Bonjour,
Je pose ici un message car je suis desespéré par un spyware que je
n'arrive pas à détruire.
Je me suis en effet chopé un spyware coriace alors que mon pc est
équipé de Norton AV (certes, une vieille version)
Bonjour,
Je pose ici un message car je suis desespéré par un spyware que je
n'arrive pas à détruire.
Je me suis en effet chopé un spyware coriace alors que mon pc est
équipé de Norton AV (certes, une vieille version)
Bonjour,
Je pose ici un message car je suis desespéré par un spyware que je
n'arrive pas à détruire.
Je me suis en effet chopé un spyware coriace alors que mon pc est
équipé de Norton AV (certes, une vieille version)
Pas bien ça ! :-)
et hijackthis ? non ?
http://minilien.com/?AI7rHFqhkq
--
a toute
Pas bien ça ! :-)
et hijackthis ? non ?
http://minilien.com/?AI7rHFqhkq
--
a toute
Pas bien ça ! :-)
et hijackthis ? non ?
http://minilien.com/?AI7rHFqhkq
--
a toute
Non !, merci pour le lien j'installe et j'essaye !
cu soon
Non !, merci pour le lien j'installe et j'essaye !
cu soon
Non !, merci pour le lien j'installe et j'essaye !
cu soon
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Logfile of HijackThis v1.99.1
Scan saved at 16:36:20, on 09/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINXPSystem32smss.exe
C:WINXPsystem32winlogon.exe
C:WINXPsystem32services.exe
C:WINXPsystem32lsass.exe
C:WINXPsystem32svchost.exe
C:WINXPSystem32svchost.exe
C:WINXPsystem32spoolsv.exe
C:WINXPsystem32rundll32.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:WINXPsystem32cisvc.exe
C:Program FilesFichiers communsEPSONEBAPIeEBAgent.exe
C:WINXPSystem32FTRTSVC.exe
C:WINXPsystem32inetsrvinetinfo.exe
C:PROGRA~1Navntnavapsvc.exe
C:WINXPsystem32nvsvc32.exe
C:Program FilesFichiers communsSafeNet SentinelSentinel Protection
ServerWinNTspnsrvnt.exe
C:WINXPSystem32svchost.exe
C:Program FilesTOSHIBATME3Tmesbs32.exe
C:WINXPsystem32wscntfy.exe
C:PROGRA~1Navntalertsvc.exe
C:WINXPexplorer.exe
C:Program FilesLavasoftAd-aware 6Ad-watch.exe
C:Program FilesSynapticsSynTPSynTPLpr.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:Program FilesTOSHIBATME3TMESBS32.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:WINXPSystem32 0THotkey.exe
C:Program FilesJavajre1.5.0_02binjusched.exe
C:Program FilesMicrosoft AntiSpywaregcasServ.exe
C:PROGRA~1WANADOOTaskBarIcon.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program Filesa-squareda2guard.exe
C:Program FilesNavntnavapw32.exe
C:Program FilesBorlandDelphi4Bindelphi32.exe
C:WINXPsystem32cidaemon.exe
C:WINXPsystem32cidaemon.exe
C:WINXPsystem32cidaemon.exe
C:sirwebdemarragepilote.exe
C:SIRWEBscktsrvr.EXE
C:SIRWEButilitairesSirTask.EXE
C:Program FilesOutlook Expressmsimn.exe
C:WINXPsystem32taskmgr.exe
C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
C:WINXPsystem32cmd.exe
C:Program FilesBorlandDelphi4Bindelphi32.exe
C:WINXPSystem32NOTEPAD.EXE
D:downloadHijackthisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = abou t:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://groups.google.fr/advanced_search?q=sqfsq&num&hl=fr&lr= &as_qdr=all&safe=images&
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.fr/advanced_search?hl=fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = abou t:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = abou t:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wa nadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C8 5} -
C:PROGRA~1WANADOOSEARCH~1.DLL
F2 - REG:system.ini: Shell=explorer.exe
O4 - HKLM..Run: [Ad-watch] C:Program FilesLavasoftAd-aware
6Ad-watch.exe
O4 - HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr. exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh. exe
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Ex e
O4 - HKLM..Run: [TMESBS.EXE] C:Program FilesTOSHIBATME3TMESBS32.E XE
/Client
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 28
O4 - HKLM..Run: [00THotkey] C:WINXPSystem32 0THotkey.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_02binjusched.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WANADOOWatch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WANADOOGestMaj.exe
TaskBarIcon.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initial ize
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe "
/background
O4 - HKCU..Run: [a-squared] "C:Program Filesa-squareda2guard.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:Program FilesLavasoftAd-aware
6Ad-watch.exe
O4 - Global Startup: Protection Auto de Norton AntiVirus.lnk = C:Pro gram
FilesNavntnavapw32.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk =
C:WINXPsystem32spooldriversw32x863E_SRCV03.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_02binnpjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINXPSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyviewer.dll
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra button: Messager Wanadoo -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo
Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo
Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {02607DF4-D40B-4FFB-B054-1CAC03468E28} (DNLCertificate Contr ol) -
http://www.fmn-media.com/campaigns/winpl/sites/pops/A001/DNLCertificate .ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.ca b
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Adva ntage
Validation Tool) - http://go.microsoft.com/fwlink/?linkidH835
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Playe r) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -
http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/m ickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utili ty
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client /muweb_site.cab?1129711125514
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/ housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Contro l) -
http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega
DownloadManager) -
https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm
Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {CEDB9D83-ECE9-11D2-A369-6C4209C10000} (RnSMidi Control) -
http://www.musicalis.fr/v1/Cours/RnSMidi.cab
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl
Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposan t.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} -
http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP.cab
O17 -
HKLMSystemCCSServicesTcpip..{DFCCAA0B-3CB5-49A5-B9AD-C43475D5B0B1 }:
NameServer = 194.2.0.20
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O20 - Winlogon Notify: Hints - C:WINXPsystem32irj2l51o1.dll
O20 - Winlogon Notify: PCANotify - C:WINXPSYSTEM32PCANotify.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporatio n -
C:Program FilesSymantecpcAnywhereawhost32.exe
O23 - Service: Borland Remote Debugging Service
(BorlandRemoteDebuggingService) - Unknown owner - C:Program FilesFich iers
communsBorland SharedDebuggerborrdbg.exe
O23 - Service: DKW Heavy Industries VPN Adapter. Service (CIPE_Daemon) -
Unknown owner - C:WINXPSystem32cipsrvr.exe
O23 - Service: EpsonBidirectionalAgent - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPIeEBAgent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINXPSystem32FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:Program FilesiPodbiniPodService.exe
O23 - Service: MySql - Unknown owner -
C:PROGRA~1EASYPH~1MySqlbinmysqld.exe
O23 - Service: NAV Alert - Symantec Corporation -
C:PROGRA~1Navntalertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation -
C:PROGRA~1Navntnavapsvc.exe
O23 - Service: Programmateur Norton (Norton Program Scheduler) - Symant ec
Corporation - C:PROGRA~1Navntnpssvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporatio n -
C:WINXPsystem32nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcap d) -
Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f
"%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) -
SafeNet, Inc - C:Program FilesFichiers communsSafeNet SentinelSenti nel
Protection ServerWinNTspnsrvnt.exe
O23 - Service: Pare-feu Windows / Partage de connexion Internet
(SharedAccess) - Unknown owner - C:WINXPC:WINXPSystem32svchost.exe
(file missing)
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:Program
FilesTOSHIBATME3Tmesbs32.exe" /Service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel -
C:Program FilesInventelGatewaywlancfg.exe
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Logfile of HijackThis v1.99.1
Scan saved at 16:36:20, on 09/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINXPSystem32smss.exe
C:WINXPsystem32winlogon.exe
C:WINXPsystem32services.exe
C:WINXPsystem32lsass.exe
C:WINXPsystem32svchost.exe
C:WINXPSystem32svchost.exe
C:WINXPsystem32spoolsv.exe
C:WINXPsystem32rundll32.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:WINXPsystem32cisvc.exe
C:Program FilesFichiers communsEPSONEBAPIeEBAgent.exe
C:WINXPSystem32FTRTSVC.exe
C:WINXPsystem32inetsrvinetinfo.exe
C:PROGRA~1Navntnavapsvc.exe
C:WINXPsystem32nvsvc32.exe
C:Program FilesFichiers communsSafeNet SentinelSentinel Protection
ServerWinNTspnsrvnt.exe
C:WINXPSystem32svchost.exe
C:Program FilesTOSHIBATME3Tmesbs32.exe
C:WINXPsystem32wscntfy.exe
C:PROGRA~1Navntalertsvc.exe
C:WINXPexplorer.exe
C:Program FilesLavasoftAd-aware 6Ad-watch.exe
C:Program FilesSynapticsSynTPSynTPLpr.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:Program FilesTOSHIBATME3TMESBS32.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:WINXPSystem32 0THotkey.exe
C:Program FilesJavajre1.5.0_02binjusched.exe
C:Program FilesMicrosoft AntiSpywaregcasServ.exe
C:PROGRA~1WANADOOTaskBarIcon.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program Filesa-squareda2guard.exe
C:Program FilesNavntnavapw32.exe
C:Program FilesBorlandDelphi4Bindelphi32.exe
C:WINXPsystem32cidaemon.exe
C:WINXPsystem32cidaemon.exe
C:WINXPsystem32cidaemon.exe
C:sirwebdemarragepilote.exe
C:SIRWEBscktsrvr.EXE
C:SIRWEButilitairesSirTask.EXE
C:Program FilesOutlook Expressmsimn.exe
C:WINXPsystem32taskmgr.exe
C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
C:WINXPsystem32cmd.exe
C:Program FilesBorlandDelphi4Bindelphi32.exe
C:WINXPSystem32NOTEPAD.EXE
D:downloadHijackthisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = abou t:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://groups.google.fr/advanced_search?q=sqfsq&num=10&hl=fr&lr= &as_qdr=all&safe=images&
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.fr/advanced_search?hl=fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = abou t:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = abou t:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wa nadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C8 5} -
C:PROGRA~1WANADOOSEARCH~1.DLL
F2 - REG:system.ini: Shell=explorer.exe
O4 - HKLM..Run: [Ad-watch] C:Program FilesLavasoftAd-aware
6Ad-watch.exe
O4 - HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr. exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh. exe
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Ex e
O4 - HKLM..Run: [TMESBS.EXE] C:Program FilesTOSHIBATME3TMESBS32.E XE
/Client
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 28
O4 - HKLM..Run: [00THotkey] C:WINXPSystem32 0THotkey.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_02binjusched.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WANADOOWatch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WANADOOGestMaj.exe
TaskBarIcon.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initial ize
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe "
/background
O4 - HKCU..Run: [a-squared] "C:Program Filesa-squareda2guard.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:Program FilesLavasoftAd-aware
6Ad-watch.exe
O4 - Global Startup: Protection Auto de Norton AntiVirus.lnk = C:Pro gram
FilesNavntnavapw32.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk =
C:WINXPsystem32spooldriversw32x863E_SRCV03.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_02binnpjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINXPSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyviewer.dll
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra button: Messager Wanadoo -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo
Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo
Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {02607DF4-D40B-4FFB-B054-1CAC03468E28} (DNLCertificate Contr ol) -
http://www.fmn-media.com/campaigns/winpl/sites/pops/A001/DNLCertificate .ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.ca b
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Adva ntage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Playe r) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -
http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/m ickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utili ty
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client /muweb_site.cab?1129711125514
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/ housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Contro l) -
http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega
DownloadManager) -
https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm
Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {CEDB9D83-ECE9-11D2-A369-6C4209C10000} (RnSMidi Control) -
http://www.musicalis.fr/v1/Cours/RnSMidi.cab
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl
Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposan t.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} -
http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP.cab
O17 -
HKLMSystemCCSServicesTcpip..{DFCCAA0B-3CB5-49A5-B9AD-C43475D5B0B1 }:
NameServer = 194.2.0.20
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O20 - Winlogon Notify: Hints - C:WINXPsystem32irj2l51o1.dll
O20 - Winlogon Notify: PCANotify - C:WINXPSYSTEM32PCANotify.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporatio n -
C:Program FilesSymantecpcAnywhereawhost32.exe
O23 - Service: Borland Remote Debugging Service
(BorlandRemoteDebuggingService) - Unknown owner - C:Program FilesFich iers
communsBorland SharedDebuggerborrdbg.exe
O23 - Service: DKW Heavy Industries VPN Adapter. Service (CIPE_Daemon) -
Unknown owner - C:WINXPSystem32cipsrvr.exe
O23 - Service: EpsonBidirectionalAgent - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPIeEBAgent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINXPSystem32FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:Program FilesiPodbiniPodService.exe
O23 - Service: MySql - Unknown owner -
C:PROGRA~1EASYPH~1MySqlbinmysqld.exe
O23 - Service: NAV Alert - Symantec Corporation -
C:PROGRA~1Navntalertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation -
C:PROGRA~1Navntnavapsvc.exe
O23 - Service: Programmateur Norton (Norton Program Scheduler) - Symant ec
Corporation - C:PROGRA~1Navntnpssvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporatio n -
C:WINXPsystem32nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcap d) -
Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f
"%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) -
SafeNet, Inc - C:Program FilesFichiers communsSafeNet SentinelSenti nel
Protection ServerWinNTspnsrvnt.exe
O23 - Service: Pare-feu Windows / Partage de connexion Internet
(SharedAccess) - Unknown owner - C:WINXPC:WINXPSystem32svchost.exe
(file missing)
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:Program
FilesTOSHIBATME3Tmesbs32.exe" /Service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel -
C:Program FilesInventelGatewaywlancfg.exe
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Logfile of HijackThis v1.99.1
Scan saved at 16:36:20, on 09/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINXPSystem32smss.exe
C:WINXPsystem32winlogon.exe
C:WINXPsystem32services.exe
C:WINXPsystem32lsass.exe
C:WINXPsystem32svchost.exe
C:WINXPSystem32svchost.exe
C:WINXPsystem32spoolsv.exe
C:WINXPsystem32rundll32.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:WINXPsystem32cisvc.exe
C:Program FilesFichiers communsEPSONEBAPIeEBAgent.exe
C:WINXPSystem32FTRTSVC.exe
C:WINXPsystem32inetsrvinetinfo.exe
C:PROGRA~1Navntnavapsvc.exe
C:WINXPsystem32nvsvc32.exe
C:Program FilesFichiers communsSafeNet SentinelSentinel Protection
ServerWinNTspnsrvnt.exe
C:WINXPSystem32svchost.exe
C:Program FilesTOSHIBATME3Tmesbs32.exe
C:WINXPsystem32wscntfy.exe
C:PROGRA~1Navntalertsvc.exe
C:WINXPexplorer.exe
C:Program FilesLavasoftAd-aware 6Ad-watch.exe
C:Program FilesSynapticsSynTPSynTPLpr.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesTOSHIBAWireless HotkeyTosHKCW.exe
C:Program FilesTOSHIBATouchEDTouchED.Exe
C:Program FilesTOSHIBATME3TMESBS32.EXE
C:Program FilesTOSHIBACommandes TOSHIBATFncKy.exe
C:WINXPSystem32 0THotkey.exe
C:Program FilesJavajre1.5.0_02binjusched.exe
C:Program FilesMicrosoft AntiSpywaregcasServ.exe
C:PROGRA~1WANADOOTaskBarIcon.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program Filesa-squareda2guard.exe
C:Program FilesNavntnavapw32.exe
C:Program FilesBorlandDelphi4Bindelphi32.exe
C:WINXPsystem32cidaemon.exe
C:WINXPsystem32cidaemon.exe
C:WINXPsystem32cidaemon.exe
C:sirwebdemarragepilote.exe
C:SIRWEBscktsrvr.EXE
C:SIRWEButilitairesSirTask.EXE
C:Program FilesOutlook Expressmsimn.exe
C:WINXPsystem32taskmgr.exe
C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
C:WINXPsystem32cmd.exe
C:Program FilesBorlandDelphi4Bindelphi32.exe
C:WINXPSystem32NOTEPAD.EXE
D:downloadHijackthisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = abou t:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://groups.google.fr/advanced_search?q=sqfsq&num&hl=fr&lr= &as_qdr=all&safe=images&
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.fr/advanced_search?hl=fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = abou t:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = abou t:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wa nadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C8 5} -
C:PROGRA~1WANADOOSEARCH~1.DLL
F2 - REG:system.ini: Shell=explorer.exe
O4 - HKLM..Run: [Ad-watch] C:Program FilesLavasoftAd-aware
6Ad-watch.exe
O4 - HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr. exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh. exe
O4 - HKLM..Run: [TosHKCW.exe] "C:Program FilesTOSHIBAWireless
HotkeyTosHKCW.exe"
O4 - HKLM..Run: [TouchED] C:Program FilesTOSHIBATouchEDTouchED.Ex e
O4 - HKLM..Run: [TMESBS.EXE] C:Program FilesTOSHIBATME3TMESBS32.E XE
/Client
O4 - HKLM..Run: [TFncKy] TFncKy.exe /Type 28
O4 - HKLM..Run: [00THotkey] C:WINXPSystem32 0THotkey.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program
FilesJavajre1.5.0_02binjusched.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WANADOOWatch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WANADOOGestMaj.exe
TaskBarIcon.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initial ize
O4 - HKLM..Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKCU..Run: [msnmsgr] "C:Program FilesMSN Messengermsnmsgr.exe "
/background
O4 - HKCU..Run: [a-squared] "C:Program Filesa-squareda2guard.exe"
O4 - Startup: Ad-watch 3.0.lnk = C:Program FilesLavasoftAd-aware
6Ad-watch.exe
O4 - Global Startup: Protection Auto de Norton AntiVirus.lnk = C:Pro gram
FilesNavntnavapw32.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program
FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(3).lnk =
C:WINXPsystem32spooldriversw32x863E_SRCV03.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_02binnpjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_02binnpjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:WINXPSystem32Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} -
C:Program FilesMicrosoft MoneySystemmnyviewer.dll
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra button: Messager Wanadoo -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo
Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:PROGRA~1WANADO~1Wanadoo
Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} -
http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {02607DF4-D40B-4FFB-B054-1CAC03468E28} (DNLCertificate Contr ol) -
http://www.fmn-media.com/campaigns/winpl/sites/pops/A001/DNLCertificate .ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient
Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.ca b
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Adva ntage
Validation Tool) - http://go.microsoft.com/fwlink/?linkidH835
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Playe r) -
http://www.cult3d.com/download/cult.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -
http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall.info.apple.com/m ickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utili ty
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client /muweb_site.cab?1129711125514
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/ housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Contro l) -
http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega
DownloadManager) -
https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm
Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {CEDB9D83-ECE9-11D2-A369-6C4209C10000} (RnSMidi Control) -
http://www.musicalis.fr/v1/Cours/RnSMidi.cab
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl
Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposan t.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} -
http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP.cab
O17 -
HKLMSystemCCSServicesTcpip..{DFCCAA0B-3CB5-49A5-B9AD-C43475D5B0B1 }:
NameServer = 194.2.0.20
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O18 - Protocol: vskype - (no CLSID) - (no file)
O20 - Winlogon Notify: Hints - C:WINXPsystem32irj2l51o1.dll
O20 - Winlogon Notify: PCANotify - C:WINXPSYSTEM32PCANotify.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporatio n -
C:Program FilesSymantecpcAnywhereawhost32.exe
O23 - Service: Borland Remote Debugging Service
(BorlandRemoteDebuggingService) - Unknown owner - C:Program FilesFich iers
communsBorland SharedDebuggerborrdbg.exe
O23 - Service: DKW Heavy Industries VPN Adapter. Service (CIPE_Daemon) -
Unknown owner - C:WINXPSystem32cipsrvr.exe
O23 - Service: EpsonBidirectionalAgent - SEIKO EPSON CORPORATION -
C:Program FilesFichiers communsEPSONEBAPIeEBAgent.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France
Telecom - C:WINXPSystem32FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:Program FilesiPodbiniPodService.exe
O23 - Service: MySql - Unknown owner -
C:PROGRA~1EASYPH~1MySqlbinmysqld.exe
O23 - Service: NAV Alert - Symantec Corporation -
C:PROGRA~1Navntalertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation -
C:PROGRA~1Navntnavapsvc.exe
O23 - Service: Programmateur Norton (Norton Program Scheduler) - Symant ec
Corporation - C:PROGRA~1Navntnpssvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporatio n -
C:WINXPsystem32nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcap d) -
Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f
"%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) -
SafeNet, Inc - C:Program FilesFichiers communsSafeNet SentinelSenti nel
Protection ServerWinNTspnsrvnt.exe
O23 - Service: Pare-feu Windows / Partage de connexion Internet
(SharedAccess) - Unknown owner - C:WINXPC:WINXPSystem32svchost.exe
(file missing)
O23 - Service: Tmesbs32 (Tmesbs) - Unknown owner - C:Program
FilesTOSHIBATME3Tmesbs32.exe" /Service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel -
C:Program FilesInventelGatewaywlancfg.exe
Je me permets de poster ici le contenu du log.
Je me permets de poster ici le contenu du log.
Je me permets de poster ici le contenu du log.
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Logfile of HijackThis v1.99.1
Scan saved at 16:36:20, on 09/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
00THotkey.exe : à virer
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Logfile of HijackThis v1.99.1
Scan saved at 16:36:20, on 09/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
00THotkey.exe : à virer
Je me permets de poster ici le contenu du log.
Si quelqu'un y voit quelquechose de suspect merci de me l'indiquer.
Logfile of HijackThis v1.99.1
Scan saved at 16:36:20, on 09/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
00THotkey.exe : à virer
00THotkey.exe : à virer
Pas trop vite ...le nom est louche, mais vu le tas de truc dans la
liste, on dirais que c'est un PC toshiba, et ya un des gadget du
clavier plein de touche de chez Toshiba qui ressemble beaucoup à ça.
00THotkey.exe : à virer
Pas trop vite ...le nom est louche, mais vu le tas de truc dans la
liste, on dirais que c'est un PC toshiba, et ya un des gadget du
clavier plein de touche de chez Toshiba qui ressemble beaucoup à ça.
00THotkey.exe : à virer
Pas trop vite ...le nom est louche, mais vu le tas de truc dans la
liste, on dirais que c'est un PC toshiba, et ya un des gadget du
clavier plein de touche de chez Toshiba qui ressemble beaucoup à ça.