Ecran + souris figés

coco -  
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,

depuis quelques temps mon pc se figent

comment coller ici mon rapport hijackthis
merci
Configuration: Windows XP
Internet Explorer 7.0

6 réponses

  1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Bonjour

    Pourquoi avoir utilise ComboFix ?

    • Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
    http://pc-system.fr/
    http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    • Clique sur Recherche et laisse le scan se terminer.
    • Clique, sur Suppression pour finaliser.
    • Tu peux, si tu le souhaites, te servir des Options facultatives.
    • Clique sur Quitter, pour que le rapport puisse se créer.
    • Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).

    + 1 log hijackthis

    1
  2. coco
     
    ComboFix 09-01-21.04 - CORYNE 2009-01-25 18:23:58.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.309 [GMT 1:00]
    Lancé depuis: c:\documents and settings\CORYNE\Bureau\killbagle.exe
    AV: avast! antivirus 4.8.1296 [VPS 090125-0] *On-access scanning disabled* (Updated)
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\CORYNE\Application Data\inst.exe
    c:\program files\FunWebProducts
    c:\program files\MyWebSearch
    c:\program files\MyWebSearch\bar\History\search3
    c:\program files\MyWebSearch\bar\Settings\s_pid.dat
    c:\windows\system32\_000007_.tmp.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_BOONTY_GAMES
    -------\Service_Boonty Games

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-25 au 2009-01-25 ))))))))))))))))))))))))))))))))))))
    .

    2009-01-09 20:58 . 2009-01-24 00:27 <REP> d-------- c:\documents and settings\Les garçons\Tracing
    2009-01-09 20:58 . 2009-01-24 00:27 <REP> d-------- c:\documents and settings\Les garçons\Tracing
    2008-12-30 18:34 . 2008-12-30 18:34 <REP> d-------- c:\program files\MSN Reaper
    2008-12-25 10:27 . 2008-12-25 10:41 <REP> d----c--- c:\documents and settings\CORYNE\Application Data\MP-Manager
    2008-12-25 10:24 . 2008-12-25 10:24 <REP> d-------- c:\program files\MPMAN

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-01-25 17:30 --------- dc----w c:\documents and settings\CORYNE\Application Data\DNA
    2009-01-25 17:30 --------- d-----w c:\program files\DNA
    2009-01-25 17:13 --------- dc----w c:\documents and settings\CORYNE\Application Data\uTorrent
    2009-01-25 11:37 --------- dc----w c:\documents and settings\All Users\Application Data\Google Updater
    2009-01-25 09:58 --------- dc----w c:\documents and settings\CORYNE\Application Data\dvdcss
    2009-01-23 09:26 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-01-23 09:26 --------- d-----w c:\program files\Netropa
    2009-01-23 09:26 --------- d-----w c:\program files\Google
    2009-01-06 09:51 --------- dc----w c:\documents and settings\CORYNE\Application Data\Image Zone Express
    2008-12-31 10:12 --------- dc----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2008-12-31 08:58 --------- d-----w c:\program files\Spybot - Search & Destroy
    2008-12-27 13:50 --------- d-----w c:\program files\COCO PERSO
    2008-12-19 16:07 --------- d-----w c:\program files\Microsoft Silverlight
    2008-12-19 16:07 --------- d-----w c:\program files\Microsoft
    2008-12-19 16:06 --------- d-----w c:\program files\Windows Live
    2008-12-19 16:06 --------- d-----w c:\program files\Microsoft Sync Framework
    2008-12-19 16:00 --------- d-----w c:\program files\Windows Live SkyDrive
    2008-12-19 15:49 --------- d-----w c:\program files\Fichiers communs\Windows Live
    2008-12-18 12:31 --------- d-----w c:\program files\IncrediMail
    2008-12-13 15:10 --------- d-----w c:\documents and settings\Les garçons\Application Data\vlc
    2008-12-13 15:05 --------- d-----w c:\documents and settings\Les garçons\Application Data\dvdcss
    2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
    2008-12-08 16:01 55,136 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
    2008-12-07 12:31 --------- dc----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
    2008-12-04 23:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
    2008-12-04 13:00 --------- dc----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
    2008-12-04 12:15 --------- d-----w c:\program files\Java
    2008-11-27 09:24 43,648 -c--a-w c:\documents and settings\CORYNE\Application Data\GDIPFONTCACHEV1.DAT
    2008-11-27 07:57 --------- d-----w c:\program files\Astonsoft
    2008-11-26 09:04 --------- dc----w c:\documents and settings\CORYNE\Application Data\Canneverbe_Limited
    2008-11-09 17:58 12,959,232 -c--a-w C:\7582_Eval.exe
    2008-04-19 08:22 47,360 -c--a-w c:\documents and settings\CORYNE\Application Data\pcouffin.sys
    2008-03-15 16:35 0 -c--a-w c:\program files\temp01
    2008-07-21 16:43 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008072120080722\index.dat
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-27 68856]
    "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-05 4347120]
    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-16 342848]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" [X]
    "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
    "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 397312]
    "AspireService"="c:\program files\Acer\Acer eMode Management\AspireService.exe" [2005-09-29 114688]
    "MediaSync"="c:\program files\Acer\Acer eConsole\MediaSync.exe" [2005-09-21 425984]
    "MULTIMEDIA KEYBOARD"="c:\program files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-01-17 147456]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
    "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
    "Canal Widget"="c:\program files\Canal\Canal Widget\Launcher.exe" [2008-12-17 105528]
    "LogProtect"="c:\program files\LogProtect\logprotect.exe" [2006-06-20 2348544]
    "Motive SmartBridge"="c:\progra~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe" [2006-04-21 438359]
    "Pense-bête"="c:\program files\AXEL\Pense-bête\pensebet.exe" [2002-06-10 972800]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
    "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 c:\windows\RTHDCPL.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
    Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
    LE COMPAGNON CLUB.lnk - c:\program files\Club-Internet\LE COMPAGNON CLUB\bin\matcli.exe [2008-09-08 217088]
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
    "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\DNA\\btdna.exe"=
    "c:\\Program Files\\BitTorrent\\bittorrent.exe"=
    "c:\\Program Files\\uTorrent\\uTorrent.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "9383:TCP"= 9383:TCP:BitComet 9383 TCP
    "9383:UDP"= 9383:UDP:BitComet 9383 UDP

    R0 m5287;m5287;c:\windows\system32\drivers\m5287.sys [2005-02-05 85888]
    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-22 111184]
    R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2008-03-17 6656]
    R3 P1120VID;Creative WebCam NX Ultra;c:\windows\system32\drivers\P1120Vid.sys [2004-01-12 1252474]
    R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-07-22 20560]
    R4 CanalPlus.VOD;CanalPlus.VOD;c:\program files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440]
    R4 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2008-12-19 55136]
    R4 nhksrv;Netropa NHK Server;c:\program files\Netropa\Multimedia Keyboard\nhksrv.exe [2008-03-17 28672]
    R4 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
    S3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
    S3 w200bus;Sony Ericsson W200 driver (WDM);c:\windows\system32\drivers\w200bus.sys [2008-03-28 61504]
    S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;c:\windows\system32\drivers\w200mdfl.sys [2008-03-28 9328]
    S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;c:\windows\system32\drivers\w200mdm.sys [2008-03-28 97056]
    S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w200mgmt.sys [2008-03-28 88560]
    S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;c:\windows\system32\drivers\w200obex.sys [2008-03-28 86368]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9a655066-d265-11dd-a84d-0016ecc26f77}]
    \Shell\Auto\command - cmd /C launch.bat
    \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    HKCU-Run-Cld2000.exe - c:\program files\Calendrier\Cld2000.exe
    HKCU-RunOnce-TONLFR - c:\program files\club-internet\LE COMPAGNON CLUB\SmartBridge\DExec.exe
    HKLM-Run-Agendatronic Alarm - c:\progra~1\RIBMON~1\AGENDA~1\AlarmClock\AlarmClock.exe
    HKLM-Run-PlatriumWeather - c:\program files\Platrium\bin\1.2.103.0\Weather.exe

    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
    mStart Page = hxxp://fr.yahoo.com
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = 127.0.0.1
    uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
    DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-01-25 18:31:44
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(700)
    c:\windows\system32\Ati2evxx.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\ati2evxx.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\Acer\Acer eConsole\MediaServerService.exe
    c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    c:\windows\system32\ati2evxx.exe
    c:\program files\Netropa\Multimedia Keyboard\Traymon.exe
    c:\program files\Netropa\Onscreen Display\osd.exe
    c:\program files\LogProtect\lpwchdg.exe
    c:\program files\Club-Internet\LE COMPAGNON CLUB\bin\mpbtn.exe
    c:\program files\HP\Digital Imaging\bin\hpqste08.exe
    c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-01-25 18:34:17 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-01-25 17:34:14

    Avant-CF: 39 817 891 840 octets libres
    Après-CF: 41,501,720,576 octets libres

    209 --- E O F --- 2009-01-23 23:29:34
    0
  3. coco
     
    [ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

    -->- Recherche:

    C:\Combofix.txt: trouvé !
    C:\cleannavi.txt: trouvé !
    C:\Qoobox: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\HijackThis.exe: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\hijackthis.log: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Msnfix.zip: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1.lnk: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\hijackthis.log: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\MsnFix: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\MSNFix\MsnFix: trouvé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1\Navilog1.exe: trouvé !
    C:\Documents and Settings\CORYNE\Mes documents\msnfix.txt: trouvé !
    C:\Documents and Settings\CORYNE\Recent\MSNFix.lnk: trouvé !
    C:\Program Files\Navilog1: trouvé !
    C:\Program Files\Navilog1\Navilog1.bat: trouvé !
    C:\WINDOWS\msnfix.txt: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\HijackThis.exe: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Msnfix.zip: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1.lnk: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1\Navilog1.exe: supprimé !
    C:\Documents and Settings\CORYNE\Recent\MSNFix.lnk: supprimé !
    C:\Program Files\Navilog1\Navilog1.bat: supprimé !
    C:\Combofix.txt: supprimé !
    C:\cleannavi.txt: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\hijackthis.log: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\hijackthis.log: supprimé !
    C:\Documents and Settings\CORYNE\Mes documents\msnfix.txt: supprimé !
    C:\WINDOWS\msnfix.txt: supprimé !
    C:\Qoobox: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\MsnFix: supprimé !
    C:\Documents and Settings\CORYNE\Bureau\coco perso\Navilog1: supprimé !
    C:\Program Files\Navilog1: supprimé !
    0
  4. coco
     
    je n'arrive pas a coller le rapport hijackthis
    0
    1. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
       
      Re

      Qui t'a fait passer tous ces Fix ?

      Tout selectionner
      Copier >> CTRL+C
      Coller >> CTRL+V
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. coco
     
    meme en faisant ctrlc ou v ca ne marche pas......
    0
  7. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Re

    Edition
    Tout selectionner
    Edition
    Copier
    Edition
    Coller
    0