Fenetre duf et popup
Fermé
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
-
13 mars 2006 à 00:26
Banhurle Messages postés 7 Date d'inscription lundi 13 mars 2006 Statut Membre Dernière intervention 14 mars 2006 - 14 mars 2006 à 19:13
Banhurle Messages postés 7 Date d'inscription lundi 13 mars 2006 Statut Membre Dernière intervention 14 mars 2006 - 14 mars 2006 à 19:13
A voir également:
- Fenetre duf et popup
- Fenêtre dos - Forum Windows
- Popup firefox - Guide
- Gestionnaire de fenetre du bureau ✓ - Forum Windows 10
- Fenetre privée - Guide
- Fenetre qui s'ouvre sur le mauvais écran ✓ - Forum Windows
8 réponses
Salut,
télécharges hijackthis:
http://www.hijackthis.de/downloads/hijackthis_199.zip
Installe le dans son propre dossier:
-cliques droit sur le bureau, nouveau dossier, installes-le dedans.
Lance le, cliques sur "do a system scan and save logfile"
Puis copies et colles le rapport ici.
télécharges hijackthis:
http://www.hijackthis.de/downloads/hijackthis_199.zip
Installe le dans son propre dossier:
-cliques droit sur le bureau, nouveau dossier, installes-le dedans.
Lance le, cliques sur "do a system scan and save logfile"
Puis copies et colles le rapport ici.
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
13 mars 2006 à 17:16
13 mars 2006 à 17:16
Merci de prendre sur votre temps pour me dépanner, voici le fichier demandé
Logfile of HijackThis v1.99.1
Scan saved at 17:15:57, on 13/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\windows\eee2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\onrs\iass.exe
C:\Program Files\?dobe\r?gsvr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [wahm] C:\windows\eee2.exe
O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Soca] "C:\Program Files\onrs\iass.exe" -vt yazb
O4 - HKCU\..\Run: [Pgorr] C:\Program Files\?dobe\r?gsvr32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Logfile of HijackThis v1.99.1
Scan saved at 17:15:57, on 13/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\windows\eee2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\onrs\iass.exe
C:\Program Files\?dobe\r?gsvr32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [wahm] C:\windows\eee2.exe
O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Soca] "C:\Program Files\onrs\iass.exe" -vt yazb
O4 - HKCU\..\Run: [Pgorr] C:\Program Files\?dobe\r?gsvr32.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
balltrap34
Messages postés
16240
Date d'inscription
jeudi 8 janvier 2004
Statut
Contributeur sécurité
Dernière intervention
28 novembre 2009
329
13 mars 2006 à 18:05
13 mars 2006 à 18:05
salut :
****************************************************************
► imprime ceci pour ne rien oublier et tous faire
tous faire dans l ordre imperativement
****************************************************************
► tous da bord telecharge ces programmes si tu ne les a pas et met les a jour mais ne les utilise pas encore et verifie que tu as les bonnes version c est imperatif
♪ ad-aware (1)version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
***
♪ spybot (2)version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
tuto animée d instalation d hijackthis http://pageperso.aol.fr/balltrap34/Hijenr.gif
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
***
et aussi ceci
♪ CleanUp40.exe(3)
voir demo
http://pageperso.aol.fr/balltrap34/democleanup.htm
***
****************************************************************
► assure toi de ceci
Affiche tous les fichiers et dossiers :
cliquer sur démarrer/panneau de configuration/option des dossiers/affichage
Cocher afficher les dossiers cacher
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décocher masquer les extensions dont le type est connu
Puis fais «Ok» pour valider les changements.
Et appliquer
****************************************************************
► vide tes fichiers temps et tempory internet file sur tous les utilisateur
utilise ceci pour le faire
♪http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
****************************************************************
►
****************************************************************
► relance hijack coche ces lignes et ensuite clik sur fix
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [wahm] C:\windows\eee2.exe
O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe
O4 - HKCU\..\Run: [Soca] "C:\Program Files\onrs\iass.exe" -vt yazb
O4 - HKCU\..\Run: [Pgorr] C:\Program Files\?dobe\r?gsvr32.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
****************************************************************
►
****************************************************************
► redemarre en mode sans echec
mode sans echec pour cela tu tapote la touche f8
des le debut de l allumage du pc sans t arreter
une fenetre vas souvrir tute deplace avec les fleches du clavier sur demarreren mode sans echec
une fois sur le bureau il ni auras pas toutes les couleurs et autres c est normal.si f8 ne marche pas utilise la touche f5
****************************************************************
► recherche et suppr ceci
C:\windows\eee2.exe
C:\Program Files\onrs<==le dossier
C:\Program Files\?dobe<==le dossier
****************************************************************
►
****************************************************************
►passe adaware et vire tous se qu il trouve
****************************************************************
►passe spy boot et vire tous se qu il trouvent
****************************************************************
tu vide ta poubelle et tu redemarre en mode normal et refait un hijack
et precise ou en sont tes soucis
--
****************************************************************
► imprime ceci pour ne rien oublier et tous faire
tous faire dans l ordre imperativement
****************************************************************
► tous da bord telecharge ces programmes si tu ne les a pas et met les a jour mais ne les utilise pas encore et verifie que tu as les bonnes version c est imperatif
♪ ad-aware (1)version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip
***
♪ spybot (2)version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
tuto animée d instalation d hijackthis http://pageperso.aol.fr/balltrap34/Hijenr.gif
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
***
et aussi ceci
♪ CleanUp40.exe(3)
voir demo
http://pageperso.aol.fr/balltrap34/democleanup.htm
***
****************************************************************
► assure toi de ceci
Affiche tous les fichiers et dossiers :
cliquer sur démarrer/panneau de configuration/option des dossiers/affichage
Cocher afficher les dossiers cacher
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décocher masquer les extensions dont le type est connu
Puis fais «Ok» pour valider les changements.
Et appliquer
****************************************************************
► vide tes fichiers temps et tempory internet file sur tous les utilisateur
utilise ceci pour le faire
♪http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
****************************************************************
►
****************************************************************
► relance hijack coche ces lignes et ensuite clik sur fix
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [wahm] C:\windows\eee2.exe
O4 - HKLM\..\Run: [ahkw] C:\windows\eee2.exe
O4 - HKCU\..\Run: [Soca] "C:\Program Files\onrs\iass.exe" -vt yazb
O4 - HKCU\..\Run: [Pgorr] C:\Program Files\?dobe\r?gsvr32.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
****************************************************************
►
****************************************************************
► redemarre en mode sans echec
mode sans echec pour cela tu tapote la touche f8
des le debut de l allumage du pc sans t arreter
une fenetre vas souvrir tute deplace avec les fleches du clavier sur demarreren mode sans echec
une fois sur le bureau il ni auras pas toutes les couleurs et autres c est normal.si f8 ne marche pas utilise la touche f5
****************************************************************
► recherche et suppr ceci
C:\windows\eee2.exe
C:\Program Files\onrs<==le dossier
C:\Program Files\?dobe<==le dossier
****************************************************************
►
****************************************************************
►passe adaware et vire tous se qu il trouve
****************************************************************
►passe spy boot et vire tous se qu il trouvent
****************************************************************
tu vide ta poubelle et tu redemarre en mode normal et refait un hijack
et precise ou en sont tes soucis
--
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
13 mars 2006 à 23:59
13 mars 2006 à 23:59
J'ai suivi à la lettre vos conseil, tout c'est très bien passé et a ce moment tout a l'air de marcher, je n'ai plus de fenetre qui souvre seule et de pub intempestive
Chapeau Bas !!!
Milles merci, pour votre aide, ci joint le fichier hijack au cas ou vous trouveriez quelque chose de louche
Encore merci
Dominique
Logfile of HijackThis v1.99.1
Scan saved at 23:54:50, on 13/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Chapeau Bas !!!
Milles merci, pour votre aide, ci joint le fichier hijack au cas ou vous trouveriez quelque chose de louche
Encore merci
Dominique
Logfile of HijackThis v1.99.1
Scan saved at 23:54:50, on 13/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Salut,
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"
O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
cliques sur demarrer, rechercher, cherches et supprimes ce fichier:
opmjmj.exe
fais ce scan anti-virus en ligne et colles le rapport ici une fois qu'il à finit
http://www.bitdefender.com/scan8/ie.html
A++
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"
O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
cliques sur demarrer, rechercher, cherches et supprimes ce fichier:
opmjmj.exe
fais ce scan anti-virus en ligne et colles le rapport ici une fois qu'il à finit
http://www.bitdefender.com/scan8/ie.html
A++
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
>
Utilisateur anonyme
14 mars 2006 à 09:26
14 mars 2006 à 09:26
j'ai relancé Hijack et supprimé O4 - HKLM\..\Run: [opmjmj] C:\WINDOWS\opmjmj.exe
par contre le fichier en question est introuvable sur c:\
je suis au boulot là, je regarderais de nouveau ce soir, et lancerais bitedefender car je n'ai pas eu le temps ce matin.
merci encore de votre aide, je vous tiens au courant
Dominique
par contre le fichier en question est introuvable sur c:\
je suis au boulot là, je regarderais de nouveau ce soir, et lancerais bitedefender car je n'ai pas eu le temps ce matin.
merci encore de votre aide, je vous tiens au courant
Dominique
Utilisateur anonyme
>
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
14 mars 2006 à 09:33
14 mars 2006 à 09:33
Ok, pas de problémes ;-)
bon courage
bon courage
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
14 mars 2006 à 09:35
14 mars 2006 à 09:35
vous connaissez ce logiciel ?
http://www.scanforfree.com/paretologic-xoftspy/
http://www.scanforfree.com/paretologic-xoftspy/
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
14 mars 2006 à 18:49
14 mars 2006 à 18:49
voici le log :
BitDefender Online Scanner
Scan report generated at: Tue, Mar 14, 2006 - 18:34:10
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:56:52
Files
904383
Folders
6421
Boot Sectors
2
Archives
4182
Packed Files
121407
Results
Identified Viruses
19
Infected Files
34
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
44
Engines Info
Virus Definitions
319551
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Program Files\Norton AntiVirus\Quarantine\05796CAE=>(Quarantine-2)
Detected with: Adware.Gator.B
C:\Program Files\Norton AntiVirus\Quarantine\05796CAE=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\057C16AA=>(Quarantine-2)
Detected with: Adware.Gator.B
C:\Program Files\Norton AntiVirus\Quarantine\057C16AA=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\057F40A7=>(Quarantine-2)
Infected with: Trojan.Dialer.BI
C:\Program Files\Norton AntiVirus\Quarantine\057F40A7=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\057F40A7=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\05826AA3=>(Quarantine-2)
Infected with: Trojan.Downloader.Wintrim.CD
C:\Program Files\Norton AntiVirus\Quarantine\05826AA3=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2AAF747F=>(Quarantine-2)
Infected with: Trojan.Wintrim.DLL
C:\Program Files\Norton AntiVirus\Quarantine\2AAF747F=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2AAF747F=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\45D9659C.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Small.PV
C:\Program Files\Norton AntiVirus\Quarantine\45D9659C.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4B6876C0
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\4B6876C0
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4B906E95
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\4B906E95
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\50905745
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\50905745
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\50D94C8E.exe=>(Quarantine-2)
Infected with: Backdoor.Agobot.3.KS.Dam
C:\Program Files\Norton AntiVirus\Quarantine\50D94C8E.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\510868C0
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\510868C0
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\562271BF
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\562271BF
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\59C508C6
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\59C508C6
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5A1A4C68
Infected with: Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\5A1A4C68
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5EB77FF9=>(Quarantine-2)
Infected with: Trojan.Downloader.Dyfuca.DN
C:\Program Files\Norton AntiVirus\Quarantine\5EB77FF9=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5EB77FF9=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\647C7640
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\647C7640
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\689F7B57=>(Quarantine-2)
Infected with: Trojan.Wintrim.DLL
C:\Program Files\Norton AntiVirus\Quarantine\689F7B57=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\689F7B57=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6A641932
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\6A641932
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\7CF74AD6=>(Quarantine-2)
Infected with: Trojan.Downloader.Dyfuca.DN
C:\Program Files\Norton AntiVirus\Quarantine\7CF74AD6=>(Quarantine-2)
Deleted
C:\Program Files\Wanadoo\dominique.tallon\eMule0.30e\rra2.exe
Infected with: Trojan.Downloader.Vb.GY
C:\Program Files\Wanadoo\dominique.tallon\eMule0.30e\rra2.exe
Disinfection failed
C:\Program Files\Wanadoo\dominique.tallon\eMule0.30e\rra2.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP559\A0281859.dll
Infected with: Trojan.Spy.Mslagent.A
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP559\A0281859.dll
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP559\A0281859.dll
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290271.exe
Infected with: Trojan.Dyfuca.52104.B
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290271.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290271.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290272.exe
Infected with: Trojan.Dyfuca.52104.B
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290272.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290272.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290273.ocx
Infected with: Trojan.Downloader.VB.R
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290273.ocx
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290273.ocx
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)=>rra2.exe
Infected with: Trojan.Downloader.Vb.GY
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)=>rra2.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)=>rra2.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)
Updated
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe
Update failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)=>mmwork.exe
Infected with: Trojan.Downloader.VB.DF2
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)=>mmwork.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)=>mmwork.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)
Updated
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe
Update failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)=>rra2.exe
Infected with: Trojan.Downloader.Vb.GY
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)=>rra2.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)=>rra2.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)
Updated
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe
Update failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292809.exe
Infected with: Trojan.Downloader.Vb.GY
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292809.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292809.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0293057.exe
Infected with: Trojan.LowZones.CD
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0293057.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0293057.exe
Deleted
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Infected with: Trojan.Downloader.Rameh.C
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Disinfection failed
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Deleted
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)=>eee2.exe
Infected with: Trojan.LowZones.CD
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)=>eee2.exe
Disinfection failed
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)=>eee2.exe
Deleted
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)
Update failed
C:\WINDOWS\surv3.exe
Infected with: Trojan.Downloader.Vb.VV
C:\WINDOWS\surv3.exe
Disinfection failed
C:\WINDOWS\surv3.exe
Deleted
C:\WINDOWS\system32\EGAUTH.dll
Infected with: Trojan.P2e.AL
C:\WINDOWS\system32\EGAUTH.dll
Disinfection failed
C:\WINDOWS\system32\EGAUTH.dll
Deleted
C:\WINDOWS\system32\thinInstWRDV63ez.dll
Infected with: Trojan.Dropper.Small.OP
C:\WINDOWS\system32\thinInstWRDV63ez.dll
Disinfection failed
C:\WINDOWS\system32\thinInstWRDV63ez.dll
Deleted
BitDefender Online Scanner
Scan report generated at: Tue, Mar 14, 2006 - 18:34:10
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
01:56:52
Files
904383
Folders
6421
Boot Sectors
2
Archives
4182
Packed Files
121407
Results
Identified Viruses
19
Infected Files
34
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
44
Engines Info
Virus Definitions
319551
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Program Files\Norton AntiVirus\Quarantine\05796CAE=>(Quarantine-2)
Detected with: Adware.Gator.B
C:\Program Files\Norton AntiVirus\Quarantine\05796CAE=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\057C16AA=>(Quarantine-2)
Detected with: Adware.Gator.B
C:\Program Files\Norton AntiVirus\Quarantine\057C16AA=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\057F40A7=>(Quarantine-2)
Infected with: Trojan.Dialer.BI
C:\Program Files\Norton AntiVirus\Quarantine\057F40A7=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\057F40A7=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\05826AA3=>(Quarantine-2)
Infected with: Trojan.Downloader.Wintrim.CD
C:\Program Files\Norton AntiVirus\Quarantine\05826AA3=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2AAF747F=>(Quarantine-2)
Infected with: Trojan.Wintrim.DLL
C:\Program Files\Norton AntiVirus\Quarantine\2AAF747F=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2AAF747F=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\45D9659C.exe=>(Quarantine-2)
Infected with: Trojan.Dropper.Small.PV
C:\Program Files\Norton AntiVirus\Quarantine\45D9659C.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4B6876C0
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\4B6876C0
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4B906E95
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\4B906E95
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\50905745
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\50905745
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\50D94C8E.exe=>(Quarantine-2)
Infected with: Backdoor.Agobot.3.KS.Dam
C:\Program Files\Norton AntiVirus\Quarantine\50D94C8E.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\510868C0
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\510868C0
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\562271BF
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\562271BF
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\59C508C6
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\59C508C6
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5A1A4C68
Infected with: Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\5A1A4C68
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5EB77FF9=>(Quarantine-2)
Infected with: Trojan.Downloader.Dyfuca.DN
C:\Program Files\Norton AntiVirus\Quarantine\5EB77FF9=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5EB77FF9=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\647C7640
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\647C7640
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\689F7B57=>(Quarantine-2)
Infected with: Trojan.Wintrim.DLL
C:\Program Files\Norton AntiVirus\Quarantine\689F7B57=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\689F7B57=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6A641932
Infected with: Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\6A641932
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\7CF74AD6=>(Quarantine-2)
Infected with: Trojan.Downloader.Dyfuca.DN
C:\Program Files\Norton AntiVirus\Quarantine\7CF74AD6=>(Quarantine-2)
Deleted
C:\Program Files\Wanadoo\dominique.tallon\eMule0.30e\rra2.exe
Infected with: Trojan.Downloader.Vb.GY
C:\Program Files\Wanadoo\dominique.tallon\eMule0.30e\rra2.exe
Disinfection failed
C:\Program Files\Wanadoo\dominique.tallon\eMule0.30e\rra2.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP559\A0281859.dll
Infected with: Trojan.Spy.Mslagent.A
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP559\A0281859.dll
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP559\A0281859.dll
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290271.exe
Infected with: Trojan.Dyfuca.52104.B
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290271.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290271.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290272.exe
Infected with: Trojan.Dyfuca.52104.B
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290272.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290272.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290273.ocx
Infected with: Trojan.Downloader.VB.R
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290273.ocx
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP576\A0290273.ocx
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)=>rra2.exe
Infected with: Trojan.Downloader.Vb.GY
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)=>rra2.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)=>rra2.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe=>(ZIP Sfx o)
Updated
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292805.exe
Update failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)=>mmwork.exe
Infected with: Trojan.Downloader.VB.DF2
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)=>mmwork.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)=>mmwork.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe=>(ZIP Sfx o)
Updated
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292806.exe
Update failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)=>rra2.exe
Infected with: Trojan.Downloader.Vb.GY
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)=>rra2.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)=>rra2.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe=>(ZIP Sfx o)
Updated
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292807.exe
Update failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292809.exe
Infected with: Trojan.Downloader.Vb.GY
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292809.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0292809.exe
Deleted
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0293057.exe
Infected with: Trojan.LowZones.CD
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0293057.exe
Disinfection failed
C:\System Volume Information\_restore{BCAE6C3F-02DA-43FB-9B05-91249E249FBA}\RP585\A0293057.exe
Deleted
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Infected with: Trojan.Downloader.Rameh.C
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Disinfection failed
C:\WINDOWS\Downloaded Program Files\ATPartners.inf
Deleted
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)=>eee2.exe
Infected with: Trojan.LowZones.CD
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)=>eee2.exe
Disinfection failed
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)=>eee2.exe
Deleted
C:\WINDOWS\eeedo.exe=>(RAR Sfx o)
Update failed
C:\WINDOWS\surv3.exe
Infected with: Trojan.Downloader.Vb.VV
C:\WINDOWS\surv3.exe
Disinfection failed
C:\WINDOWS\surv3.exe
Deleted
C:\WINDOWS\system32\EGAUTH.dll
Infected with: Trojan.P2e.AL
C:\WINDOWS\system32\EGAUTH.dll
Disinfection failed
C:\WINDOWS\system32\EGAUTH.dll
Deleted
C:\WINDOWS\system32\thinInstWRDV63ez.dll
Infected with: Trojan.Dropper.Small.OP
C:\WINDOWS\system32\thinInstWRDV63ez.dll
Disinfection failed
C:\WINDOWS\system32\thinInstWRDV63ez.dll
Deleted
Banhurle
Messages postés
7
Date d'inscription
lundi 13 mars 2006
Statut
Membre
Dernière intervention
14 mars 2006
14 mars 2006 à 19:13
14 mars 2006 à 19:13
et un petit hijack pour la route:
Logfile of HijackThis v1.99.1
Scan saved at 19:12:58, on 14/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Logfile of HijackThis v1.99.1
Scan saved at 19:12:58, on 14/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.5.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe