A voir également:
- Virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Softonic virus ✓ - Forum Virus
- Faux message virus iphone - Forum iPhone
9 réponses
BmV
Messages postés
91485
Date d'inscription
samedi 24 août 2002
Statut
Modérateur
Dernière intervention
21 décembre 2024
4 698
25 sept. 2005 à 13:05
25 sept. 2005 à 13:05
Salut.
Et ton virus, il a quel nom ?
Que dit ton Antivirus .... Windows ???? (!!!)
Et ton virus, il a quel nom ?
Que dit ton Antivirus .... Windows ???? (!!!)
BmV
Messages postés
91485
Date d'inscription
samedi 24 août 2002
Statut
Modérateur
Dernière intervention
21 décembre 2024
4 698
25 sept. 2005 à 14:47
25 sept. 2005 à 14:47
Oui.
Bon.
D'accord.
Allez, fais un scan (sérieux) en ligne.
Soit là http://www.secuser.com/outils/antivirus.htm soit (très pro mais plus long) ici http://webscanner.kaspersky.fr/ et raconte nous les résultats.
Bon.
D'accord.
Allez, fais un scan (sérieux) en ligne.
Soit là http://www.secuser.com/outils/antivirus.htm soit (très pro mais plus long) ici http://webscanner.kaspersky.fr/ et raconte nous les résultats.
Alors j'ai pris le premier lien
ça donne ça
total scanned : 130526 infected files : 48
virus scan result file
js inor.ab non cleanable c:\windows\temporary internet files\content.ie5\svr3m45x\count[1].htm
troj dloader.fn non cleanable c:\windows\system32\picsvr\picsvr.exe
troj agent.cf non cleanable c:\windows\system32\dp-him.exe
troj apropos.a non cleanable c:\windows\system32\paqace.exe
bkdr bdg.a non cleanable c:\windows\system32\lfrmgr.exe
troj agent.eg non cleanable c:\windows\system32\polall1m.exe
troj small.go non cleanable c:\windows\system32\cs4po28.exe
troj stilen.a non cleanable c:\windows\system32\silent.exe
troj bdi.a non cleanable c:\windows\system32\kjberup.exe
troj apropo.h non cleanable c:\windows\system32\sceckbox.exe
troj lalus.a non cleanable c:\windows\system32\dp807615.exe
troj alemod.i non cleanable c:\windows\system32\oleext.dll
troj dhijack.a non cleanable c:\windows\system32\wininet.dll
troj agent.ca non cleanable c:\windows\lastgood\system32\bhmbob.exe
bkdr bdi.a non cleanable c:\windows\zuuvyh.exe
bkdr bdi.a non cleanable c:\windows\riebccl.exe
troj spooner.a non cleanable c:\windows\sp.exe
troj krepper.y non cleanable c:\bde\bdeviewer.exe
adw ruledor.c non cleanable c:\program files\clearsearch\loader.exe
troj agent.bj non cleanable c:\program files\clipgenie\webinstall.Exe
troj rblast.dll non cleanable c:\program files\istbar\istbar.dll
troj startpage.a non cleanable c:\documents and settings\all users\application data\setup\setup.dll
troj startpage.uw non cleanable c:\documents and settings\all users\application data\setup\tools.exe
troj startpage.uw non cleanable c:\documents and settings\all users\application data\tools\tools.exe
troj stilen.a non cleanable c:\documents and settings\cosson sylvain\local settings\temp\d7.exe
troj dloader.abf non cleanable c:\documents and settings\cosson sylvain\local settings\temp\istsv_.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048306.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048307.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048308.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048309.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048310.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048311.exe
troj apropo.d non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048346.exe
troj apropo.c non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048347.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048368.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048369.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048377.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048378.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048379.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048380.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048381.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048382.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048383.exe
troj bispy.b non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048677.dll
tspy istbar.ac non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048761.exe
troj alchemic.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048767.exe
adw ruledor.c non cleanable c:\clrschp072.exe
troj apropo.e non cleanable c:\may17_loader.exe
ça donne ça
total scanned : 130526 infected files : 48
virus scan result file
js inor.ab non cleanable c:\windows\temporary internet files\content.ie5\svr3m45x\count[1].htm
troj dloader.fn non cleanable c:\windows\system32\picsvr\picsvr.exe
troj agent.cf non cleanable c:\windows\system32\dp-him.exe
troj apropos.a non cleanable c:\windows\system32\paqace.exe
bkdr bdg.a non cleanable c:\windows\system32\lfrmgr.exe
troj agent.eg non cleanable c:\windows\system32\polall1m.exe
troj small.go non cleanable c:\windows\system32\cs4po28.exe
troj stilen.a non cleanable c:\windows\system32\silent.exe
troj bdi.a non cleanable c:\windows\system32\kjberup.exe
troj apropo.h non cleanable c:\windows\system32\sceckbox.exe
troj lalus.a non cleanable c:\windows\system32\dp807615.exe
troj alemod.i non cleanable c:\windows\system32\oleext.dll
troj dhijack.a non cleanable c:\windows\system32\wininet.dll
troj agent.ca non cleanable c:\windows\lastgood\system32\bhmbob.exe
bkdr bdi.a non cleanable c:\windows\zuuvyh.exe
bkdr bdi.a non cleanable c:\windows\riebccl.exe
troj spooner.a non cleanable c:\windows\sp.exe
troj krepper.y non cleanable c:\bde\bdeviewer.exe
adw ruledor.c non cleanable c:\program files\clearsearch\loader.exe
troj agent.bj non cleanable c:\program files\clipgenie\webinstall.Exe
troj rblast.dll non cleanable c:\program files\istbar\istbar.dll
troj startpage.a non cleanable c:\documents and settings\all users\application data\setup\setup.dll
troj startpage.uw non cleanable c:\documents and settings\all users\application data\setup\tools.exe
troj startpage.uw non cleanable c:\documents and settings\all users\application data\tools\tools.exe
troj stilen.a non cleanable c:\documents and settings\cosson sylvain\local settings\temp\d7.exe
troj dloader.abf non cleanable c:\documents and settings\cosson sylvain\local settings\temp\istsv_.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048306.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048307.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048308.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048309.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048310.exe
troj uploader.f non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048311.exe
troj apropo.d non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048346.exe
troj apropo.c non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048347.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048368.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048369.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048377.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048378.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048379.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048380.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048381.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048382.exe
bkdr sandbox.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048383.exe
troj bispy.b non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048677.dll
tspy istbar.ac non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048761.exe
troj alchemic.a non cleanable c:\system volume information\_restore{19ae085a-fe4e-4623-a871-cd96660a40e10}\rp189\a0048767.exe
adw ruledor.c non cleanable c:\clrschp072.exe
troj apropo.e non cleanable c:\may17_loader.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
25 sept. 2005 à 19:36
25 sept. 2005 à 19:36
Salut, impressionnant tous ça ...
tu peux fixer ceci:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/search/ie.aspx?tbid=50093
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=0&id=1.20031
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=0&id=1.20031
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=0&id=1.20031
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww12.default-homepage-network.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=146189
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50093
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.shopnav.com/q.cgi?q=
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
Bon y'a encore des trucs a fixer mais je laisse les pro après ..
Telecharge ceci et fait un scan avec tous.
Spybot:
Spybot Search & Destroy
A² free: (anti trojan)
a² free
ad aware:
Ad-aware
bon courage!
tu peux fixer ceci:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/search/ie.aspx?tbid=50093
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=0&id=1.20031
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.shopnav.com/sidesearch.cgi?uid=0&id=1.20031
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.shopnav.com/sidesearch.cgi?uid=0&id=1.20031
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww12.default-homepage-network.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=146189
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/search/ie.aspx?tbid=50093
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.shopnav.com/q.cgi?q=
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
Bon y'a encore des trucs a fixer mais je laisse les pro après ..
Telecharge ceci et fait un scan avec tous.
Spybot:
Spybot Search & Destroy
A² free: (anti trojan)
a² free
ad aware:
Ad-aware
bon courage!
merci pour ton aide
j'ai fait un scan avec tous, mon pc est déjà un peu moins lent
maintenant je dois faire quoi pour me débarasser de mon problème ???
j'ai fait un scan avec tous, mon pc est déjà un peu moins lent
maintenant je dois faire quoi pour me débarasser de mon problème ???
Salut,
Logfile of HijackThis v1.99.1
Scan saved at 10:34:11, on 26/09/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\Program Files\WinAntiVirus 2005 Pro\AVKernel.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\sbwnyjy.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE
C:\Program Files\WinAntiVirus 2005 Pro\AVTray.exe
C:\WINDOWS\System32\intell32.exe
C:\windows\rlvknlg.exe
C:\Program Files\hast\rmtr.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Scriptlet.Tools - {3E4563A4-2A9B-4912-BE38-906A0CB702CC} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: HomepageBHO - {893fad3a-931e-4e53-b515-b1426d63799b} - C:\WINDOWS\System32\hpA9EE.tmp
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Search - {491FE89E-5AB9-F6C8-6E97-8F032BF03041} - C:\WINDOWS\Zeemkrxy.dll (file missing)
O3 - Toolbar: MBKWBar - {EA5A82FB-D6BE-44F9-9363-B1ABABC153C1} - C:\Program Files\MBKWBar\IEToolBar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [2ZYPAYE57AAX7E] C:\WINDOWS\System32\Xkej.exe
O4 - HKLM\..\Run: [d7] C:\documents and settings\cosson sylvain\local settings\temp\d7.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\System32\IEHost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Upsfc] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\app9A.tmp
O4 - HKLM\..\Run: [xsj] C:\WINDOWS\xsj.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [2d46a9006849] C:\WINDOWS\System32\OpenQuic.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [qtrf39P] sceckbox.exe
O4 - HKLM\..\Run: [eltupt] C:\WINDOWS\eltupt.exe
O4 - HKLM\..\Run: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKLM\..\Run: [0ulej38c] C:\WINDOWS\System32\0ulej38c.exe
O4 - HKLM\..\Run: [TempLoader] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\Loader.EXE
O4 - HKLM\..\Run: [AVTray] "C:\Program Files\WinAntiVirus 2005 Pro\AVTray.exe"
O4 - HKLM\..\Run: [jOG4I] C:\WINDOWS\utnwr.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [iqcfsnl] C:\WINDOWS\System32\sbwnyjy.exe r
O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe -boot
O4 - HKLM\..\RunServices: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [bA0pRVj8X] scathlp.exe
O4 - HKCU\..\Run: [Eyimdra] C:\WINDOWS\System32\obm.exe
O4 - HKCU\..\Run: [kfzi] C:\PROGRA~1\COMMON~2\kfzi\kfzim.exe
O4 - HKCU\..\Run: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKCU\..\Run: [Puub] C:\Program Files\hast\rmtr.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: Win32 Classes -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: AVKernel - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus 2005 Pro\AVKernel.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 10:34:11, on 26/09/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\Program Files\WinAntiVirus 2005 Pro\AVKernel.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\sbwnyjy.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE
C:\Program Files\WinAntiVirus 2005 Pro\AVTray.exe
C:\WINDOWS\System32\intell32.exe
C:\windows\rlvknlg.exe
C:\Program Files\hast\rmtr.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Scriptlet.Tools - {3E4563A4-2A9B-4912-BE38-906A0CB702CC} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: HomepageBHO - {893fad3a-931e-4e53-b515-b1426d63799b} - C:\WINDOWS\System32\hpA9EE.tmp
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Search - {491FE89E-5AB9-F6C8-6E97-8F032BF03041} - C:\WINDOWS\Zeemkrxy.dll (file missing)
O3 - Toolbar: MBKWBar - {EA5A82FB-D6BE-44F9-9363-B1ABABC153C1} - C:\Program Files\MBKWBar\IEToolBar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [2ZYPAYE57AAX7E] C:\WINDOWS\System32\Xkej.exe
O4 - HKLM\..\Run: [d7] C:\documents and settings\cosson sylvain\local settings\temp\d7.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\System32\IEHost.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Upsfc] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\app9A.tmp
O4 - HKLM\..\Run: [xsj] C:\WINDOWS\xsj.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [2d46a9006849] C:\WINDOWS\System32\OpenQuic.exe
O4 - HKLM\..\Run: [Nsv] C:\WINDOWS\System32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [qtrf39P] sceckbox.exe
O4 - HKLM\..\Run: [eltupt] C:\WINDOWS\eltupt.exe
O4 - HKLM\..\Run: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKLM\..\Run: [0ulej38c] C:\WINDOWS\System32\0ulej38c.exe
O4 - HKLM\..\Run: [TempLoader] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\Loader.EXE
O4 - HKLM\..\Run: [AVTray] "C:\Program Files\WinAntiVirus 2005 Pro\AVTray.exe"
O4 - HKLM\..\Run: [jOG4I] C:\WINDOWS\utnwr.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [iqcfsnl] C:\WINDOWS\System32\sbwnyjy.exe r
O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe -boot
O4 - HKLM\..\RunServices: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [bA0pRVj8X] scathlp.exe
O4 - HKCU\..\Run: [Eyimdra] C:\WINDOWS\System32\obm.exe
O4 - HKCU\..\Run: [kfzi] C:\PROGRA~1\COMMON~2\kfzi\kfzim.exe
O4 - HKCU\..\Run: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKCU\..\Run: [Puub] C:\Program Files\hast\rmtr.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: Win32 Classes -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: AVKernel - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus 2005 Pro\AVKernel.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Utilisateur anonyme
26 sept. 2005 à 13:35
26 sept. 2005 à 13:35
Salut, tu peux relancer hijack faire comme avant et fixer ceci:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: HomepageBHO - {893fad3a-931e-4e53-b515-b1426d63799b} - C:\WINDOWS\System32\hpA9EE.tmp
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Search - {491FE89E-5AB9-F6C8-6E97-8F032BF03041} - C:\WINDOWS\Zeemkrxy.dll (file missing)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [2ZYPAYE57AAX7E] C:\WINDOWS\System32\Xkej.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Upsfc] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\app9A.tmp
O4 - HKLM\..\Run: [xsj] C:\WINDOWS\xsj.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [2d46a9006849] C:\WINDOWS\System32\OpenQuic.exe
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [qtrf39P] sceckbox.exe
O4 - HKLM\..\Run: [eltupt] C:\WINDOWS\eltupt.exe
O4 - HKLM\..\Run: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKLM\..\Run: [0ulej38c] C:\WINDOWS\System32\0ulej38c.exe O4 - HKLM\..\Run: [jOG4I] C:\WINDOWS\utnwr.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\RunServices: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
Puub
1. Met à jour ton Xp(urgent):
Clic sur demarrer, tous les programmes,(tout en haut) windows update (clic dessus puis telecharge toute les mises à jour qu'il te prouve)
2.Clean Up 40:
telecharge le pui sfait un scan
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
3. Anti-virus en ligne:
Fait un scan
anti virus en ligne
http://webscanner.kaspersky.fr/
4.Spybot, ad-aware, et A²free:
Refait un scan avec ces trois logiciels là.
5.Hijack:
Après que tu as fais tout ça redonne moi un log hijack s'il te plait
Bon courage!!
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: HomepageBHO - {893fad3a-931e-4e53-b515-b1426d63799b} - C:\WINDOWS\System32\hpA9EE.tmp
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: Search - {491FE89E-5AB9-F6C8-6E97-8F032BF03041} - C:\WINDOWS\Zeemkrxy.dll (file missing)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [2ZYPAYE57AAX7E] C:\WINDOWS\System32\Xkej.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Upsfc] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\app9A.tmp
O4 - HKLM\..\Run: [xsj] C:\WINDOWS\xsj.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [2d46a9006849] C:\WINDOWS\System32\OpenQuic.exe
O4 - HKLM\..\Run: [picsvr] C:\WINDOWS\System32\picsvr\picsvr.exe
O4 - HKLM\..\Run: [qtrf39P] sceckbox.exe
O4 - HKLM\..\Run: [eltupt] C:\WINDOWS\eltupt.exe
O4 - HKLM\..\Run: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
O4 - HKLM\..\Run: [0ulej38c] C:\WINDOWS\System32\0ulej38c.exe O4 - HKLM\..\Run: [jOG4I] C:\WINDOWS\utnwr.exe
O4 - HKLM\..\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\RunServices: [\tools.exe] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tools\tools.exe
Puub
1. Met à jour ton Xp(urgent):
Clic sur demarrer, tous les programmes,(tout en haut) windows update (clic dessus puis telecharge toute les mises à jour qu'il te prouve)
2.Clean Up 40:
telecharge le pui sfait un scan
http://pageperso.aol.fr/balltrap34/CleanUp40.exe
3. Anti-virus en ligne:
Fait un scan
anti virus en ligne
http://webscanner.kaspersky.fr/
4.Spybot, ad-aware, et A²free:
Refait un scan avec ces trois logiciels là.
5.Hijack:
Après que tu as fais tout ça redonne moi un log hijack s'il te plait
Bon courage!!
Salut,
voilà j'ai suivi les étapes que tu m'as données
j'ai refait un hijack que voilà :
Logfile of HijackThis v1.99.1
Scan saved at 00:18:17, on 01/10/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\System32\mssearchnet.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE
C:\WINDOWS\System32\bjkazh.exe
C:\windows\rlvknlg.exe
C:\WINDOWS\System32\obm.exe
C:\Program Files\hast\rmtr.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Scriptlet.Tools - {EEBA788A-C268-492A-B7FE-42C2B6C553D4} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin\bin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {EA5A82FB-D6BE-44F9-9363-B1ABABC153C1} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [d7] C:\documents and settings\cosson sylvain\local settings\temp\d7.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [TempLoader] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\Loader.EXE
O4 - HKLM\..\Run: [AVTray] "C:\Program Files\WinAntiVirus 2005 Pro\AVTray.exe"
O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe -boot
O4 - HKLM\..\Run: [ohsayvx] C:\WINDOWS\System32\bjkazh.exe r
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [bA0pRVj8X] scathlp.exe
O4 - HKCU\..\Run: [Eyimdra] C:\WINDOWS\System32\obm.exe
O4 - HKCU\..\Run: [kfzi] C:\PROGRA~1\COMMON~2\kfzi\kfzim.exe
O4 - HKCU\..\Run: [Puub] C:\Program Files\hast\rmtr.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127735829470
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
merci de ton aide
sylvain
voilà j'ai suivi les étapes que tu m'as données
j'ai refait un hijack que voilà :
Logfile of HijackThis v1.99.1
Scan saved at 00:18:17, on 01/10/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\System32\mssearchnet.exe
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\BTTNSERV.EXE
C:\WINDOWS\System32\bjkazh.exe
C:\windows\rlvknlg.exe
C:\WINDOWS\System32\obm.exe
C:\Program Files\hast\rmtr.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\COMPAQ\EASYAC~1\EAUSBKBD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Scriptlet.Tools - {EEBA788A-C268-492A-B7FE-42C2B6C553D4} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin\bin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {EA5A82FB-D6BE-44F9-9363-B1ABABC153C1} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll (file missing)
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [d7] C:\documents and settings\cosson sylvain\local settings\temp\d7.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [TempLoader] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\Loader.EXE
O4 - HKLM\..\Run: [AVTray] "C:\Program Files\WinAntiVirus 2005 Pro\AVTray.exe"
O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe -boot
O4 - HKLM\..\Run: [ohsayvx] C:\WINDOWS\System32\bjkazh.exe r
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [bA0pRVj8X] scathlp.exe
O4 - HKCU\..\Run: [Eyimdra] C:\WINDOWS\System32\obm.exe
O4 - HKCU\..\Run: [kfzi] C:\PROGRA~1\COMMON~2\kfzi\kfzim.exe
O4 - HKCU\..\Run: [Puub] C:\Program Files\hast\rmtr.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing)
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\JETCAR.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127735829470
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
merci de ton aide
sylvain
Salut Sylvain
Alors pour commencer:
1.met ton windows à jour clique ci-dessous:
SP2:
http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=fr
Puis tu peux encore fixer ceci:
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Scriptlet.Tools - {EEBA788A-C268-492A-B7FE-42C2B6C553D4} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin\bin.dll
O3 - Toolbar: (no name) - {EA5A82FB-D6BE-44F9-9363-B1ABABC153C1} - (no file)
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [d7] C:\documents and settings\cosson sylvain\local settings\temp\d7.exe
O4 - HKLM\..\Run: [TempLoader] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\Loader.EXE
O4 - HKLM\..\Run: [ohsayvx] C:\WINDOWS\System32\bjkazh.exe r
O4 - HKCU\..\Run: [bA0pRVj8X] scathlp.exe
O4 - HKCU\..\Run: [Eyimdra] C:\WINDOWS\System32\obm.exe
O4 - HKCU\..\Run: [kfzi] C:\PROGRA~1\COMMON~2\kfzi\kfzim.exe
O4 - HKCU\..\Run: [Puub] C:\Program Files\hast\rmtr.exe
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing
Alors pour commencer:
1.met ton windows à jour clique ci-dessous:
SP2:
http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=fr
Puis tu peux encore fixer ceci:
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Scriptlet.Tools - {EEBA788A-C268-492A-B7FE-42C2B6C553D4} - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bin\bin.dll
O3 - Toolbar: (no name) - {EA5A82FB-D6BE-44F9-9363-B1ABABC153C1} - (no file)
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [d7] C:\documents and settings\cosson sylvain\local settings\temp\d7.exe
O4 - HKLM\..\Run: [TempLoader] C:\DOCUME~1\COSSON~1\LOCALS~1\Temp\Loader.EXE
O4 - HKLM\..\Run: [ohsayvx] C:\WINDOWS\System32\bjkazh.exe r
O4 - HKCU\..\Run: [bA0pRVj8X] scathlp.exe
O4 - HKCU\..\Run: [Eyimdra] C:\WINDOWS\System32\obm.exe
O4 - HKCU\..\Run: [kfzi] C:\PROGRA~1\COMMON~2\kfzi\kfzim.exe
O4 - HKCU\..\Run: [Puub] C:\Program Files\hast\rmtr.exe
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\ms.exe (file missing
