: 70.85.234.26 18.sharedsource.org
O1 - Hosts: 70.85.234.26 180solutions.com
O1 - Hosts: 70.85.234.26 18AGE-DOMINATION.COM
O1 - Hosts: 70.85.234.26 18post.com
O1 - Hosts: 70.85.234.26 18uz3wkpu86hbu3v.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
- C:Program FilesMSN Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:Program FilesMSN Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [StorageGuard] "C:Program FilesFichiers
communsSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [CamMonitor] C:Program FilesHewlett-PackardDigital
ImagingUnloadhpqcmon.exe
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program
FilesHewlett-PackardHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [Microsoft Works Update Detection] C:Program
FilesFichiers communsMicrosoft SharedWorks SharedWkUFind.exe
O4 - HKLM..Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM..Run: [HP Component Manager] "C:Program
FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHewlett-PackardHP
Software UpdateHPWuSchd.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility]
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
O4 - HKLM..Run: [SystemBoot] mshta file:///C:/WINDOWS/winsys.hta
O4 - HKLM..Run: [RunOnce] C:y.exe
O4 - HKLM..Run: [SysInfo] C:WINDOWSsystem32sshjp32.exe
O4 - HKLM..Run: [Info] C:WINDOWSsystem32bootok.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe"
O4 - HKCU..Run: [Info] C:WINDOWSsystem32bootok.exe
O4 - HKCU..Run: [SysInfo] C:WINDOWSsystem32bootok.exe
O4 - HKCU..Run: [Spyware Cleaner] "C:Program FilesSpyware
CleanerSpywareCleaner.Exe" /boot
O4 - Global Startup: Windows Desktop Search.lnk = C:Program FilesMSN
Toolbar SuiteDS2.05.0000.1082en-usbinWindowsSearch.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &MSN Search - res://C:Program FilesMSN
Toolbar SuiteTB2.05.0000.1082en-usmsntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:Program
FilesMSN Toolbar
SuiteTAB2.05.0000.1110en-usmsntabres.dll/229?f1222fe741eb486dae2bc28ccfafe482
O8 - Extra context menu item: Open in new foreground tab - res://C:Program
FilesMSN Toolbar
SuiteTAB2.05.0000.1110en-usmsntabres.dll/230?f1222fe741eb486dae2bc28ccfafe482
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no
file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O13 - WWW Prefix: http://specific911.net/se.cgi?query O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid9204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://ca.msnusers.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) -
http://www.mindavenue.com/downloads/AXELPlayerAX_Win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125966916218
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7BA7BCE2-D359-4407-82D9-CDF9A74C487A} (DownLoadStub Class) -
http://www.cartogra.com/downloads/DownloadPhotos.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object)
- http://fr.autos.sympatico.msn.ca/components/ocx/survid/MSSurVid.cab
O16 - DPF: {928B02A5-5760-42B8-AE7A-CA6749CC0A96} (OnlineUsabilityPlugInC
Class) -
http://preview.itracks.com/Usability/OnlineUsabilityPlugIn/ver_1_001_001/OnlineUsabilityPlugIn.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) -
http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object)
- http://fr.autos.sympatico.msn.ca/components/ocx/exterior/Outside.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.hp.com/hpdj/fr/check/qdiagh.cab?326
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) -
http://www.photolab.ca/activex/PCAXSetup.cab?
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
O17 -
HKLMSystemCCSServicesTcpip..{C94F7DC8-BEBB-48B7-B06D-23E0B966FB87}:
NameServer = 206.47.244.17 206.47.244.51
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: hpdj3500 - Unknown owner -
C:DOCUME~1PROPRI~1LOCALS~1Temphpdj3500.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:WINDOWSSystem32nvsvc32.exe

--
merci
Isa

"MAC GYVER" wrote:

"isabelle" a écrit dans le message
news:
Bon Ok comment je fais pour saver log de hijackthis et le copier ici
--
merci
Isa

Clic sur Hijackthis puis "do a system scan et do a log file" puis
sélectionnes ds hijackthis.log tout à partir de "Running processes:" avec le
clic gauche de la souris en maintenant cliqué jusqu'en bas de sorte de tout
selectioner puis fais "ctrl + c" puis "ctrl + v" ici de sorte d'avoir
quelque chose du genre :

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
E:LOGITECHSYSTEMEM_EXEC.EXE
C:PROGRAM FILESADSL AUTOCONNECTADSL AUTOCONNECT.EXE
C:PROGRAM FILESOUTLOOK EXPRESSMSIMN.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:WINAMP3WINAMP3.EXE
C:WINDOWSSYSTEMDDHELP.EXE
E:HIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar > http://www.google.fr/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page > http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page > http://www.google.fr/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page > R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName > Liens
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFGIEBAR.DLL
O3 - Toolbar: @msdxmLC.dll,,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [EM_EXEC] e:LOGITECHSYSTEMEM_EXEC.EXE
O4 - HKLM..RunServices: [ADSLAutoconnect] C:PROGRAM FILESADSL
AUTOCONNECTADSL AUTOCONNECT.EXE -z
O4 - HKCU..Run: [SkwatAutoconnect] C:PROGRAM FILESADSL AUTOCONNECTADSL
AUTOCONNECT.EXE
O8 - Extra context menu item: Télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_link.htm
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet -
E:FLASHGETFLASHGETjc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:FLASHGETFLASHGETFLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet -
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:FLASHGETFLASHGETFLASHGET.EXE
O11 - Options group: [Accessibilité] Accessibilité
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINSnpqtplugin.dll

a+

Restriction

10 réponses

Veuillez sélectionner un problème