A voir également:
- à l'aide mon pc rame je c plus que faire
- Pc qui rame que faire - Guide
- Plus de son sur mon pc - Guide
- Remettre a zero un pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
11 réponses
slt
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
antivir trouve des infections?
as tu essayé de restaurer ton pc avant les soucis:
http://www.infoprat.net/astuces/windows2k_xp/astuces/divers_004.php
puis
scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
as tu essayé de restaurer ton pc avant les soucis:
http://www.infoprat.net/astuces/windows2k_xp/astuces/divers_004.php
puis
scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
dsl mais ça rame vraiment pour l antivir j arrive pas à le lancer ça ne répond pas et la restauration na pas marché.. j ai fait l antimalware voila ce que cela donne
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1766
Windows 5.1.2600 Service Pack 3
23/04/2009 14:43:12
mbam-log-2009-04-23 (14-43-12).txt
Type de recherche: Examen rapide
Eléments examinés: 58260
Temps écoulé: 19 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1766
Windows 5.1.2600 Service Pack 3
23/04/2009 14:43:12
mbam-log-2009-04-23 (14-43-12).txt
Type de recherche: Examen rapide
Eléments examinés: 58260
Temps écoulé: 19 minute(s), 3 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
voilà ce que ça donne
ComboFix 09-04-23.A3 - User 23/04/2009 15:59.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.479.218 [GMT 2:00]
Lancé depuis: c:\documents and settings\User\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
FW: ZoneAlarm Firewall *disabled*
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system\oeminfo.ini
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-23 au 2009-4-23 ))))))))))))))))))))))))))))))))))))
.
2009-04-17 09:05 . 2009-04-23 12:16 -------- dc----w c:\windows\ie8(2)
2009-04-17 08:49 . 2009-04-17 08:49 -------- d-----w c:\documents and settings\User\PrivacIE
2009-04-17 07:39 . 2009-04-17 07:39 -------- d-----w c:\documents and settings\NetworkService\IETldCache
2009-04-17 07:38 . 2009-04-17 07:38 -------- d-----w c:\documents and settings\User\IETldCache
2009-04-17 07:36 . 2009-04-23 12:16 -------- d-----w c:\windows\ie8updates
2009-04-15 23:07 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 23:07 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 23:07 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-15 23:07 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 23:07 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 23:07 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 23:07 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 23:07 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 23:07 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 23:06 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-15 23:06 . 2009-03-27 06:54 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 23:06 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 14:02 . 2008-09-14 15:56 44154912 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-23 12:17 . 2008-09-14 15:56 518552 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-23 12:16 . 2008-12-18 17:12 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-23 12:16 . 2009-04-17 11:47 -------- d-----w c:\program files\Rastafarai Script V4-4
2009-04-23 12:15 . 2008-12-18 17:12 -------- d-----w c:\program files\Windows Live
2009-04-23 12:15 . 2009-04-18 18:38 -------- d-----w c:\program files\PhotoFiltre
2009-04-23 12:15 . 2008-09-14 13:47 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-04-23 12:15 . 2008-09-14 13:47 -------- d-----w c:\program files\NOS
2009-04-23 11:16 . 2008-12-13 21:12 -------- d-----w c:\documents and settings\User\Application Data\Skype
2009-04-23 10:31 . 2009-04-23 10:31 682 ----a-w C:\INSTMLF.LOG
2009-04-23 10:28 . 2008-12-13 21:14 -------- d-----w c:\documents and settings\User\Application Data\skypePM
2009-04-23 10:21 . 2008-04-05 13:39 17864 ----a-w c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-23 10:05 . 2009-04-23 10:04 2773 ----a-w C:\FindyKill.txt
2009-04-23 10:05 . 2009-02-16 23:52 -------- d-----w c:\program files\FindyKill
2009-04-23 08:59 . 2008-06-08 15:58 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-23 08:32 . 2009-04-23 08:32 -------- d-----w c:\program files\Microsoft Sync Framework
2009-04-21 13:16 . 2009-01-14 18:13 58953 ----a-w C:\_SQL.txt
2009-04-18 07:24 . 2008-11-19 06:25 9092724 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-04-17 07:37 . 2006-03-02 12:00 73020 ----a-w c:\windows\system32\perfc00C.dat
2009-04-17 07:37 . 2006-03-02 12:00 464474 ----a-w c:\windows\system32\perfh00C.dat
2009-04-16 08:30 . 2009-04-16 08:31 1946624 ----a-w c:\windows\Internet Logs\xDB19.tmp
2009-04-16 01:00 . 2009-04-17 09:34 1946112 ----a-w c:\windows\Internet Logs\xDB1A.tmp
2009-04-14 07:46 . 2009-04-14 07:46 1945088 ----a-w c:\windows\Internet Logs\xDB18.tmp
2009-04-08 15:57 . 2008-04-05 11:57 -------- d-----w c:\documents and settings\User\Application Data\OpenOffice.org2
2009-04-04 08:47 . 2009-04-23 08:58 1943040 ----a-w c:\windows\Internet Logs\xDB1B.tmp
2009-03-23 10:40 . 2009-03-23 10:41 1931264 ----a-w c:\windows\Internet Logs\xDB17.tmp
2009-03-21 14:07 . 2006-03-02 12:00 1054720 ----a-w c:\windows\system32\kernel32(2)(2).dll
2009-03-06 14:20 . 2006-03-02 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-04 22:24 . 2009-01-19 13:49 -------- d-----w c:\program files\eMule
2009-03-03 00:13 . 2006-03-02 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-03-03 00:13 . 2006-03-02 12:00 826368 ----a-w c:\windows\system32\wininet(2)(2).dll
2009-02-28 21:31 . 2007-08-13 10:32 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-26 14:26 . 2009-02-26 14:33 1911296 ----a-w c:\windows\Internet Logs\xDB16.tmp
2009-02-20 17:10 . 2006-03-02 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-20 17:10 . 2006-03-02 12:00 1160192 ----a-w c:\windows\system32\urlmon(2)(2).dll
2009-02-20 17:10 . 2006-03-02 12:00 105984 ----a-w c:\windows\system32\url(2)(2).dll
2009-02-20 17:10 . 2007-08-13 16:34 268288 ----a-w c:\windows\system32\iertutil(2)(2).dll
2009-02-16 19:29 . 2009-02-16 18:01 1679 ----a-w C:\TB.txt
2009-02-10 17:06 . 2004-08-19 16:04 2068096 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:05 . 2006-03-02 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:24 . 2006-03-02 12:00 2191104 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2006-03-02 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 11:23 . 2006-03-02 12:00 111104 ----a-w c:\windows\system32\services(2)(2).exe
2009-02-09 10:53 . 2006-03-02 12:00 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2006-03-02 12:00 735744 ----a-w c:\windows\system32\lsasrv(2)(2).dll
2009-02-09 10:53 . 2006-03-02 12:00 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2006-03-02 12:00 739840 ----a-w c:\windows\system32\ntdll(2)(2).dll
2009-02-09 10:53 . 2006-03-02 12:00 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2006-03-02 12:00 685568 ----a-w c:\windows\system32\advapi32(2)(2).dll
2009-02-09 10:53 . 2006-03-02 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2006-03-02 12:00 401408 ----a-w c:\windows\system32\rpcss(2)(2).dll
2009-02-06 10:39 . 2006-03-02 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2006-03-02 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2009-02-03 19:58 . 2006-03-02 12:00 56832 ----a-w c:\windows\system32\secur32(2)(2).dll
2008-05-01 18:17 . 2008-05-01 18:17 9232 ----a-w c:\documents and settings\User\mqdmmdfl.sys
2008-05-01 18:17 . 2008-05-01 18:17 92064 ----a-w c:\documents and settings\User\mqdmmdm.sys
2008-05-01 18:17 . 2008-05-01 18:17 79328 ----a-w c:\documents and settings\User\mqdmserd.sys
2008-05-01 18:17 . 2008-05-01 18:17 66656 ----a-w c:\documents and settings\User\mqdmbus.sys
2008-05-01 18:17 . 2008-05-01 18:17 6208 ----a-w c:\documents and settings\User\mqdmcmnt.sys
2008-05-01 18:17 . 2008-05-01 18:17 5936 ----a-w c:\documents and settings\User\mqdmwhnt.sys
2008-05-01 18:17 . 2008-05-01 18:17 4048 ----a-w c:\documents and settings\User\mqdmcr.sys
2008-05-01 18:17 . 2008-05-01 18:17 25600 ----a-w c:\documents and settings\User\usbsermptxp.sys
2008-05-01 18:17 . 2008-05-01 18:17 22768 ----a-w c:\documents and settings\User\usbsermpt.sys
2008-10-25 07:14 . 2008-10-25 07:14 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008102520081026\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-08 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"V0250Mon.exe"="c:\windows\V0250Mon.exe" [2006-06-07 32768]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"AVFX Engine"="c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-08 24576]
"SiSPower"="SiSPower.dll" - c:\windows\system32\SiSPower.dll [2007-04-10 53248]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-4-5 262144]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Tgl0beSCRIPT\\mIRC.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R3 NvcMFlt;NvcMFlt;c:\windows\system32\DRIVERS\nvcw32mf.sys [2008-02-11 19512]
R3 nvcoas;Norman Virus Control on-access component; [x]
R3 V0250Dev;Live! Cam Notebook Pro;c:\windows\system32\DRIVERS\V0250Dev.sys [2006-06-27 185504]
R3 V0250Vfx;V0250Vfx;c:\windows\system32\DRIVERS\V0250Vfx.sys [2006-03-24 6272]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552]
.
Contenu du dossier 'Tâches planifiées'
2009-04-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-08 07:42]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
mWindow Title =
IE: &Windows Live Search
IE: Add to Windows &Live Favorites
IE: { - c:\program files\Messenger\msmsgs.exe
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ro8afmnz.default\
FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIAWB1&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 16:01
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2009-04-23 16:03
ComboFix-quarantined-files.txt 2009-04-23 14:03
Avant-CF: 120 305 012 736 octets libres
Après-CF: 120 400 400 384 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
186 --- E O F --- 2009-04-23 11:04
ComboFix 09-04-23.A3 - User 23/04/2009 15:59.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.479.218 [GMT 2:00]
Lancé depuis: c:\documents and settings\User\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
FW: ZoneAlarm Firewall *disabled*
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system\oeminfo.ini
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-23 au 2009-4-23 ))))))))))))))))))))))))))))))))))))
.
2009-04-17 09:05 . 2009-04-23 12:16 -------- dc----w c:\windows\ie8(2)
2009-04-17 08:49 . 2009-04-17 08:49 -------- d-----w c:\documents and settings\User\PrivacIE
2009-04-17 07:39 . 2009-04-17 07:39 -------- d-----w c:\documents and settings\NetworkService\IETldCache
2009-04-17 07:38 . 2009-04-17 07:38 -------- d-----w c:\documents and settings\User\IETldCache
2009-04-17 07:36 . 2009-04-23 12:16 -------- d-----w c:\windows\ie8updates
2009-04-15 23:07 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 23:07 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 23:07 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-15 23:07 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 23:07 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 23:07 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 23:07 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-15 23:07 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 23:07 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 23:06 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-15 23:06 . 2009-03-27 06:54 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 23:06 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 14:02 . 2008-09-14 15:56 44154912 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-23 12:17 . 2008-09-14 15:56 518552 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-23 12:16 . 2008-12-18 17:12 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-23 12:16 . 2009-04-17 11:47 -------- d-----w c:\program files\Rastafarai Script V4-4
2009-04-23 12:15 . 2008-12-18 17:12 -------- d-----w c:\program files\Windows Live
2009-04-23 12:15 . 2009-04-18 18:38 -------- d-----w c:\program files\PhotoFiltre
2009-04-23 12:15 . 2008-09-14 13:47 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-04-23 12:15 . 2008-09-14 13:47 -------- d-----w c:\program files\NOS
2009-04-23 11:16 . 2008-12-13 21:12 -------- d-----w c:\documents and settings\User\Application Data\Skype
2009-04-23 10:31 . 2009-04-23 10:31 682 ----a-w C:\INSTMLF.LOG
2009-04-23 10:28 . 2008-12-13 21:14 -------- d-----w c:\documents and settings\User\Application Data\skypePM
2009-04-23 10:21 . 2008-04-05 13:39 17864 ----a-w c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-23 10:05 . 2009-04-23 10:04 2773 ----a-w C:\FindyKill.txt
2009-04-23 10:05 . 2009-02-16 23:52 -------- d-----w c:\program files\FindyKill
2009-04-23 08:59 . 2008-06-08 15:58 -------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-04-23 08:32 . 2009-04-23 08:32 -------- d-----w c:\program files\Microsoft Sync Framework
2009-04-21 13:16 . 2009-01-14 18:13 58953 ----a-w C:\_SQL.txt
2009-04-18 07:24 . 2008-11-19 06:25 9092724 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-04-17 07:37 . 2006-03-02 12:00 73020 ----a-w c:\windows\system32\perfc00C.dat
2009-04-17 07:37 . 2006-03-02 12:00 464474 ----a-w c:\windows\system32\perfh00C.dat
2009-04-16 08:30 . 2009-04-16 08:31 1946624 ----a-w c:\windows\Internet Logs\xDB19.tmp
2009-04-16 01:00 . 2009-04-17 09:34 1946112 ----a-w c:\windows\Internet Logs\xDB1A.tmp
2009-04-14 07:46 . 2009-04-14 07:46 1945088 ----a-w c:\windows\Internet Logs\xDB18.tmp
2009-04-08 15:57 . 2008-04-05 11:57 -------- d-----w c:\documents and settings\User\Application Data\OpenOffice.org2
2009-04-04 08:47 . 2009-04-23 08:58 1943040 ----a-w c:\windows\Internet Logs\xDB1B.tmp
2009-03-23 10:40 . 2009-03-23 10:41 1931264 ----a-w c:\windows\Internet Logs\xDB17.tmp
2009-03-21 14:07 . 2006-03-02 12:00 1054720 ----a-w c:\windows\system32\kernel32(2)(2).dll
2009-03-06 14:20 . 2006-03-02 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-04 22:24 . 2009-01-19 13:49 -------- d-----w c:\program files\eMule
2009-03-03 00:13 . 2006-03-02 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-03-03 00:13 . 2006-03-02 12:00 826368 ----a-w c:\windows\system32\wininet(2)(2).dll
2009-02-28 21:31 . 2007-08-13 10:32 -------- d-----w c:\program files\Microsoft Silverlight
2009-02-26 14:26 . 2009-02-26 14:33 1911296 ----a-w c:\windows\Internet Logs\xDB16.tmp
2009-02-20 17:10 . 2006-03-02 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-20 17:10 . 2006-03-02 12:00 1160192 ----a-w c:\windows\system32\urlmon(2)(2).dll
2009-02-20 17:10 . 2006-03-02 12:00 105984 ----a-w c:\windows\system32\url(2)(2).dll
2009-02-20 17:10 . 2007-08-13 16:34 268288 ----a-w c:\windows\system32\iertutil(2)(2).dll
2009-02-16 19:29 . 2009-02-16 18:01 1679 ----a-w C:\TB.txt
2009-02-10 17:06 . 2004-08-19 16:04 2068096 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 14:05 . 2006-03-02 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:24 . 2006-03-02 12:00 2191104 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2006-03-02 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 11:23 . 2006-03-02 12:00 111104 ----a-w c:\windows\system32\services(2)(2).exe
2009-02-09 10:53 . 2006-03-02 12:00 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2006-03-02 12:00 735744 ----a-w c:\windows\system32\lsasrv(2)(2).dll
2009-02-09 10:53 . 2006-03-02 12:00 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2006-03-02 12:00 739840 ----a-w c:\windows\system32\ntdll(2)(2).dll
2009-02-09 10:53 . 2006-03-02 12:00 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2006-03-02 12:00 685568 ----a-w c:\windows\system32\advapi32(2)(2).dll
2009-02-09 10:53 . 2006-03-02 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2006-03-02 12:00 401408 ----a-w c:\windows\system32\rpcss(2)(2).dll
2009-02-06 10:39 . 2006-03-02 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2006-03-02 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2009-02-03 19:58 . 2006-03-02 12:00 56832 ----a-w c:\windows\system32\secur32(2)(2).dll
2008-05-01 18:17 . 2008-05-01 18:17 9232 ----a-w c:\documents and settings\User\mqdmmdfl.sys
2008-05-01 18:17 . 2008-05-01 18:17 92064 ----a-w c:\documents and settings\User\mqdmmdm.sys
2008-05-01 18:17 . 2008-05-01 18:17 79328 ----a-w c:\documents and settings\User\mqdmserd.sys
2008-05-01 18:17 . 2008-05-01 18:17 66656 ----a-w c:\documents and settings\User\mqdmbus.sys
2008-05-01 18:17 . 2008-05-01 18:17 6208 ----a-w c:\documents and settings\User\mqdmcmnt.sys
2008-05-01 18:17 . 2008-05-01 18:17 5936 ----a-w c:\documents and settings\User\mqdmwhnt.sys
2008-05-01 18:17 . 2008-05-01 18:17 4048 ----a-w c:\documents and settings\User\mqdmcr.sys
2008-05-01 18:17 . 2008-05-01 18:17 25600 ----a-w c:\documents and settings\User\usbsermptxp.sys
2008-05-01 18:17 . 2008-05-01 18:17 22768 ----a-w c:\documents and settings\User\usbsermpt.sys
2008-10-25 07:14 . 2008-10-25 07:14 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008102520081026\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-08 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"WOOWATCH"="c:\progra~1\Wanadoo\Watch.exe" [2004-08-23 20480]
"V0250Mon.exe"="c:\windows\V0250Mon.exe" [2006-06-07 32768]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"AVFX Engine"="c:\program files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-08 24576]
"SiSPower"="SiSPower.dll" - c:\windows\system32\SiSPower.dll [2007-04-10 53248]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-4-5 262144]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Tgl0beSCRIPT\\mIRC.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R3 NvcMFlt;NvcMFlt;c:\windows\system32\DRIVERS\nvcw32mf.sys [2008-02-11 19512]
R3 nvcoas;Norman Virus Control on-access component; [x]
R3 V0250Dev;Live! Cam Notebook Pro;c:\windows\system32\DRIVERS\V0250Dev.sys [2006-06-27 185504]
R3 V0250Vfx;V0250Vfx;c:\windows\system32\DRIVERS\V0250Vfx.sys [2006-03-24 6272]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552]
.
Contenu du dossier 'Tâches planifiées'
2009-04-23 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-08 07:42]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.orange.fr/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
mWindow Title =
IE: &Windows Live Search
IE: Add to Windows &Live Favorites
IE: { - c:\program files\Messenger\msmsgs.exe
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ro8afmnz.default\
FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIAWB1&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 16:01
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2009-04-23 16:03
ComboFix-quarantined-files.txt 2009-04-23 14:03
Avant-CF: 120 305 012 736 octets libres
Après-CF: 120 400 400 384 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
186 --- E O F --- 2009-04-23 11:04
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tu peux mettre un scan avec antivir?
ou télécharge bitdefender free (je dis bien free) et colle un rapport avec
https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html
ou télécharge bitdefender free (je dis bien free) et colle un rapport avec
https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html
j'ai réussi à fr une analyse avec antivir voilà le résultat
Scanning for 1362642 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: USER-0B22B1ECB2
Version information:
BUILD.DAT : 8.2.0.347 16934 Bytes 16/03/2009 14:45:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 15:44:24
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 13:47:39
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 11:30:57
ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 16/04/2009 09:52:56
ANTIVIR3.VDF : 7.1.3.96 114688 Bytes 23/04/2009 10:21:57
Engineversion : 8.2.0.148
AEVDF.DLL : 8.1.1.0 106868 Bytes 31/01/2009 11:32:28
AESCRIPT.DLL : 8.1.1.75 373113 Bytes 23/04/2009 10:22:02
AESCN.DLL : 8.1.1.10 127348 Bytes 23/04/2009 10:22:01
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 13:29:01
AEPACK.DLL : 8.1.3.14 397685 Bytes 23/04/2009 10:22:01
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 27/02/2009 15:58:02
AEHEUR.DLL : 8.1.0.119 1724791 Bytes 23/04/2009 10:22:00
AEHELP.DLL : 8.1.2.2 119158 Bytes 27/02/2009 15:58:01
AEGEN.DLL : 8.1.1.36 340341 Bytes 23/04/2009 10:21:59
AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/2008 12:27:27
AECORE.DLL : 8.1.6.9 176500 Bytes 23/04/2009 10:21:58
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 12:27:25
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.3 155688 Bytes 23/04/2009 10:21:58
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 23 avril 2009 16:10
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'mIRC.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'sistray.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'StartFX.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'V0250Mon.exe' - '1' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'fbserver.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'fbguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
39 processes with 39 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '50' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: jeudi 23 avril 2009 16:42
Used time: 32:12 Minute(s)
The scan has been done completely.
5827 Scanning directories
203309 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
203308 Files not concerned
1934 Archives were scanned
1 Warnings
0 Notes
Scanning for 1362642 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: USER-0B22B1ECB2
Version information:
BUILD.DAT : 8.2.0.347 16934 Bytes 16/03/2009 14:45:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 25/11/2008 15:44:24
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 13:47:39
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 11:30:57
ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 16/04/2009 09:52:56
ANTIVIR3.VDF : 7.1.3.96 114688 Bytes 23/04/2009 10:21:57
Engineversion : 8.2.0.148
AEVDF.DLL : 8.1.1.0 106868 Bytes 31/01/2009 11:32:28
AESCRIPT.DLL : 8.1.1.75 373113 Bytes 23/04/2009 10:22:02
AESCN.DLL : 8.1.1.10 127348 Bytes 23/04/2009 10:22:01
AERDL.DLL : 8.1.1.3 438645 Bytes 05/11/2008 13:29:01
AEPACK.DLL : 8.1.3.14 397685 Bytes 23/04/2009 10:22:01
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 27/02/2009 15:58:02
AEHEUR.DLL : 8.1.0.119 1724791 Bytes 23/04/2009 10:22:00
AEHELP.DLL : 8.1.2.2 119158 Bytes 27/02/2009 15:58:01
AEGEN.DLL : 8.1.1.36 340341 Bytes 23/04/2009 10:21:59
AEEMU.DLL : 8.1.0.9 393588 Bytes 15/10/2008 12:27:27
AECORE.DLL : 8.1.6.9 176500 Bytes 23/04/2009 10:21:58
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 12:27:25
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.3 155688 Bytes 23/04/2009 10:21:58
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: jeudi 23 avril 2009 16:10
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'mIRC.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'sistray.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'StartFX.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'V0250Mon.exe' - '1' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'fbserver.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'FTRTSVC.exe' - '1' Module(s) have been scanned
Scan process 'fbguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
39 processes with 39 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '50' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
End of the scan: jeudi 23 avril 2009 16:42
Used time: 32:12 Minute(s)
The scan has been done completely.
5827 Scanning directories
203309 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
203308 Files not concerned
1934 Archives were scanned
1 Warnings
0 Notes
à part le fait ke mon internet exploreur de veux plus s ouvrir non ça à l aire d aller merci beaucoup
pour internnet exploreur je pense ke je vais le désinstaller et le réinstaller
pour internnet exploreur je pense ke je vais le désinstaller et le réinstaller
repare windows:
https://www.pcastuces.com/pratique/windows/xp/default.htm
sinon effectivement reinstalle internet explorer ou remplace internet explorer par la version 8
https://www.pcastuces.com/pratique/windows/xp/default.htm
sinon effectivement reinstalle internet explorer ou remplace internet explorer par la version 8
je pense pas que tu a du avoir mon dernier message je c pas ce k il c passé, donc g installer internet explorer ki d ailleur ne marche toujours pas , et en plus de cela mon pc à recommencer à ramer kan il a fallut ke j éteigne mon ordinateur pour la mise en route d internet exploreur qui d aileur ne marche toujours pas
colle un scan en ligne chez kaspersky pour verifier
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
alors mets bitdefender free (je dis bien free) et colle un rapport avec:
https://www.google.fr/search?q=bitdefender+free&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:fr:official&client=firefox-a&gws_rd=ssl
https://www.google.fr/search?q=bitdefender+free&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:fr:official&client=firefox-a&gws_rd=ssl
Logfile of random's system information tool 1.05 (written by random/random)
Run by User at 2009-04-23 13:09:23
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 116 GB (76%) free of 153 GB
Total RAM: 479 MB (19% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:11:09, on 23/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\V0250Mon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [V0250Mon.exe] C:\WINDOWS\V0250Mon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - C:\VIRUSfighter\Nvc\bin\nvcoas.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe