Virus W32.Myzor.FK@yf

feleex -  
 feleex -
Bonjour à tous
Mon PC est actuellement infecté par le virus W32.Myzor.FK@yf
Mon systeme d'exploitation est Windows XP. J'ai suivi la longue démarche conseillée par Ingognito02 et j'envoie pour finaliser tout ça le raport de hijackthis
Merci de m'aider à solutionner ce problème très lourd pour le néophite que je suis!
Feleex

Logfile of HijackThis v1.99.1
Scan saved at 19:03:31, on 05/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\MediaCodec\isamonitor.exe
C:\Program Files\MediaCodec\isamini.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\MediaCodec\pmsngr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MediaCodec\pmmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\SpywareBot\SpywareBot.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\FRANCOIS\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\MediaCodec\isaddon.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Protection Bar - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - C:\Program Files\MediaCodec\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [NI.UWA6PV_0001_N91M2107] "C:\documents and settings\francois\application data\winantiviruspro2006freeinstall_fr[1].exe" -nag
O4 - HKLM\..\Run: [spywarebot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: horologium - {7be183d2-a42d-4915-bf60-ec86fbf002cf} - C:\WINDOWS\system32\httge.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

10 réponses

  1. Utilisateur anonyme
     
    Salut,

    encore là ?

    Fait ce nettoyage: (à faire réguliérement)

    ¤Telecharges et installes ceci:
    CCleaner:
    Ccleaner

    dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
    Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

    ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

    Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici avec un nouveau rapport hijackthis
    Ewido: (reste gratuit après la période d'essai)
    Ewido

    0
    1. feleex
       
      Merci de ta réponse voici les 2 rapports ewido et hijackthis


      ewido anti-spyware - Scan Report
      ---------------------------------------------------------

      + Created at: 08:29:28 07/10/2006

      + Scan result:



      HKU\S-1-5-21-1730415981-4214988426-1634287097-1006\Software\Internet Security -> Adware.IntCodec : Cleaned.


      ::Report end

      Logfile of HijackThis v1.99.1
      Scan saved at 08:32:49, on 07/10/2006
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\eHome\ehRecvr.exe
      C:\WINDOWS\eHome\ehSched.exe
      C:\Program Files\ewido anti-spyware 4.0\guard.exe
      c:\program files\mcafee.com\agent\mcdetect.exe
      c:\PROGRA~1\mcafee.com\vso\mcshield.exe
      c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
      c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
      c:\program files\mcafee.com\vso\mcvsshld.exe
      c:\program files\mcafee.com\agent\mcagent.exe
      c:\progra~1\mcafee.com\vso\mcvsescn.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
      C:\Program Files\MediaCodec\isamonitor.exe
      C:\Program Files\MediaCodec\pmsngr.exe
      C:\WINDOWS\ehome\ehtray.exe
      C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      C:\Program Files\MediaCodec\isamini.exe
      C:\Program Files\MediaCodec\pmmon.exe
      C:\WINDOWS\stsystra.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
      C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
      C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
      C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
      C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
      C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
      C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
      C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
      C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\SpywareBot\SpywareBot.exe
      C:\Program Files\ewido anti-spyware 4.0\ewido.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\MSN Messenger\MsnMsgr.Exe
      C:\WINDOWS\system32\dllhost.exe
      C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
      C:\Program Files\Digital Line Detect\DLG.exe
      C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
      c:\progra~1\mcafee.com\vso\mcvsftsn.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\eHome\ehmsas.exe
      C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Documents and Settings\FRANCOIS\Bureau\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\MediaCodec\isaddon.dll
      O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
      O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
      O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
      O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
      O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
      O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
      O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
      O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
      O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
      O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
      O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
      O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
      O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
      O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
      O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [spywarebot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
      O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
      O4 - Global Startup: Digital Line Detect.lnk = ?
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
      O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
      O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O21 - SSODL: horologium - {7be183d2-a42d-4915-bf60-ec86fbf002cf} - (no file)
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
      O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
      O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
      O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
      O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
      O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
      O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
      O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
      O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
      O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
      O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
      O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
      O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
      0
  2. Utilisateur anonyme
     
    Salut,

    Clic sur "demarrer", "executer", tape: services.msc ,cherche dans la liste cette ligne, fais un clic droit dessus choisis "propriétés" et régle la sur "désactivé"

    O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\MediaCodec\isaddon.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O21 - SSODL: horologium - {7be183d2-a42d-4915-bf60-ec86fbf002cf} - (no file)

    Télécharge SmitfraudFix (enregistre le sur le "bureau")
    http://siri.urz.free.fr/Fix/SmitfraudFix.zip

    Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le mode sans échec)

    - Ouvre le dossier "SmitfraudFix" et double clic sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.

    Copie/colle le rapport sur le forum stp.

    A++
    0
    1. feleex
       
      Salut
      dans "executer" et "service.msc" quelle ligne dois-je desactivé service messenger... ?
      0
    2. feleex
       
      salut boulepate62
      tu vas me prendre pour un sacré boulet mais je n'arrive pas à faire redémarrer en mode sans echec et je n'arrive pas à faire la suite de ce que tu me demandes
      Comment puis je faire
      0
      1. Utilisateur anonyme > feleex
         
        Salut Feleex

        dès que tu as téléchargé SmitFraudFix, tu redémarres ton Pc et dès qu'il s'allume, tu tapotes la touche F8 pleins de fois jusqu'a ce qu'un ecran noir s'affiche et d'ou tu pourra prendre l'option mode snas echec à l'aide des flèches de ton clavier ;-)
        0
  3. Utilisateur anonyme
     
    Salut,

    n'y tiens pas compte fix juste les lignees avec hijackthis
    0
  4. feleex
     
    salut
    j'ai reussi à faire le rapport en mode sans echec mais pas a désactiver ce que tu m avais dis
    SmitFraudFix v2.105

    Rapport fait à 12:37:46,98, 09/10/2006
    Executé à partir de C:\Documents and Settings\FRANCOIS\Bureau\SmitfraudFix\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Fix executé en mode sans echec

    »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

    »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

    »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

    Nettoyage terminé.

    »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Salut,

    Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
    Une fois qu'il a terminé colle le rapport ici stp

    https://www.bitdefender.com/toolbox/
    0
  7. feleex
     
    salut voici le rapport de bitdefender

    Statistics

    Time

    00:36:33

    Files

    306478

    Folders

    3850

    Boot Sectors

    5

    Archives

    3499

    Packed Files

    32175

    Results

    Identified Viruses

    3

    Infected Files

    28

    Suspect Files

    0

    Warnings

    0

    Disinfected

    0

    Deleted Files

    28

    Engines Info

    Virus Definitions

    473816

    Engine build

    AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

    Scan plugins

    13

    Archive plugins

    38

    Unpack plugins

    6

    E-mail plugins

    6

    System plugins

    1

    Scan Settings

    First Action

    Disinfect

    Second Action

    Delete

    Heuristics

    Yes

    Enable Warnings

    Yes

    Scanned Extensions

    *;

    Exclude Extensions

    Scan Emails

    Yes

    Scan Archives

    Yes

    Scan Packed

    Yes

    Scan Files

    Yes

    Scan Boot

    Yes

    Scanned File

    Status

    C:\Program Files\MediaCodec\isaddon.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\Program Files\MediaCodec\isaddon.dll

    Disinfection failed

    C:\Program Files\MediaCodec\isaddon.dll

    Deleted

    C:\Program Files\MediaCodec\isamonitor.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\Program Files\MediaCodec\isamonitor.exe

    Disinfection failed

    C:\Program Files\MediaCodec\isamonitor.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017350.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017350.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017350.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017351.exe

    Infected with: Trojan.Fakealert.DC

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017351.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017351.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017352.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017352.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP30\A0017352.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017367.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017367.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017367.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017368.exe

    Infected with: Trojan.Fakealert.DC

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017368.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017368.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017369.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017369.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017369.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017589.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017589.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017589.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017590.exe

    Infected with: Trojan.Fakealert.DC

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017590.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017590.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017591.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017591.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017591.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017915.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017915.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017915.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017916.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017916.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017916.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017917.exe

    Infected with: Trojan.Fakealert.DC

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017917.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017917.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017943.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017943.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017943.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017944.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017944.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017944.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017945.exe

    Infected with: Trojan.Fakealert.DC

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017945.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017945.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017960.exe

    Infected with: Trojan.Fakealert.DC

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017960.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017960.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017961.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017961.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017961.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017962.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017962.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017962.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017973.exe

    Infected with: Trojan.Downloader.Zlob.ZL

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017973.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017973.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017978.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017978.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017978.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017998.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017998.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0017998.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018005.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018005.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018005.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018006.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018006.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018006.exe

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018020.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018020.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018020.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018067.dll

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018067.dll

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018067.dll

    Deleted

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018068.exe

    Infected with: Trojan.Downloader.Zlob.ZM

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018068.exe

    Disinfection failed

    C:\System Volume Information\_restore{C75D780B-5CD4-494E-AB96-5DA2A6677439}\RP31\A0018068.exe

    Deleted
    0
  8. Utilisateur anonyme
     
    Salut,

    merci, donc fait ça et remet un rapport hijackthis stp

    Alors ceci; C:\System Volume Information\_restore(voir rapport Bitdefender) indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

    Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

    ¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
    ¤ decoches la case et clic sur "appliquer" puis "ok".

    Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

    Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
    Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
    0
  9. feleex
     
    je n'ai pas réussi à créer un point de restauration, le message d'erreur est le suivant: framedyn.dll introuvable

    voici le rapport tt de même
    Logfile of HijackThis v1.99.1
    Scan saved at 22:16:17, on 09/10/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    c:\program files\mcafee.com\vso\mcvsshld.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\SpywareBot\SpywareBot.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\dllhost.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\FRANCOIS\Bureau\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
    O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [spywarebot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
    O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
    O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
    0
  10. Utilisateur anonyme
     
    Salut,

    ton rapport hijackthis me semble propre

    pour ton problème d'erreur
    télécharge cette dll
    www.dll-files.com/dllindex/dll-files.shtml?framedyn

    et tu la places dans le dossier C:\Windows\Sywtem32\ et C:\Windows\System32\wbem

    redémarre ton ordi et ça devrait fonctionner ;-)

    PS: désinstalle ce programme c'est un rogue(saloprie)
    SpywareBot
    0
  11. feleex
     
    merci pour tout
    j'ai enleve spywarbot mais je n'ai pas reussi à placer framedyn.dll ou tu me l'a dit donc pas de point de restauration
    0