Fenetre surgissante
Résolu/Fermé
Utilisateur anonyme
-
27 août 2009 à 19:56
XaTon Messages postés 2041 Date d'inscription lundi 6 juillet 2009 Statut Membre Dernière intervention 22 janvier 2015 - 28 août 2009 à 10:22
XaTon Messages postés 2041 Date d'inscription lundi 6 juillet 2009 Statut Membre Dernière intervention 22 janvier 2015 - 28 août 2009 à 10:22
A voir également:
- Fenetre surgissante
- Raccourci agrandir fenetre - Guide
- Fenetre privée - Guide
- Fenêtre hors écran windows 11 - Guide
- La fenetre actuelle est trop petite pour afficher correctement cette feuille - Forum Google Docs
- Restaurer fenetre chrome - Guide
17 réponses
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 10:16
28 août 2009 à 10:16
Pour ton probleme de pub , fait ceci :
> http://www.6ma.fr/tuto/adblock-plus-bloquer-les-publicites-sur-firefox/
> http://www.6ma.fr/tuto/adblock-plus-bloquer-les-publicites-sur-firefox/
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
27 août 2009 à 19:58
27 août 2009 à 19:58
Bonjour ,
Tu parle des fenêtre Pop up
Normalement , tu doit pas en avoir ...
Si des fenêtres surgisse intempestivement sur internet , tu est surement infecté
Tu parle des fenêtre Pop up
Normalement , tu doit pas en avoir ...
Si des fenêtres surgisse intempestivement sur internet , tu est surement infecté
Utilisateur anonyme
27 août 2009 à 20:10
27 août 2009 à 20:10
Oui mais defois ya des fenetre publicitaire (ca arrive) qui s'ouvre derriere notre fenetre actuelle (sit u vois ce que je veux dire...)
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
27 août 2009 à 20:26
27 août 2009 à 20:26
Si tu veut que l'ont regarde si tu est infecté ,
Fait ceci
~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~
- Telecharger Hijack
>http://www.infos-du-net.com/telecharger/HijackThis.html
Une fois Hijack installer, exécuter le :
- Cliquer sur "Do a system scan and save a logfile"
- Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
- Faire édition / sélectionner tout
- Clic droit / copier
- Poste moi le rapport entier
Fait ceci
~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~
- Telecharger Hijack
>http://www.infos-du-net.com/telecharger/HijackThis.html
Une fois Hijack installer, exécuter le :
- Cliquer sur "Do a system scan and save a logfile"
- Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
- Faire édition / sélectionner tout
- Clic droit / copier
- Poste moi le rapport entier
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
28 août 2009 à 09:28
28 août 2009 à 09:28
Mais je ne suis pas infecter , je viens de formater mon ordi ya quelque semaines !
Je suis sur que sur tout les ordi ça fait ça !
Je suis sur que sur tout les ordi ça fait ça !
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 09:29
28 août 2009 à 09:29
Non
Lol
Est ce que ce sont des sites sur OuPah ?
Lol
Est ce que ce sont des sites sur OuPah ?
Utilisateur anonyme
28 août 2009 à 09:32
28 août 2009 à 09:32
Bon voila si tu veux :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:31:29, on 28/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Alexandre\Mes documents\Application\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.76.22.110:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWiFiService.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:31:29, on 28/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\Alexandre\Mes documents\Application\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.76.22.110:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWiFiService.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 09:37
28 août 2009 à 09:37
Je pense que tu est bien Infecté
Fait ceci :
~~~~~~~~~~~~~~~~> Virustotal <~~~~~~~~~~~~~~~~~~~
- Rends toi sur ce site :
> https://www.virustotal.com/gui/
- Clique sur parcourir et cherche ce fichier :C:\WINDOWS\tsnpstd3.exe
- Clique sur Send File.
- Un rapport va s'élaborer ligne à ligne.
- Attends la fin. Il doit comprendre la taille du fichier envoyé.
- Sauvegarde le rapport avec le bloc-note.
- Copie le dans ta réponse.
- Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant.
Fait ceci :
~~~~~~~~~~~~~~~~> Virustotal <~~~~~~~~~~~~~~~~~~~
- Rends toi sur ce site :
> https://www.virustotal.com/gui/
- Clique sur parcourir et cherche ce fichier :C:\WINDOWS\tsnpstd3.exe
- Clique sur Send File.
- Un rapport va s'élaborer ligne à ligne.
- Attends la fin. Il doit comprendre la taille du fichier envoyé.
- Sauvegarde le rapport avec le bloc-note.
- Copie le dans ta réponse.
- Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant.
Utilisateur anonyme
28 août 2009 à 09:53
28 août 2009 à 09:53
voila
Information additionnelle
File size: 270336 bytes
MD5 : 09b5359e63ef3202d22f2f60349e29fb
SHA1 : 2f717fac698875e56ab0513f54394efdcd6040a1
SHA256: 6e71fd8bcb5a8d6844f13e32420dba5b28118683992657b9803b306e6c766c8d
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xCA50
timedatestamp.....: 0x46296ABC (Sat Apr 21 03:37:00 2007)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x24F9B 0x25000 6.60 9a2c52c4743fca24dc5ec60a8283e760
.rdata 0x26000 0x96FE 0xA000 4.61 8ee0670a8953fb5aaf1157542ac0fa64
.data 0x30000 0x8528 0x5000 2.25 088c33d0e2fc72be89257d228a4b3760
.rsrc 0x39000 0xCE60 0xD000 5.33 a0bc0b3a525b1b410d65a817f550cab5
( 12 imports )
> advapi32.dll: RegCloseKey, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA
> comctl32.dll: ImageList_Destroy, -
> comdlg32.dll: GetFileTitleA
> gdi32.dll: ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, SetViewportExtEx, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetMapMode, DPtoLP, GetTextColor, GetBkColor, LPtoDP, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> kernel32.dll: HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, HeapAlloc, GetProfileStringA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, ExitProcess, RtlUnwind, FormatMessageA, GetFileTime, GetFileSize, GetFileAttributesA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, MulDiv, SetLastError, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, lstrlenA, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, CreateMutexA, IsBadWritePtr, GetLastError
> ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
> oleaut32.dll: -, -, -, -, -, -, -, -, -
> oledlg.dll: -
> olepro32.dll: -, -
> shell32.dll: Shell_NotifyIconA
> user32.dll: MessageBeep, InvalidateRect, CharUpperA, RegisterClipboardFormatA, PostThreadMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetMenuItemID, TrackPopupMenu, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetWindowLongA, OffsetRect, IntersectRect, GetNextDlgGroupItem, IsIconic, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, PtInRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, CopyRect, GetClientRect, GetDC, ReleaseDC, GetMenuCheckMarkDimensions, GetMenuState, ModifyMenuA, CheckMenuItem, GetFocus, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, RegisterWindowMessageA, SetTimer, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, SendMessageA, EnableWindow, LoadMenuA, GetSubMenu, GetCursorPos, LoadBitmapA, SetRect, CopyAcceleratorTableA, CharNextA, InflateRect, SystemParametersInfoA, GetSysColorBrush, RemoveMenu, EnableMenuItem, SetMenuItemBitmaps, SetForegroundWindow, LoadImageA, DestroyIcon, LoadStringA, FindWindowA, KillTimer, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetClassNameA, GetDesktopWindow, LoadCursorA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, DestroyMenu, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, IsDlgButtonChecked, GetSysColor, UpdateWindow, SendDlgItemMessageA, GetNextDlgTabItem, SetWindowContextHelpId, MapWindowPoints, LoadIconA
> winspool.drv: ClosePrinter, DocumentPropertiesA, OpenPrinterA
( 0 exports )
TrID : File type identification
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
ThreatExpert: https://www.symantec.com?md5=09b5359e63ef3202d22f2f60349e29fb
Information additionnelle
File size: 270336 bytes
MD5 : 09b5359e63ef3202d22f2f60349e29fb
SHA1 : 2f717fac698875e56ab0513f54394efdcd6040a1
SHA256: 6e71fd8bcb5a8d6844f13e32420dba5b28118683992657b9803b306e6c766c8d
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xCA50
timedatestamp.....: 0x46296ABC (Sat Apr 21 03:37:00 2007)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x24F9B 0x25000 6.60 9a2c52c4743fca24dc5ec60a8283e760
.rdata 0x26000 0x96FE 0xA000 4.61 8ee0670a8953fb5aaf1157542ac0fa64
.data 0x30000 0x8528 0x5000 2.25 088c33d0e2fc72be89257d228a4b3760
.rsrc 0x39000 0xCE60 0xD000 5.33 a0bc0b3a525b1b410d65a817f550cab5
( 12 imports )
> advapi32.dll: RegCloseKey, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA
> comctl32.dll: ImageList_Destroy, -
> comdlg32.dll: GetFileTitleA
> gdi32.dll: ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, SetViewportExtEx, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetMapMode, DPtoLP, GetTextColor, GetBkColor, LPtoDP, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> kernel32.dll: HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, HeapAlloc, GetProfileStringA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, ExitProcess, RtlUnwind, FormatMessageA, GetFileTime, GetFileSize, GetFileAttributesA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, MulDiv, SetLastError, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, lstrlenA, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, CreateMutexA, IsBadWritePtr, GetLastError
> ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
> oleaut32.dll: -, -, -, -, -, -, -, -, -
> oledlg.dll: -
> olepro32.dll: -, -
> shell32.dll: Shell_NotifyIconA
> user32.dll: MessageBeep, InvalidateRect, CharUpperA, RegisterClipboardFormatA, PostThreadMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetMenuItemID, TrackPopupMenu, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetWindowLongA, OffsetRect, IntersectRect, GetNextDlgGroupItem, IsIconic, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, PtInRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, CopyRect, GetClientRect, GetDC, ReleaseDC, GetMenuCheckMarkDimensions, GetMenuState, ModifyMenuA, CheckMenuItem, GetFocus, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, RegisterWindowMessageA, SetTimer, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, SendMessageA, EnableWindow, LoadMenuA, GetSubMenu, GetCursorPos, LoadBitmapA, SetRect, CopyAcceleratorTableA, CharNextA, InflateRect, SystemParametersInfoA, GetSysColorBrush, RemoveMenu, EnableMenuItem, SetMenuItemBitmaps, SetForegroundWindow, LoadImageA, DestroyIcon, LoadStringA, FindWindowA, KillTimer, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetClassNameA, GetDesktopWindow, LoadCursorA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, DestroyMenu, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, IsDlgButtonChecked, GetSysColor, UpdateWindow, SendDlgItemMessageA, GetNextDlgTabItem, SetWindowContextHelpId, MapWindowPoints, LoadIconA
> winspool.drv: ClosePrinter, DocumentPropertiesA, OpenPrinterA
( 0 exports )
TrID : File type identification
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
ThreatExpert: https://www.symantec.com?md5=09b5359e63ef3202d22f2f60349e29fb
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 09:55
28 août 2009 à 09:55
Il manque la partie principale du rapport
Utilisateur anonyme
28 août 2009 à 09:56
28 août 2009 à 09:56
Je remet tout :D
a-squared 4.5.0.24 2009.08.28 -
AhnLab-V3 5.0.0.2 2009.08.27 -
AntiVir 7.9.1.7 2009.08.28 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.28 -
Avast 4.8.1335.0 2009.08.27 -
AVG 8.5.0.406 2009.08.27 -
BitDefender 7.2 2009.08.28 -
CAT-QuickHeal 10.00 2009.08.27 -
ClamAV 0.94.1 2009.08.28 -
Comodo 2116 2009.08.28 -
DrWeb 5.0.0.12182 2009.08.28 -
eSafe 7.0.17.0 2009.08.27 -
eTrust-Vet 31.6.6705 2009.08.27 -
F-Prot 4.5.1.85 2009.08.27 -
F-Secure 8.0.14470.0 2009.08.28 -
Fortinet 3.120.0.0 2009.08.28 -
GData 19 2009.08.28 -
Ikarus T3.1.1.68.0 2009.08.28 -
Jiangmin 11.0.800 2009.08.28 -
K7AntiVirus 7.10.829 2009.08.27 -
Kaspersky 7.0.0.125 2009.08.28 -
McAfee 5722 2009.08.27 -
McAfee+Artemis 5722 2009.08.27 -
McAfee-GW-Edition 6.8.5 2009.08.28 -
Microsoft 1.5005 2009.08.28 -
NOD32 4375 2009.08.28 -
Norman 2009.08.27 -
nProtect 2009.1.8.0 2009.08.27 -
Panda 10.0.2.2 2009.08.28 -
PCTools 4.4.2.0 2009.08.27 -
Prevx 3.0 2009.08.28 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.45.0 2009.08.28 -
Sunbelt 3.2.1858.2 2009.08.27 -
Symantec 1.4.4.12 2009.08.28 -
TheHacker 6.3.4.3.389 2009.08.27 -
TrendMicro 8.950.0.1094 2009.08.28 -
VBA32 3.12.10.10 2009.08.28 -
ViRobot 2009.8.28.1906 2009.08.28 -
VirusBuster 4.6.5.0 2009.08.28 -
Information additionnelle
File size: 270336 bytes
MD5...: 09b5359e63ef3202d22f2f60349e29fb
SHA1..: 2f717fac698875e56ab0513f54394efdcd6040a1
SHA256: 6e71fd8bcb5a8d6844f13e32420dba5b28118683992657b9803b306e6c766c8d
ssdeep: 3072:6qKYVaQzwF/e7iWeeKfI2xQZEqUgq4YsBrx4ena4vQp98+v0/tocDJSM76K
FAd:Q7eKfgEL4YsBr3ip9SUMeT
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xca50
timedatestamp.....: 0x46296abc (Sat Apr 21 01:37:00 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x24f9b 0x25000 6.60 9a2c52c4743fca24dc5ec60a8283e760
.rdata 0x26000 0x96fe 0xa000 4.61 8ee0670a8953fb5aaf1157542ac0fa64
.data 0x30000 0x8528 0x5000 2.25 088c33d0e2fc72be89257d228a4b3760
.rsrc 0x39000 0xce60 0xd000 5.33 a0bc0b3a525b1b410d65a817f550cab5
( 12 imports )
> KERNEL32.dll: HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, HeapAlloc, GetProfileStringA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, ExitProcess, RtlUnwind, FormatMessageA, GetFileTime, GetFileSize, GetFileAttributesA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, MulDiv, SetLastError, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, lstrlenA, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, CreateMutexA, IsBadWritePtr, GetLastError
> USER32.dll: MessageBeep, InvalidateRect, CharUpperA, RegisterClipboardFormatA, PostThreadMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetMenuItemID, TrackPopupMenu, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetWindowLongA, OffsetRect, IntersectRect, GetNextDlgGroupItem, IsIconic, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, PtInRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, CopyRect, GetClientRect, GetDC, ReleaseDC, GetMenuCheckMarkDimensions, GetMenuState, ModifyMenuA, CheckMenuItem, GetFocus, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, RegisterWindowMessageA, SetTimer, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, SendMessageA, EnableWindow, LoadMenuA, GetSubMenu, GetCursorPos, LoadBitmapA, SetRect, CopyAcceleratorTableA, CharNextA, InflateRect, SystemParametersInfoA, GetSysColorBrush, RemoveMenu, EnableMenuItem, SetMenuItemBitmaps, SetForegroundWindow, LoadImageA, DestroyIcon, LoadStringA, FindWindowA, KillTimer, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetClassNameA, GetDesktopWindow, LoadCursorA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, DestroyMenu, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, IsDlgButtonChecked, GetSysColor, UpdateWindow, SendDlgItemMessageA, GetNextDlgTabItem, SetWindowContextHelpId, MapWindowPoints, LoadIconA
> GDI32.dll: ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, SetViewportExtEx, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetMapMode, DPtoLP, GetTextColor, GetBkColor, LPtoDP, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegCloseKey, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA
> SHELL32.dll: Shell_NotifyIconA
> COMCTL32.dll: ImageList_Destroy, -
> oledlg.dll: -
> ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
> OLEPRO32.DLL: -, -
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=09b5359e63ef3202d22f2f60349e29fb' target='_blank'>https://www.symantec.com?md5=09b5359e63ef3202d22f2f60349e29fb</a>
a-squared 4.5.0.24 2009.08.28 -
AhnLab-V3 5.0.0.2 2009.08.27 -
AntiVir 7.9.1.7 2009.08.28 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.28 -
Avast 4.8.1335.0 2009.08.27 -
AVG 8.5.0.406 2009.08.27 -
BitDefender 7.2 2009.08.28 -
CAT-QuickHeal 10.00 2009.08.27 -
ClamAV 0.94.1 2009.08.28 -
Comodo 2116 2009.08.28 -
DrWeb 5.0.0.12182 2009.08.28 -
eSafe 7.0.17.0 2009.08.27 -
eTrust-Vet 31.6.6705 2009.08.27 -
F-Prot 4.5.1.85 2009.08.27 -
F-Secure 8.0.14470.0 2009.08.28 -
Fortinet 3.120.0.0 2009.08.28 -
GData 19 2009.08.28 -
Ikarus T3.1.1.68.0 2009.08.28 -
Jiangmin 11.0.800 2009.08.28 -
K7AntiVirus 7.10.829 2009.08.27 -
Kaspersky 7.0.0.125 2009.08.28 -
McAfee 5722 2009.08.27 -
McAfee+Artemis 5722 2009.08.27 -
McAfee-GW-Edition 6.8.5 2009.08.28 -
Microsoft 1.5005 2009.08.28 -
NOD32 4375 2009.08.28 -
Norman 2009.08.27 -
nProtect 2009.1.8.0 2009.08.27 -
Panda 10.0.2.2 2009.08.28 -
PCTools 4.4.2.0 2009.08.27 -
Prevx 3.0 2009.08.28 -
Rising 21.44.11.00 2009.08.25 -
Sophos 4.45.0 2009.08.28 -
Sunbelt 3.2.1858.2 2009.08.27 -
Symantec 1.4.4.12 2009.08.28 -
TheHacker 6.3.4.3.389 2009.08.27 -
TrendMicro 8.950.0.1094 2009.08.28 -
VBA32 3.12.10.10 2009.08.28 -
ViRobot 2009.8.28.1906 2009.08.28 -
VirusBuster 4.6.5.0 2009.08.28 -
Information additionnelle
File size: 270336 bytes
MD5...: 09b5359e63ef3202d22f2f60349e29fb
SHA1..: 2f717fac698875e56ab0513f54394efdcd6040a1
SHA256: 6e71fd8bcb5a8d6844f13e32420dba5b28118683992657b9803b306e6c766c8d
ssdeep: 3072:6qKYVaQzwF/e7iWeeKfI2xQZEqUgq4YsBrx4ena4vQp98+v0/tocDJSM76K
FAd:Q7eKfgEL4YsBr3ip9SUMeT
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xca50
timedatestamp.....: 0x46296abc (Sat Apr 21 01:37:00 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x24f9b 0x25000 6.60 9a2c52c4743fca24dc5ec60a8283e760
.rdata 0x26000 0x96fe 0xa000 4.61 8ee0670a8953fb5aaf1157542ac0fa64
.data 0x30000 0x8528 0x5000 2.25 088c33d0e2fc72be89257d228a4b3760
.rsrc 0x39000 0xce60 0xd000 5.33 a0bc0b3a525b1b410d65a817f550cab5
( 12 imports )
> KERNEL32.dll: HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, HeapAlloc, GetProfileStringA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, ExitProcess, RtlUnwind, FormatMessageA, GetFileTime, GetFileSize, GetFileAttributesA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, MulDiv, SetLastError, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, lstrlenA, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, CreateMutexA, IsBadWritePtr, GetLastError
> USER32.dll: MessageBeep, InvalidateRect, CharUpperA, RegisterClipboardFormatA, PostThreadMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetMenuItemID, TrackPopupMenu, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetWindowLongA, OffsetRect, IntersectRect, GetNextDlgGroupItem, IsIconic, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, PtInRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, CopyRect, GetClientRect, GetDC, ReleaseDC, GetMenuCheckMarkDimensions, GetMenuState, ModifyMenuA, CheckMenuItem, GetFocus, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, RegisterWindowMessageA, SetTimer, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, SendMessageA, EnableWindow, LoadMenuA, GetSubMenu, GetCursorPos, LoadBitmapA, SetRect, CopyAcceleratorTableA, CharNextA, InflateRect, SystemParametersInfoA, GetSysColorBrush, RemoveMenu, EnableMenuItem, SetMenuItemBitmaps, SetForegroundWindow, LoadImageA, DestroyIcon, LoadStringA, FindWindowA, KillTimer, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetClassNameA, GetDesktopWindow, LoadCursorA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, DestroyMenu, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, IsDlgButtonChecked, GetSysColor, UpdateWindow, SendDlgItemMessageA, GetNextDlgTabItem, SetWindowContextHelpId, MapWindowPoints, LoadIconA
> GDI32.dll: ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, SetViewportExtEx, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetMapMode, DPtoLP, GetTextColor, GetBkColor, LPtoDP, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
> comdlg32.dll: GetFileTitleA
> WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
> ADVAPI32.dll: RegCloseKey, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA
> SHELL32.dll: Shell_NotifyIconA
> COMCTL32.dll: ImageList_Destroy, -
> oledlg.dll: -
> ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
> OLEPRO32.DLL: -, -
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=09b5359e63ef3202d22f2f60349e29fb' target='_blank'>https://www.symantec.com?md5=09b5359e63ef3202d22f2f60349e29fb</a>
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 09:59
28 août 2009 à 09:59
Coche cette ligne , et clic sur Fixcheked
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 10:09
28 août 2009 à 10:09
Je n'ai rien trouvé d'autre ...
Refait un log Hijack
Refait un log Hijack
Utilisateur anonyme
28 août 2009 à 10:14
28 août 2009 à 10:14
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:23, on 28/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe
C:\Documents and Settings\Alexandre\Mes documents\Application\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.76.22.110:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWiFiService.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Scan saved at 10:14:23, on 28/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe
C:\Documents and Settings\Alexandre\Mes documents\Application\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.76.22.110:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWiFiService.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Utilisateur anonyme
28 août 2009 à 10:19
28 août 2009 à 10:19
J'avais deja essayer mais je le reessaye , merci pour ton aide precieuse !
A bientot !
A bientot !
XaTon
Messages postés
2041
Date d'inscription
lundi 6 juillet 2009
Statut
Membre
Dernière intervention
22 janvier 2015
208
28 août 2009 à 10:22
28 août 2009 à 10:22
Derien
a+
a+
