Tout ca tout ca !!.

tout ca tout ca !!.
Visiteur
Slt ma poule , voila ce qui se passe dans mon pc , si tu peux m'aider .


Logfile of HijackThis v1.99.1
Scan saved at 20:34:53, on 31/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\e-Carte Bleue\Caisse Epargne\Ma e-Carte Bleue\ECB-CDE.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Razer\razertra.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Gene6 FTP Server\G6FTPTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
D:\PocoMail3\Poco.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\Rar$EX01.907\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.nkqnnqbibhicifhlz.com/Ccv_ ... nnZzvNz3HbAb3ng8xaKY.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pncawygmiaonpyicfa.net/Ccv ... WJc7hJDM86CnFKUrvTO5Y.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Cram Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\Cram Toolbar\untitled.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (disabled by BHODemon)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTB00429 - {1395A06F-EEA0-4445-BA0C-E8B56B48E244} - C:\PROGRA~1\CRAMTO~1\untitled.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {B0BEE31D-6EB0-5945-1ECD-CDBA1AAF2E38} - C:\DOCUME~1\GUILLA~1\APPLIC~1\GLOBAL~1\Itch bike.exe
O2 - BHO: (no name) - {C56897FD-45FC-37D9-0AAA-3FCF0FEA8480} - C:\DOCUME~1\GUILLA~1\APPLIC~1\GLOBAL~1\Itch bike.exe (disabled by BHODemon)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: Cram Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\Cram Toolbar\untitled.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [eCarteBleue-CDE-P3] C:\Program Files\e-Carte Bleue\Caisse Epargne\Ma e-Carte Bleue\ECB-CDE.exe /dontopenmycards
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [razertra] C:\Program Files\Razer\razertra.exe
O4 - HKLM\..\Run: [2 htm keep delete] C:\Documents and Settings\All Users\Application Data\BoobJugs2Htm\SOAPHECK.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [vcproccoalshow] C:\Documents and Settings\All Users\Application Data\loglistvcproc\Defy Third.exe
O4 - HKCU\..\Run: [G6FTP Server Tray Monitor] "C:\Program Files\Gene6 FTP Server\G6FTPTray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [chicview] C:\DOCUME~1\GUILLA~1\APPLIC~1\FILEMO~1\Savecake.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/FR/install.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Sh ... ontent/vc/bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activ ... UWALControl_v1-0-3-17.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com ... eb_site.cab?1095530775000
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Sh ... tent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{96233D4E-8E30-4DCB-9FBD-FE8DF59AD140}: NameServer = 192.168.1.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Service Elève pcAnywhere (awhost32) - Unknown owner - C:\Program Files\Symantec\pcAnywhere\awhost32.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Gene6 FTP Server (G6FTPServer) - Gene6 - C:\Program Files\Gene6 FTP Server\G6FTPSERVER.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

Merci .
++

Posté le : 31/10/2005 20:54
Citation Réponse
Re: tout ca tout ca !!.
Inscrit:12/07/2002 08:37
De france
Groupe : webmaster
Webmaster
Messages: 13945
deja si tu te sers de MSN Messenger et pas Messenger enleve ceci (coches):
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

deux "merdes" dans internet explorer:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.nkqnnqbibhicifhlz.com/Ccv_ ... nnZzvNz3HbAb3ng8xaKY.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pncawygmiaonpyicfa.net/Ccv ... WJc7hJDM86CnFKUrvTO5Y.htm

Ensuite:
R3 - URLSearchHook: Cram Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\Cram Toolbar\untitled.dll
O2 - BHO: XBTB00429 - {1395A06F-EEA0-4445-BA0C-E8B56B48E244} - C:\PROGRA~1\CRAMTO~1\untitled.dll
O2 - BHO: (no name) - {B0BEE31D-6EB0-5945-1ECD-CDBA1AAF2E38} - C:\DOCUME~1\GUILLA~1\APPLIC~1\GLOBAL~1\Itch bike.exe
O2 - BHO: (no name) - {C56897FD-45FC-37D9-0AAA-3FCF0FEA8480} - C:\DOCUME~1\GUILLA~1\APPLIC~1\GLOBAL~1\Itch bike.exe (disabled by BHODemon)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll (file missing)
O3 - Toolbar: Cram Toolbar - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - C:\Program Files\Cram Toolbar\untitled.dll
O4 - HKLM\..\Run: [2 htm keep delete] C:\Documents and Settings\All Users\Application Data\BoobJugs2Htm\SOAPHECK.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Ensuite un bon coup d'antispyware (Microsoft et Ad aware par exemple)
Et signe ton message car tu dois me connaitre, seul ceux qui me connaisse savent que je dis "ma poule"

Posté le : 01/11/2005 09:12
Quand tu montres la lune du doigt, l'imbécile regarde le doigt.
Citation Réponse
Publicité
Publicité
Re: tout ca tout ca !!.
Inscrit:15/01/2004 12:30
Groupe : Registered Users
Le petit dernier
Messages: 5
Merci pour ta réponse .
@ bientot .
Guilla_me

Posté le : 02/11/2005 11:54
Citation Réponse
 
 
Vous avez trouvé cette réponse utile ? Partagez-la !

Réponse Ecrire un nouveau message