Cheval de Troie : De l'aide !! - Page 2
Résolu
Précédent
- 1
- 2
- 3
Suivant
Salut,
bon we j'espère
voici le rapport de Vundo (je l'ai lancé 2 fois) :
VundoFix V6.2.1
Checking Java version...
Sun Java not detected
Scan started at 20:42:41 09/10/2006
Listing files found while scanning....
C:\WINNT\system32\ffulilkk.dll
C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\hhwutdwv.dll
C:\WINNT\system32\qoxoneqg.dll
C:\WINNT\system32\tvsgkipe.dll
C:\WINNT\system32\umbembxy.dll
C:\WINNT\system32\yqlpeygw.exe
C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
Beginning removal...
Attempting to delete C:\WINNT\system32\ffulilkk.dll
C:\WINNT\system32\ffulilkk.dll Has been deleted!
Attempting to delete C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.ini Has been deleted!
Attempting to delete C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak1 Has been deleted!
Attempting to delete C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\yybeg.bak2 Has been deleted!
Attempting to delete C:\WINNT\system32\hhwutdwv.dll
C:\WINNT\system32\hhwutdwv.dll Has been deleted!
Attempting to delete C:\WINNT\system32\qoxoneqg.dll
C:\WINNT\system32\qoxoneqg.dll Has been deleted!
Attempting to delete C:\WINNT\system32\tvsgkipe.dll
C:\WINNT\system32\tvsgkipe.dll Has been deleted!
Attempting to delete C:\WINNT\system32\umbembxy.dll
C:\WINNT\system32\umbembxy.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yqlpeygw.exe
C:\WINNT\system32\yqlpeygw.exe Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.2.1
Checking Java version...
Sun Java not detected
Scan started at 20:48:03 09/10/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
Celui de HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 20:56:00, on 09/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\WINNT\system32\92861357.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - C:\WINNT\system32\gebyy.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINNT\system32\msqgbcal.dll (file missing)
O2 - BHO: (no name) - {D12CF65C-9EF6-44F2-A475-B727085FD7CC} - C:\WINNT\system32\pmnlmjh.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: pmnlmjh - C:\WINNT\SYSTEM32\pmnlmjh.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Bonne soirée
Claire
bon we j'espère
voici le rapport de Vundo (je l'ai lancé 2 fois) :
VundoFix V6.2.1
Checking Java version...
Sun Java not detected
Scan started at 20:42:41 09/10/2006
Listing files found while scanning....
C:\WINNT\system32\ffulilkk.dll
C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\hhwutdwv.dll
C:\WINNT\system32\qoxoneqg.dll
C:\WINNT\system32\tvsgkipe.dll
C:\WINNT\system32\umbembxy.dll
C:\WINNT\system32\yqlpeygw.exe
C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak2
Beginning removal...
Attempting to delete C:\WINNT\system32\ffulilkk.dll
C:\WINNT\system32\ffulilkk.dll Has been deleted!
Attempting to delete C:\WINNT\system32\gebyy.dll
C:\WINNT\system32\gebyy.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yybeg.ini
C:\WINNT\system32\yybeg.ini Has been deleted!
Attempting to delete C:\WINNT\system32\yybeg.bak1
C:\WINNT\system32\yybeg.bak1 Has been deleted!
Attempting to delete C:\WINNT\system32\yybeg.bak2
C:\WINNT\system32\yybeg.bak2 Has been deleted!
Attempting to delete C:\WINNT\system32\hhwutdwv.dll
C:\WINNT\system32\hhwutdwv.dll Has been deleted!
Attempting to delete C:\WINNT\system32\qoxoneqg.dll
C:\WINNT\system32\qoxoneqg.dll Has been deleted!
Attempting to delete C:\WINNT\system32\tvsgkipe.dll
C:\WINNT\system32\tvsgkipe.dll Has been deleted!
Attempting to delete C:\WINNT\system32\umbembxy.dll
C:\WINNT\system32\umbembxy.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yqlpeygw.exe
C:\WINNT\system32\yqlpeygw.exe Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.2.1
Checking Java version...
Sun Java not detected
Scan started at 20:48:03 09/10/2006
Listing files found while scanning....
No infected files were found.
Beginning removal...
Celui de HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 20:56:00, on 09/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\WINNT\system32\92861357.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - C:\WINNT\system32\gebyy.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - C:\WINNT\system32\msqgbcal.dll (file missing)
O2 - BHO: (no name) - {D12CF65C-9EF6-44F2-A475-B727085FD7CC} - C:\WINNT\system32\pmnlmjh.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: pmnlmjh - C:\WINNT\SYSTEM32\pmnlmjh.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Bonne soirée
Claire
Salut,
j'espère que tu ne nous as pas oublié car il reste encore quelques chevaux.
Merci de ton aide.
(Le message est passé en résolu : est-ce normal ?)
Bonne journée.
j'espère que tu ne nous as pas oublié car il reste encore quelques chevaux.
Merci de ton aide.
(Le message est passé en résolu : est-ce normal ?)
Bonne journée.
voilà
Logfile of HijackThis v1.99.1
Scan saved at 19:59:38, on 14/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINNT\system32\ssqpm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Merci
Bonne soirée
Logfile of HijackThis v1.99.1
Scan saved at 19:59:38, on 14/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\scan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O20 - Winlogon Notify: ssqpm - C:\WINNT\system32\ssqpm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Merci
Bonne soirée
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le rapport mais juste avant de demander de rebooter il me dit qu'il est impossible d'ouvrir Vundo....reg.
(je l'ai fait 3 fois)
Sun Java not detected
Scan started at 20:15:52 14/10/2006
Listing files found while scanning....
C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\mpqss.ini
C:\WINNT\system32\mpqss.bak1
C:\WINNT\system32\mpqss.bak2
Beginning removal...
Attempting to delete C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\ssqpm.dll Has been deleted!
Attempting to delete C:\WINNT\system32\mpqss.ini
C:\WINNT\system32\mpqss.ini Has been deleted!
Attempting to delete C:\WINNT\system32\mpqss.bak1
C:\WINNT\system32\mpqss.bak1 Has been deleted!
Attempting to delete C:\WINNT\system32\mpqss.bak2
C:\WINNT\system32\mpqss.bak2 Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.2.2
Checking Java version...
Sun Java not detected
Scan started at 20:21:36 14/10/2006
Listing files found while scanning....
C:\WINNT\system32\byxxxvv.dll
C:\WINNT\system32\cbxvuro.dll
C:\WINNT\system32\cbxwwtu.dll
C:\WINNT\system32\ddccyxv.dll
C:\WINNT\system32\efcawwu.dll
C:\WINNT\system32\efccdaa.dll
C:\WINNT\system32\efcdded.dll
C:\WINNT\system32\efcywxx.dll
C:\WINNT\system32\gebbccd.dll
C:\WINNT\system32\hggddee.dll
C:\WINNT\system32\hggeedc.dll
C:\WINNT\system32\hggfeee.dll
C:\WINNT\system32\hgggdab.dll
C:\WINNT\system32\iifdeff.dll
C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\jkkkkkl.dll
C:\WINNT\system32\khfcayx.dll
C:\WINNT\system32\khffdby.dll
C:\WINNT\system32\khfgfda.dll
C:\WINNT\system32\ljjihed.dll
C:\WINNT\system32\ljjklii.dll
C:\WINNT\system32\nnnkjij.dll
C:\WINNT\system32\nnnomnk.dll
C:\WINNT\system32\opnkkll.dll
C:\WINNT\system32\opnljjh.dll
C:\WINNT\system32\opnllml.dll
C:\WINNT\system32\pmnkhee.dll
C:\WINNT\system32\pmnlmjh.dll
C:\WINNT\system32\pmnmmli.dll
C:\WINNT\system32\qomklmn.dll
C:\WINNT\system32\qommjjh.dll
C:\WINNT\system32\rqrpmli.dll
C:\WINNT\system32\rqrqnnn.dll
C:\WINNT\system32\ssqrqpq.dll
C:\WINNT\system32\tuvuspo.dll
C:\WINNT\system32\urqolmm.dll
C:\WINNT\system32\vtutstt.dll
C:\WINNT\system32\wvurqpo.dll
C:\WINNT\system32\xxyxuvu.dll
C:\WINNT\system32\yayaxvw.dll
C:\WINNT\system32\yayvvwt.dll
Beginning removal...
Attempting to delete C:\WINNT\system32\byxxxvv.dll
C:\WINNT\system32\byxxxvv.dll Has been deleted!
Attempting to delete C:\WINNT\system32\cbxvuro.dll
C:\WINNT\system32\cbxvuro.dll Has been deleted!
Attempting to delete C:\WINNT\system32\cbxwwtu.dll
C:\WINNT\system32\cbxwwtu.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ddccyxv.dll
C:\WINNT\system32\ddccyxv.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efcawwu.dll
C:\WINNT\system32\efcawwu.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efccdaa.dll
C:\WINNT\system32\efccdaa.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efcdded.dll
C:\WINNT\system32\efcdded.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efcywxx.dll
C:\WINNT\system32\efcywxx.dll Has been deleted!
Attempting to delete C:\WINNT\system32\gebbccd.dll
C:\WINNT\system32\gebbccd.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hggddee.dll
C:\WINNT\system32\hggddee.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hggeedc.dll
C:\WINNT\system32\hggeedc.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hggfeee.dll
C:\WINNT\system32\hggfeee.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hgggdab.dll
C:\WINNT\system32\hgggdab.dll Has been deleted!
Attempting to delete C:\WINNT\system32\iifdeff.dll
C:\WINNT\system32\iifdeff.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\ikfnipus.dll Has been deleted!
Attempting to delete C:\WINNT\system32\jkkkkkl.dll
C:\WINNT\system32\jkkkkkl.dll Has been deleted!
Attempting to delete C:\WINNT\system32\khfcayx.dll
C:\WINNT\system32\khfcayx.dll Has been deleted!
Attempting to delete C:\WINNT\system32\khffdby.dll
C:\WINNT\system32\khffdby.dll Has been deleted!
Attempting to delete C:\WINNT\system32\khfgfda.dll
C:\WINNT\system32\khfgfda.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ljjihed.dll
C:\WINNT\system32\ljjihed.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ljjklii.dll
C:\WINNT\system32\ljjklii.dll Has been deleted!
Attempting to delete C:\WINNT\system32\nnnkjij.dll
C:\WINNT\system32\nnnkjij.dll Has been deleted!
Attempting to delete C:\WINNT\system32\nnnomnk.dll
C:\WINNT\system32\nnnomnk.dll Has been deleted!
Attempting to delete C:\WINNT\system32\opnkkll.dll
C:\WINNT\system32\opnkkll.dll Has been deleted!
Attempting to delete C:\WINNT\system32\opnljjh.dll
C:\WINNT\system32\opnljjh.dll Has been deleted!
Attempting to delete C:\WINNT\system32\opnllml.dll
C:\WINNT\system32\opnllml.dll Has been deleted!
Attempting to delete C:\WINNT\system32\pmnkhee.dll
C:\WINNT\system32\pmnkhee.dll Has been deleted!
Attempting to delete C:\WINNT\system32\pmnlmjh.dll
C:\WINNT\system32\pmnlmjh.dll Has been deleted!
Attempting to delete C:\WINNT\system32\pmnmmli.dll
C:\WINNT\system32\pmnmmli.dll Has been deleted!
Attempting to delete C:\WINNT\system32\qomklmn.dll
C:\WINNT\system32\qomklmn.dll Has been deleted!
Attempting to delete C:\WINNT\system32\qommjjh.dll
C:\WINNT\system32\qommjjh.dll Has been deleted!
Attempting to delete C:\WINNT\system32\rqrpmli.dll
C:\WINNT\system32\rqrpmli.dll Has been deleted!
Attempting to delete C:\WINNT\system32\rqrqnnn.dll
C:\WINNT\system32\rqrqnnn.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ssqrqpq.dll
C:\WINNT\system32\ssqrqpq.dll Has been deleted!
Attempting to delete C:\WINNT\system32\tuvuspo.dll
C:\WINNT\system32\tuvuspo.dll Has been deleted!
Attempting to delete C:\WINNT\system32\urqolmm.dll
C:\WINNT\system32\urqolmm.dll Has been deleted!
Attempting to delete C:\WINNT\system32\vtutstt.dll
C:\WINNT\system32\vtutstt.dll Has been deleted!
Attempting to delete C:\WINNT\system32\wvurqpo.dll
C:\WINNT\system32\wvurqpo.dll Has been deleted!
Attempting to delete C:\WINNT\system32\xxyxuvu.dll
C:\WINNT\system32\xxyxuvu.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yayaxvw.dll
C:\WINNT\system32\yayaxvw.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yayvvwt.dll
C:\WINNT\system32\yayvvwt.dll Has been deleted!
Performing Repairs to the registry.
Done!
Sun Java not detected
Scan started at 20:27:55 14/10/2006
Listing files found while scanning....
No infected files were found.
(je l'ai fait 3 fois)
Sun Java not detected
Scan started at 20:15:52 14/10/2006
Listing files found while scanning....
C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\mpqss.ini
C:\WINNT\system32\mpqss.bak1
C:\WINNT\system32\mpqss.bak2
Beginning removal...
Attempting to delete C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\ssqpm.dll Has been deleted!
Attempting to delete C:\WINNT\system32\mpqss.ini
C:\WINNT\system32\mpqss.ini Has been deleted!
Attempting to delete C:\WINNT\system32\mpqss.bak1
C:\WINNT\system32\mpqss.bak1 Has been deleted!
Attempting to delete C:\WINNT\system32\mpqss.bak2
C:\WINNT\system32\mpqss.bak2 Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.2.2
Checking Java version...
Sun Java not detected
Scan started at 20:21:36 14/10/2006
Listing files found while scanning....
C:\WINNT\system32\byxxxvv.dll
C:\WINNT\system32\cbxvuro.dll
C:\WINNT\system32\cbxwwtu.dll
C:\WINNT\system32\ddccyxv.dll
C:\WINNT\system32\efcawwu.dll
C:\WINNT\system32\efccdaa.dll
C:\WINNT\system32\efcdded.dll
C:\WINNT\system32\efcywxx.dll
C:\WINNT\system32\gebbccd.dll
C:\WINNT\system32\hggddee.dll
C:\WINNT\system32\hggeedc.dll
C:\WINNT\system32\hggfeee.dll
C:\WINNT\system32\hgggdab.dll
C:\WINNT\system32\iifdeff.dll
C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\jkkkkkl.dll
C:\WINNT\system32\khfcayx.dll
C:\WINNT\system32\khffdby.dll
C:\WINNT\system32\khfgfda.dll
C:\WINNT\system32\ljjihed.dll
C:\WINNT\system32\ljjklii.dll
C:\WINNT\system32\nnnkjij.dll
C:\WINNT\system32\nnnomnk.dll
C:\WINNT\system32\opnkkll.dll
C:\WINNT\system32\opnljjh.dll
C:\WINNT\system32\opnllml.dll
C:\WINNT\system32\pmnkhee.dll
C:\WINNT\system32\pmnlmjh.dll
C:\WINNT\system32\pmnmmli.dll
C:\WINNT\system32\qomklmn.dll
C:\WINNT\system32\qommjjh.dll
C:\WINNT\system32\rqrpmli.dll
C:\WINNT\system32\rqrqnnn.dll
C:\WINNT\system32\ssqrqpq.dll
C:\WINNT\system32\tuvuspo.dll
C:\WINNT\system32\urqolmm.dll
C:\WINNT\system32\vtutstt.dll
C:\WINNT\system32\wvurqpo.dll
C:\WINNT\system32\xxyxuvu.dll
C:\WINNT\system32\yayaxvw.dll
C:\WINNT\system32\yayvvwt.dll
Beginning removal...
Attempting to delete C:\WINNT\system32\byxxxvv.dll
C:\WINNT\system32\byxxxvv.dll Has been deleted!
Attempting to delete C:\WINNT\system32\cbxvuro.dll
C:\WINNT\system32\cbxvuro.dll Has been deleted!
Attempting to delete C:\WINNT\system32\cbxwwtu.dll
C:\WINNT\system32\cbxwwtu.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ddccyxv.dll
C:\WINNT\system32\ddccyxv.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efcawwu.dll
C:\WINNT\system32\efcawwu.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efccdaa.dll
C:\WINNT\system32\efccdaa.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efcdded.dll
C:\WINNT\system32\efcdded.dll Has been deleted!
Attempting to delete C:\WINNT\system32\efcywxx.dll
C:\WINNT\system32\efcywxx.dll Has been deleted!
Attempting to delete C:\WINNT\system32\gebbccd.dll
C:\WINNT\system32\gebbccd.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hggddee.dll
C:\WINNT\system32\hggddee.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hggeedc.dll
C:\WINNT\system32\hggeedc.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hggfeee.dll
C:\WINNT\system32\hggfeee.dll Has been deleted!
Attempting to delete C:\WINNT\system32\hgggdab.dll
C:\WINNT\system32\hgggdab.dll Has been deleted!
Attempting to delete C:\WINNT\system32\iifdeff.dll
C:\WINNT\system32\iifdeff.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\ikfnipus.dll Has been deleted!
Attempting to delete C:\WINNT\system32\jkkkkkl.dll
C:\WINNT\system32\jkkkkkl.dll Has been deleted!
Attempting to delete C:\WINNT\system32\khfcayx.dll
C:\WINNT\system32\khfcayx.dll Has been deleted!
Attempting to delete C:\WINNT\system32\khffdby.dll
C:\WINNT\system32\khffdby.dll Has been deleted!
Attempting to delete C:\WINNT\system32\khfgfda.dll
C:\WINNT\system32\khfgfda.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ljjihed.dll
C:\WINNT\system32\ljjihed.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ljjklii.dll
C:\WINNT\system32\ljjklii.dll Has been deleted!
Attempting to delete C:\WINNT\system32\nnnkjij.dll
C:\WINNT\system32\nnnkjij.dll Has been deleted!
Attempting to delete C:\WINNT\system32\nnnomnk.dll
C:\WINNT\system32\nnnomnk.dll Has been deleted!
Attempting to delete C:\WINNT\system32\opnkkll.dll
C:\WINNT\system32\opnkkll.dll Has been deleted!
Attempting to delete C:\WINNT\system32\opnljjh.dll
C:\WINNT\system32\opnljjh.dll Has been deleted!
Attempting to delete C:\WINNT\system32\opnllml.dll
C:\WINNT\system32\opnllml.dll Has been deleted!
Attempting to delete C:\WINNT\system32\pmnkhee.dll
C:\WINNT\system32\pmnkhee.dll Has been deleted!
Attempting to delete C:\WINNT\system32\pmnlmjh.dll
C:\WINNT\system32\pmnlmjh.dll Has been deleted!
Attempting to delete C:\WINNT\system32\pmnmmli.dll
C:\WINNT\system32\pmnmmli.dll Has been deleted!
Attempting to delete C:\WINNT\system32\qomklmn.dll
C:\WINNT\system32\qomklmn.dll Has been deleted!
Attempting to delete C:\WINNT\system32\qommjjh.dll
C:\WINNT\system32\qommjjh.dll Has been deleted!
Attempting to delete C:\WINNT\system32\rqrpmli.dll
C:\WINNT\system32\rqrpmli.dll Has been deleted!
Attempting to delete C:\WINNT\system32\rqrqnnn.dll
C:\WINNT\system32\rqrqnnn.dll Has been deleted!
Attempting to delete C:\WINNT\system32\ssqrqpq.dll
C:\WINNT\system32\ssqrqpq.dll Has been deleted!
Attempting to delete C:\WINNT\system32\tuvuspo.dll
C:\WINNT\system32\tuvuspo.dll Has been deleted!
Attempting to delete C:\WINNT\system32\urqolmm.dll
C:\WINNT\system32\urqolmm.dll Has been deleted!
Attempting to delete C:\WINNT\system32\vtutstt.dll
C:\WINNT\system32\vtutstt.dll Has been deleted!
Attempting to delete C:\WINNT\system32\wvurqpo.dll
C:\WINNT\system32\wvurqpo.dll Has been deleted!
Attempting to delete C:\WINNT\system32\xxyxuvu.dll
C:\WINNT\system32\xxyxuvu.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yayaxvw.dll
C:\WINNT\system32\yayaxvw.dll Has been deleted!
Attempting to delete C:\WINNT\system32\yayvvwt.dll
C:\WINNT\system32\yayvvwt.dll Has been deleted!
Performing Repairs to the registry.
Done!
Sun Java not detected
Scan started at 20:27:55 14/10/2006
Listing files found while scanning....
No infected files were found.
Logfile of HijackThis v1.99.1
Scan saved at 00:23:21, on 15/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Hijackthis\scan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Scan saved at 00:23:21, on 15/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\IncMail.exe
C:\Program Files\Hijackthis\scan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Relance Hijack , choisi « do a scan only » coches ces lignes :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll (file missing)
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Ensuite cliques sur « fix checked ».
=====================================
recherche et supprime si présent ces fichiers en gras :
C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\enj0l11m1.dll
C:\WINNT\csrss.exe
dev.exe
====================================
Arrête ce service Microsoft Languages Service pour ça fais cette manip :
Démarrer -> executer tape services.msc clic droit sur le service cité - > propriétés et dans "type de démarrage" et mets le sur « arrêté « et « désactivé ».
et met celui là ewido anti-spyware 4.0 guard sur "manuel".
Vide ta corbeille, redémarre ton PC installe ce parefeu :
Kério (pare feu):
www.01net.com
lire le tuto: pour configurer et comprendre Kerio
https://kerio.probb.fr/
Renomme Hijack comme à l'origine et dis moi ou en sont tes probs.
a+
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O2 - BHO: (no name) - {14D1A72D-8705-11D8-B120-0040F46CB696} - (no file)
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - C:\WINNT\system32\ikfnipus.dll (file missing)
O2 - BHO: (no name) - {35D719C4-7879-4BF1-A73B-AF222DD16C30} - (no file)
O2 - BHO: (no name) - {BC0FA29E-09DF-453C-A610-32109430EFDC} - C:\WINNT\system32\ssqpm.dll (file missing)
O4 - HKLM\..\RunServices: [Windows APCI Verifier] dev.exe
O20 - Winlogon Notify: Run - C:\WINNT\system32\enj0l11m1.dll (file missing)
O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINNT\csrss.exe (file missing)
Ensuite cliques sur « fix checked ».
=====================================
recherche et supprime si présent ces fichiers en gras :
C:\WINNT\system32\ikfnipus.dll
C:\WINNT\system32\ssqpm.dll
C:\WINNT\system32\enj0l11m1.dll
C:\WINNT\csrss.exe
dev.exe
====================================
Arrête ce service Microsoft Languages Service pour ça fais cette manip :
Démarrer -> executer tape services.msc clic droit sur le service cité - > propriétés et dans "type de démarrage" et mets le sur « arrêté « et « désactivé ».
et met celui là ewido anti-spyware 4.0 guard sur "manuel".
Vide ta corbeille, redémarre ton PC installe ce parefeu :
Kério (pare feu):
www.01net.com
lire le tuto: pour configurer et comprendre Kerio
https://kerio.probb.fr/
Renomme Hijack comme à l'origine et dis moi ou en sont tes probs.
a+
On a trois fois un message de Trojan Scanner au démarrage concernant : "sockspy.dll"
dans hkey_local_machine\software\microsoft\windowsNT\currentVersion\Windows\"Applnit_DLLs"
Et le rapport Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 15:38:49, on 15/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
dans hkey_local_machine\software\microsoft\windowsNT\currentVersion\Windows\"Applnit_DLLs"
Et le rapport Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 15:38:49, on 15/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Incredimail\bin\IncMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
Apparemment tu n'as plus Bitdefender donc tu peux supprimer la dll qui en fait partie c'est à dire sockspy.dll
Donc relance Hijack et fixe cette ligne :
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
recherche et supprimes la dll (sockspy.dll ) et ça devrait le faire .
Vide ta poubelle , redémarre tono PC et dis moi ou en sont tes probs.
a+
Donc relance Hijack et fixe cette ligne :
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
recherche et supprimes la dll (sockspy.dll ) et ça devrait le faire .
Vide ta poubelle , redémarre tono PC et dis moi ou en sont tes probs.
a+
Salut,
plus de cheval à l'horizon
voici log hijack
Logfile of HijackThis v1.99.1
Scan saved at 19:42:41, on 16/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Hijackthis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
Encore une question : comment remettre les mises à jour automatiques (Windows) car tous dans la fenêtre est masquée.
Merci encore.
Bonne soirée.
plus de cheval à l'horizon
voici log hijack
Logfile of HijackThis v1.99.1
Scan saved at 19:42:41, on 16/10/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\mobsync.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Hijackthis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
Encore une question : comment remettre les mises à jour automatiques (Windows) car tous dans la fenêtre est masquée.
Merci encore.
Bonne soirée.
Ok bien ça m'a l'air clean :)
Mets ce service:
ewido anti-spyware 4.0 guard
sur "manuel" pour ça fais ceci :
Démarrer ->executer ->tape service.msc fais un clic droit sur le service cité -> propriété et dans type de démarrage mets le sur "manuel".
Encore une question : comment remettre les mises à jour automatiques (Windows) car tous dans la fenêtre est masquée.
Quelle fenêtres ?
Démarrer - > panneau de config (en affichage classique) -> mise à jour automatiques et là tu choisis le choix que tu veux.
A lire pour en savoir + ;-) :
support.microsoft.com/kb/327850/
a+
Mets ce service:
ewido anti-spyware 4.0 guard
sur "manuel" pour ça fais ceci :
Démarrer ->executer ->tape service.msc fais un clic droit sur le service cité -> propriété et dans type de démarrage mets le sur "manuel".
Encore une question : comment remettre les mises à jour automatiques (Windows) car tous dans la fenêtre est masquée.
Quelle fenêtres ?
Démarrer - > panneau de config (en affichage classique) -> mise à jour automatiques et là tu choisis le choix que tu veux.
A lire pour en savoir + ;-) :
support.microsoft.com/kb/327850/
a+
Salut,
désolée de ne pas avoir répondu plus tot.
Merci pour tes conseils
Concernant les mises à jour automatique, le pb est justement que ce dont tu me parles est tout grisé donc pas de choix possible.
D'aiileurs ce service est absent de services.msc.
Bon fin de we.
Claire
désolée de ne pas avoir répondu plus tot.
Merci pour tes conseils
Concernant les mises à jour automatique, le pb est justement que ce dont tu me parles est tout grisé donc pas de choix possible.
D'aiileurs ce service est absent de services.msc.
Bon fin de we.
Claire
fais cette vérif :
Démarrer -> panneau de config (en affichage classique) -> Outils d'administration > Services > Mise A Jour automatique > l'état est bien "démarré" et type de démarrage sur "automatique"..
a+
Démarrer -> panneau de config (en affichage classique) -> Outils d'administration > Services > Mise A Jour automatique > l'état est bien "démarré" et type de démarrage sur "automatique"..
a+
Fais ceci pour vérif dans ta base de registre :
démarrer -> executer -> tape regedit
Suis la branche de la base (BDR) :
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv
Modifier la valeur DWORD : Start
Valeur : 4 <--- mise à jour désactivé
Valeur : 3 <--- mise à jour en manuel
Valeur : 2 <--- mise à jour en auto
Si la valeur chez toi est sur 4 mets la sur 2 (ou 3 comme tu veux) et redémarre ton PC pour que la modif prenne effet.
a +
démarrer -> executer -> tape regedit
Suis la branche de la base (BDR) :
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv
Modifier la valeur DWORD : Start
Valeur : 4 <--- mise à jour désactivé
Valeur : 3 <--- mise à jour en manuel
Valeur : 2 <--- mise à jour en auto
Si la valeur chez toi est sur 4 mets la sur 2 (ou 3 comme tu veux) et redémarre ton PC pour que la modif prenne effet.
a +
Précédent
- 1
- 2
- 3
Suivant
