A voir également:
- Ordinateur lent....Virus pour Noel??!!!....
- Nettoyer ordinateur portable lent - Guide
- Numéro père noël whatsapp - Accueil - Messagerie instantanée
- Réinitialiser ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Mon mac est lent comment le nettoyer - Guide
28 réponses
Que faire après ?
Je n'ai pas vu tes recommandations après le mode destruction....
Kill'em by g3n-h@ckm@n 1.1.6.0
User : Transboat (Administrateurs) # JEAN-LUC
Update on 18/12/2009 by g3n-h@ckm@n ::::: 20:30
Start at: 11:15:31 | 23/12/2009
Contact : g3n-h@ckm@n sur CCM
Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Symantec AntiVirus Corporate Edition 10.0.0.359 [ (!) Disabled | Updated ]
C:\ -> Disque fixe local | 67,42 Go (8,18 Go free) | NTFS
D:\ -> Disque CD-ROM | 0 Mo (0 Mo free) [Audio CD] | CDFS
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe 580
C:\WINDOWS\system32\csrss.exe 636
C:\WINDOWS\system32\winlogon.exe 664
C:\WINDOWS\system32\services.exe 708
C:\WINDOWS\system32\lsass.exe 720
C:\WINDOWS\system32\Ati2evxx.exe 880
C:\WINDOWS\system32\svchost.exe 900
C:\WINDOWS\system32\svchost.exe 960
C:\WINDOWS\System32\svchost.exe 1004
C:\WINDOWS\system32\svchost.exe 1088
C:\WINDOWS\system32\svchost.exe 1124
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe 1376
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe 1424
C:\WINDOWS\system32\Ati2evxx.exe 1528
C:\WINDOWS\Explorer.EXE 1712
C:\WINDOWS\system32\spoolsv.exe 1776
C:\WINDOWS\system32\svchost.exe 1268
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1328
C:\Program Files\Bonjour\mDNSResponder.exe 1352
C:\Program Files\Symantec AntiVirus\DefWatch.exe 1312
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1492
C:\WINDOWS\system32\lxctcoms.exe 1540
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE 1552
C:\Program Files\MioNet\MioNetManager.exe 1816
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1972
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe 260
C:\WINDOWS\system32\svchost.exe 288
C:\Program Files\Symantec AntiVirus\Rtvscan.exe 300
C:\WINDOWS\system32\wdfmgr.exe 1596
C:\Program Files\MioNet\jvm\bin\MioNet.exe 512
C:\WINDOWS\System32\alg.exe 2908
C:\Program Files\Java\jre1.5.0\bin\jusched.exe 2776
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 2788
C:\WINDOWS\RTHDCPL.EXE 2796
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe 2832
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2848
C:\WINDOWS\AGRSMMSG.exe 2856
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe 3064
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe 3204
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe 3212
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe 3232
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe 3268
C:\Program Files\Samsung\DisplayManager\dmhkcore.exe 3272
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe 3288
C:\PROGRA~1\SYMANT~1\VPTray.exe 3304
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe 3308
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe 3440
C:\WINDOWS\VM_STI.EXE 3508
C:\Program Files\Lexmark 5400 Series\lxctmon.exe 3544
C:\Program Files\Lexmark 5400 Series\ezprint.exe 1808
C:\Program Files\iTunes\iTunesHelper.exe 3676
C:\WINDOWS\system32\ctfmon.exe 3732
C:\Program Files\Logitech\SetPoint\SetPoint.exe 380
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE 1160
C:\Program Files\iPod\bin\iPodService.exe 2436
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 3164
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 3296
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1936
C:\WINDOWS\system32\rundll32.exe 572
C:\Program Files\List_Kill'em\List_Kill'em.exe 2988
C:\WINDOWS\system32\cmd.exe 3680
C:\WINDOWS\system32\wbem\wmiprvse.exe 1920
C:\Documents and Settings\Transboat\Local Settings\Temp\B.tmp\pv.exe 2320
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
"C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe"
"C:\WINDOWS\System32\drivers\etc\hosts.msn"
¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :
Quarantine :
bwUnin-7.2.0.137-8876480SL.exe.Kill'em
hosts.msn.Kill'em
==============
host file OK !
==============
========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
Deleted : HKLM\SYSTEM\ControlSet001\Enum\Root\Legacy_NDISRD
Deleted : HKLM\SYSTEM\ControlSet002\Enum\Root\Legacy_NDISRD
============
Disk Cleaned
============
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Je n'ai pas vu tes recommandations après le mode destruction....
Kill'em by g3n-h@ckm@n 1.1.6.0
User : Transboat (Administrateurs) # JEAN-LUC
Update on 18/12/2009 by g3n-h@ckm@n ::::: 20:30
Start at: 11:15:31 | 23/12/2009
Contact : g3n-h@ckm@n sur CCM
Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Symantec AntiVirus Corporate Edition 10.0.0.359 [ (!) Disabled | Updated ]
C:\ -> Disque fixe local | 67,42 Go (8,18 Go free) | NTFS
D:\ -> Disque CD-ROM | 0 Mo (0 Mo free) [Audio CD] | CDFS
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running
C:\WINDOWS\System32\smss.exe 580
C:\WINDOWS\system32\csrss.exe 636
C:\WINDOWS\system32\winlogon.exe 664
C:\WINDOWS\system32\services.exe 708
C:\WINDOWS\system32\lsass.exe 720
C:\WINDOWS\system32\Ati2evxx.exe 880
C:\WINDOWS\system32\svchost.exe 900
C:\WINDOWS\system32\svchost.exe 960
C:\WINDOWS\System32\svchost.exe 1004
C:\WINDOWS\system32\svchost.exe 1088
C:\WINDOWS\system32\svchost.exe 1124
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe 1376
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe 1424
C:\WINDOWS\system32\Ati2evxx.exe 1528
C:\WINDOWS\Explorer.EXE 1712
C:\WINDOWS\system32\spoolsv.exe 1776
C:\WINDOWS\system32\svchost.exe 1268
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1328
C:\Program Files\Bonjour\mDNSResponder.exe 1352
C:\Program Files\Symantec AntiVirus\DefWatch.exe 1312
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 1492
C:\WINDOWS\system32\lxctcoms.exe 1540
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE 1552
C:\Program Files\MioNet\MioNetManager.exe 1816
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 1972
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe 260
C:\WINDOWS\system32\svchost.exe 288
C:\Program Files\Symantec AntiVirus\Rtvscan.exe 300
C:\WINDOWS\system32\wdfmgr.exe 1596
C:\Program Files\MioNet\jvm\bin\MioNet.exe 512
C:\WINDOWS\System32\alg.exe 2908
C:\Program Files\Java\jre1.5.0\bin\jusched.exe 2776
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 2788
C:\WINDOWS\RTHDCPL.EXE 2796
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe 2832
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2848
C:\WINDOWS\AGRSMMSG.exe 2856
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe 3064
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe 3204
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe 3212
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe 3232
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe 3268
C:\Program Files\Samsung\DisplayManager\dmhkcore.exe 3272
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe 3288
C:\PROGRA~1\SYMANT~1\VPTray.exe 3304
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe 3308
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe 3440
C:\WINDOWS\VM_STI.EXE 3508
C:\Program Files\Lexmark 5400 Series\lxctmon.exe 3544
C:\Program Files\Lexmark 5400 Series\ezprint.exe 1808
C:\Program Files\iTunes\iTunesHelper.exe 3676
C:\WINDOWS\system32\ctfmon.exe 3732
C:\Program Files\Logitech\SetPoint\SetPoint.exe 380
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE 1160
C:\Program Files\iPod\bin\iPodService.exe 2436
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 3164
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 3296
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1936
C:\WINDOWS\system32\rundll32.exe 572
C:\Program Files\List_Kill'em\List_Kill'em.exe 2988
C:\WINDOWS\system32\cmd.exe 3680
C:\WINDOWS\system32\wbem\wmiprvse.exe 1920
C:\Documents and Settings\Transboat\Local Settings\Temp\B.tmp\pv.exe 2320
Detections :
==========
¤¤¤¤¤¤¤¤¤¤ Files/folders :
"C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe"
"C:\WINDOWS\System32\drivers\etc\hosts.msn"
¤¤¤¤¤¤¤¤¤¤ Files/folders deleted :
Quarantine :
bwUnin-7.2.0.137-8876480SL.exe.Kill'em
hosts.msn.Kill'em
==============
host file OK !
==============
========
Registry
========
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe
Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe
Deleted : HKLM\SYSTEM\ControlSet001\Enum\Root\Legacy_NDISRD
Deleted : HKLM\SYSTEM\ControlSet002\Enum\Root\Legacy_NDISRD
============
Disk Cleaned
============
================
Prefetch cleaned
================
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Excuse, pas vu la 2eme page...
Voici le rapport
Logfile of random's system information tool 1.06 (written by random/random)
Run by Transboat at 2009-12-23 11:29:32
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 8 GB (12%) free of 69 GB
Total RAM: 894 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:37, on 23/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Samsung\DisplayManager\dmhkcore.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Transboat\Local Settings\Temporary Internet Files\Content.IE5\MEFSHO7M\RSIT[1].exe
C:\Program Files\trend micro\Transboat.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SUPBackGround] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\_OTM\MovedFiles\12232009_100329\C_Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: TrayMin300.exe.lnk = C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O24 - Desktop Component 0: (no name) - http://co106w.col106.mail.live.com/...|0|8CC3F006C58B4E0||
Voici le rapport
Logfile of random's system information tool 1.06 (written by random/random)
Run by Transboat at 2009-12-23 11:29:32
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 8 GB (12%) free of 69 GB
Total RAM: 894 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:37, on 23/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Samsung\DisplayManager\dmhkcore.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Transboat\Local Settings\Temporary Internet Files\Content.IE5\MEFSHO7M\RSIT[1].exe
C:\Program Files\trend micro\Transboat.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SUPBackGround] C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\_OTM\MovedFiles\12232009_100329\C_Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: TrayMin300.exe.lnk = C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O24 - Desktop Component 0: (no name) - http://co106w.col106.mail.live.com/...|0|8CC3F006C58B4E0||
Comment va le PC ?
Fait :
1. Démarrer > Exécuter > “%PROGRAMFILES%\Bonjour\mDNSResponder.exe” -remove
2. Rends toi dans le dossier : C:\Program Files\Bonjour\
3. Renomme “mdnsNSP.dll” en “mdnsNSP.bak”
4. Redémarrer le PC
5. Supprime le dossier C:\Program Files\Bonjour
Fait :
1. Démarrer > Exécuter > “%PROGRAMFILES%\Bonjour\mDNSResponder.exe” -remove
2. Rends toi dans le dossier : C:\Program Files\Bonjour\
3. Renomme “mdnsNSP.dll” en “mdnsNSP.bak”
4. Redémarrer le PC
5. Supprime le dossier C:\Program Files\Bonjour
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Gros problème....le wifi ne fonctionne plus, impossible de suprimer le fichier, j'ai du me connecter en cable ethernet
bonjour
il faudrai d'abord traiter cette infection
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a47999e-d33f-11dd-8919-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6868f5f2-f5d5-11dd-8966-001377321898}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82dfa75c-7869-11db-b761-001377321898}]
shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94fa941c-341a-11de-89cc-001377321898}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb9ec7ae-bb39-11de-8a70-001377321898}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\m.exe /s
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9759e4-4140-11dd-b7c9-001377321898}]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5491baf-bd4f-11de-8a77-001377321898}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
il faudrai d'abord traiter cette infection
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a47999e-d33f-11dd-8919-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6868f5f2-f5d5-11dd-8966-001377321898}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82dfa75c-7869-11db-b761-001377321898}]
shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94fa941c-341a-11de-89cc-001377321898}]
shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb9ec7ae-bb39-11de-8a70-001377321898}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\m.exe /s
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf9759e4-4140-11dd-b7c9-001377321898}]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5491baf-bd4f-11de-8a77-001377321898}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
Après avoir galéré pour récupérer les fichiers manquants our le wifi et le cable ethernet pour enfin me reconnecter , l'ordi semble tout de meme plus rapide
Je pense en rester là...
Merci pour votre aide
Ptiono
Je pense en rester là...
Merci pour votre aide
Ptiono
Télécharge USBFix de Chiquitine29 , C_XX et Chimay8 sur ton bureau
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau .
# Sélectionne l'option 2 ( Suppression )
# Ton bureau disparaitra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou
https://www.ionos.fr/?affiliate_id=77097
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau .
# Sélectionne l'option 2 ( Suppression )
# Ton bureau disparaitra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite poste le rapport UsbFix.txt qui apparaitra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
