Sujet Précédent Sujet Suivant

Probleme d affichage du bureau

vuillemoun -  
 bernie61 -
Bonjour,
J'ai un souci avec l'affichage de mon bureau que je ne peux changer apres avoir executer spybot et ad aware en mode normal et en mode sans échecv rien n'y fait pourriez vous me depannez please

Scan saved at 17:40:41, on 14/10/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\jet95\jsdaemon.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\jet95\JETSTAT.EXE
C:\Program Files\Fichiers communs\efax\dllcmd32.exe
C:\WINDOWS\System32\wuauclt.exe
c:\jet95\JSFMAN.EXE
C:\Program Files\Norton AntiVirus\OPScan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\MV\LOCALS~1\Temp\Rar$EX00.781\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [HD Observer] C:\Program Files\Process Leader Software\HD Observer\HD Observer.exe
O4 - HKLM\..\Run: [FSH] C:\WINDOWS\system32\svcnva.exe home
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Etat de HP LaserJet 3150.lnk = C:\jet95\JETSTAT.EXE
O4 - Global Startup: Live Menu.lnk = C:\Program Files\Fichiers communs\efax\dllcmd32.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127421482614
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O20 - Winlogon Notify: winnsw32 - C:\WINDOWS\SYSTEM32\winnsw32.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: jsdaemon - JetFax, Inc. - c:\jet95\jsdaemon.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
A voir également:

8 réponses

Réponse 1 / 8
Utilisateur anonyme
 
salut
commence par ce scan en ligne:

Lance ce scan en ligne:
http://www.bitdefender.com/scan/licence.php
Copie/colle le rapport

ton affichage de bureau a quoi? que se passe t il, tu peux etre plus precise?

a+
0
VUILLEMOUN
 
BitDefender Online Scanner



Scan report generated at: Sat, Oct 15, 2005 - 12:50:42


Bonjour,
voila le scan de bitdefender, pour essayer de miuex expliquer mon probleme à chaque fois que je lance IE apres le demarrage ca ne marche pas et je suis obligé de desactiver et reactiver plusieurs fois ma connexion sans fil avant de pouvoir utiliser IE normalement


Scan path: C:\;D:\;E:\;







Statistics

Time
00:31:15

Files
201446

Folders
3651

Boot Sectors
4

Archives
1245

Packed Files
28127




Results

Identified Viruses
8

Infected Files
29

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
41




Engines Info

Virus Definitions
221609

Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)

Scan plugins
13

Archive plugins
39

Unpack plugins
4

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Program Files\Norton AntiVirus\Quarantine\65B959F5.exe=>(Quarantine-2)
Infected with: Dropped:Trojan.Proxy.Win32.Small.CT

C:\Program Files\Norton AntiVirus\Quarantine\65B959F5.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\65B959F5.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2D114A39.dll=>(Quarantine-2)
Infected with: Win32.Nsag.B

C:\Program Files\Norton AntiVirus\Quarantine\2D114A39.dll=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2D114A39.dll=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2D181E31.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.BHO

C:\Program Files\Norton AntiVirus\Quarantine\2D181E31.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2D181E31.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\026620E6.exe=>(Quarantine-2)
Infected with: Dropped:Trojan.Proxy.Win32.Small.CT

C:\Program Files\Norton AntiVirus\Quarantine\026620E6.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\026620E6.exe=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\52B74675.dll=>(Quarantine-2)
Infected with: Win32.Nsag.B

C:\Program Files\Norton AntiVirus\Quarantine\52B74675.dll=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\52B74675.dll=>(Quarantine-2)
Deleted

C:\Program Files\Norton AntiVirus\Quarantine\52CE6C5C.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.BHO

C:\Program Files\Norton AntiVirus\Quarantine\52CE6C5C.exe=>(Quarantine-2)
Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\52CE6C5C.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP125\A0009293.exe
Infected with: Win32.Bagle.DH@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP125\A0009293.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP125\A0009293.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP125\A0009294.exe
Infected with: Win32.Bagle.DH@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP125\A0009294.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP125\A0009294.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009299.exe
Infected with: Win32.Bagle.DL@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009299.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009299.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009300.exe
Infected with: Win32.Bagle.DL@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009300.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009300.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009359.dll
Infected with: Win32.Bagle.DW@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009359.dll
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009359.dll
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009360.exe
Infected with: Win32.Bagle.DH@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009360.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009360.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009361.exe
Infected with: Win32.Bagle.DH@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009361.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009361.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009363.exe
Infected with: Win32.Bagle.DL@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009363.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009363.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009364.exe
Infected with: Win32.Bagle.DL@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009364.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009364.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009406.dll
Infected with: Win32.Bagle.DW@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009406.dll
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009406.dll
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009407.exe
Infected with: Win32.Bagle.DH@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009407.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009407.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009409.exe
Infected with: Win32.Bagle.DL@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009409.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009409.exe
Deleted

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009410.exe
Infected with: Win32.Bagle.DL@mm

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009410.exe
Disinfection failed

C:\System Volume Information\_restore{199CF0E7-01B3-41F3-BE00-6D1C8C9DF6F2}\RP126\A0009410.exe
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP32\A0001808.exe
Infected with: Win32.Bagle.DI@mm

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP32\A0001808.exe
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP32\A0001808.exe
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002074.com
Infected with: Trojan.Downloader.Delf.KS

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002074.com
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002074.com
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002075.com
Infected with: Trojan.Downloader.Delf.KS

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002075.com
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002075.com
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002084.exe
Infected with: Trojan.Downloader.Delf.KS

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002084.exe
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP44\A0002084.exe
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003312.exe=>(Quarantine-2)
Infected with: Dropped:Trojan.Proxy.Win32.Small.CT

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003312.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003312.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003313.dll=>(Quarantine-2)
Infected with: Win32.Nsag.B

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003313.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003313.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003314.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.BHO

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003314.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003314.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003315.exe=>(Quarantine-2)
Infected with: Dropped:Trojan.Proxy.Win32.Small.CT

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003315.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003315.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003316.dll=>(Quarantine-2)
Infected with: Win32.Nsag.B

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003316.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003316.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003317.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.BHO

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003317.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{9790E97E-1A0B-4292-AA97-91FCFD35E47D}\RP59\A0003317.exe=>(Quarantine-2)
Deleted
0
Réponse 2 / 8
Utilisateur anonyme
 
re,
ce soucis la est reglé?
l'affichage de mon bureau que je ne peux changer

A+
0
VUILLEMOUN
 
OUi ca c'est reglé mais pas mon probleme de connexion au demarrage
0
Réponse 3 / 8
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
salut
remet un hijack et que veut tu dire par probleme de connection au demarrage
0
VUILLEMOUN
 
J'ai besoin de votre aide pour l'analyse de ce qui suit. Le problème est que je ne peux pas me connecter à internet sans desactiver puis reactiver ma connexion juste apres ledemarrage sinon je tombe sur une page impossible à afficher avec comme adresse
res://C:\WINDOWS\System32\shdoclc.dll/dnserror.htm...

Pouvez vous m'aider please

voila pour le nouveau hijack

Logfile of HijackThis v1.99.1
Scan saved at 23:41:09, on 16/10/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Acer\Notebook Manager\almxptray.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\jet95\JETSTAT.EXE
C:\Program Files\Fichiers communs\efax\dllcmd32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\jet95\jsdaemon.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\MV\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Etat de HP LaserJet 3150.lnk = C:\jet95\JETSTAT.EXE
O4 - Global Startup: Live Menu.lnk = C:\Program Files\Fichiers communs\efax\dllcmd32.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127421482614
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O20 - Winlogon Notify: winnsw32 - C:\WINDOWS\SYSTEM32\winnsw32.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: jsdaemon - JetFax, Inc. - c:\jet95\jsdaemon.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
0
Réponse 4 / 8
bernie61
 
salut
tu peux vérifier ce process là
C:\WINDOWS\SYSTEM32\winnsw32.dll

à cette adresse
à vérifier là http://virusscan.jotti.org/ fichier par fichier Parcourir puis SEND lance ce multiple scanneur antivirus
a+
0
VUIILLEMOUN
 
Service load: 0% 100%

File: winnsw32.dll
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 ddea8f6e10215822122cc03244ed4318
Packers detected: -
Scanner results
AntiVir Found Trojan/Zapchast.p.DLL
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found Generic.CGK
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found BACKDOOR.Trojan (probable variant)
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found Trojan.Win32.Zapchast.p
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
salut
utilise ceci
telecharge ceci
http://www.downloads.subratam.org/l2mfix.exe
decompresse le double clik sur l2mfix.bat appuie sur n importe quelle touche et ensuite choisi l option 2

et recherche et suppr ceci
C:\WINDOWS\SYSTEM32\winnsw32.dll
0
Réponse 6 / 8
Utilisateur anonyme
 
salut balltrap
je te souhaites une bonne soiree a toi ainsi qu a moe !

Bonne nuit a vous 2
A demain
0
Réponse 7 / 8
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
bonne nuit quentin
et a la fin de la semaine je v est faire un tour du cote de la capital
0
Réponse 8 / 8
bernie61
 
salut à tous
Vuillemoun
Installe vite les mises à jour Win XP et installe un Firewall sinon ce qu'on fait ne sert à rien
a+
0

Discussions similaires

impossible de voir les photos et videos sur une conversation messenger
cortomaltese83 -
Oceii -

4 réponses
Probleme d'affichage google chrome
flyingvvv -
helo -

5 réponses
Problème d'affichage d'une page web.
mk51 -
mk51 -

33 réponses
Facebook ne s'affiche plus correctement.
Twibault -
Delsud -

36 réponses
Problème d'affichage/bugs graphiques sur Chrome sur Android
Narell -
Narell -

4 réponses