A voir également:
- Pb svchost et besoin d'analyser mon Hijackthi
- Svchost - Guide
- Analyser et réparer disque dur externe - Guide
- Analyser performance pc - Guide
- Analyser un lien internet - Guide
- Analyser un fichier virus - Guide
13 réponses
ben13010
Messages postés
3356
Date d'inscription
vendredi 24 septembre 2004
Statut
Contributeur
Dernière intervention
5 octobre 2012
387
30 oct. 2006 à 23:24
30 oct. 2006 à 23:24
salut
jai l impression que cette entrée est illegitime
O20 - Winlogon Notify: winzoa32 - winzoa32.dll (file missing)
aucun trace sur casltecop en tous cas
je la supprimerai si j'etais toi
bye
jai l impression que cette entrée est illegitime
O20 - Winlogon Notify: winzoa32 - winzoa32.dll (file missing)
aucun trace sur casltecop en tous cas
je la supprimerai si j'etais toi
bye
Personne d'autre peut me l'analyser car en faite au bout d'un moment quand je surf je ne peux plus ouvrir de page et il faut que je redemarre mon ordi.
Merci
Merci
Utilisateur anonyme
31 oct. 2006 à 23:13
31 oct. 2006 à 23:13
Salut,
fait un clic droit sur hijackthis, renommer puis marque:
abcde.exe
Puis remet un rapport hijackthis stp
fait un clic droit sur hijackthis, renommer puis marque:
abcde.exe
Puis remet un rapport hijackthis stp
Logfile of HijackThis v1.99.1
Scan saved at 23:16:58, on 31/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
G:\eMule\emule.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hijackthis Version Française\abcde.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: emule.lnk = G:\eMule\emule.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Pourquoi tu m'as fait renommer le fichier
Scan saved at 23:16:58, on 31/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
G:\eMule\emule.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hijackthis Version Française\abcde.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: emule.lnk = G:\eMule\emule.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Pourquoi tu m'as fait renommer le fichier
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
1 nov. 2006 à 00:11
1 nov. 2006 à 00:11
Rien ne sera supprimé sauf si indiqué
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
je t'ai fait renommer le fichier car des virus peuvent s'y cacher
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5746\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
je t'ai fait renommer le fichier car des virus peuvent s'y cacher
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
KASPERSKY ONLINE SCANNER REPORT
Wednesday, November 01, 2006 9:45:39 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 1/11/2006
Kaspersky Anti-Virus database records: 223312
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
Scan Statistics
Total number of scanned objects 83169
Number of viruses found 1
Number of infected objects 2 / 0
Number of suspicious objects 0
Duration of the scan process 01:24:07
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Admin\Application Data\Bitdefender\Desktop\Profiles\asdict.dat Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\cert8.db Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\history.dat Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\key3.db Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\parent.lock Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\MSHist012006110120061102\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\~DF1822.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdfirewall.txt Object is locked skipped
C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{FA95D417-9D23-4C40-B958-764472041CE8}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp000073ea\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\eMule\Incoming\Ad-Aware SE Personal Edition Crack and Serial.exe Infected: Trojan-Downloader.Win32.Agent.aht skipped
G:\eMule\Incoming\Norton Ghost 10 Crack and Serial.exe Infected: Trojan-Downloader.Win32.Agent.aht skipped
G:\eMule\Temp\002.part Object is locked skipped
G:\eMule\Temp\006.part Object is locked skipped
G:\eMule\Temp\007.part Object is locked skipped
G:\eMule\Temp\009.part Object is locked skipped
G:\eMule\Temp\011.part Object is locked skipped
G:\eMule\Temp\022.part Object is locked skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Apparemment j'ai des problèmes avec des ,trojans je fais quoi
Wednesday, November 01, 2006 9:45:39 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 1/11/2006
Kaspersky Anti-Virus database records: 223312
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
Scan Statistics
Total number of scanned objects 83169
Number of viruses found 1
Number of infected objects 2 / 0
Number of suspicious objects 0
Duration of the scan process 01:24:07
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Admin\Application Data\Bitdefender\Desktop\Profiles\asdict.dat Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\cert8.db Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\history.dat Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\key3.db Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\parent.lock Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Admin\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Application Data\Mozilla\Firefox\Profiles\tkr8jzfo.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\MSHist012006110120061102\index.dat Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temp\~DF1822.tmp Object is locked skipped
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Admin\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Admin\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdfirewall.txt Object is locked skipped
C:\Program Files\Softwin\BitDefender10\aspdict.dat Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{FA95D417-9D23-4C40-B958-764472041CE8}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp000073ea\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\eMule\Incoming\Ad-Aware SE Personal Edition Crack and Serial.exe Infected: Trojan-Downloader.Win32.Agent.aht skipped
G:\eMule\Incoming\Norton Ghost 10 Crack and Serial.exe Infected: Trojan-Downloader.Win32.Agent.aht skipped
G:\eMule\Temp\002.part Object is locked skipped
G:\eMule\Temp\006.part Object is locked skipped
G:\eMule\Temp\007.part Object is locked skipped
G:\eMule\Temp\009.part Object is locked skipped
G:\eMule\Temp\011.part Object is locked skipped
G:\eMule\Temp\022.part Object is locked skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Apparemment j'ai des problèmes avec des ,trojans je fais quoi
Utilisateur anonyme
1 nov. 2006 à 19:26
1 nov. 2006 à 19:26
Salut,
attention avec le PeerToPeer !
à supprimer car infecté >Ad-Aware SE Personal Edition Crack and Serial.exe
à supprimer car infecté > G:\eMule\Incoming\Norton Ghost 10 Crack and Serial.exe
Ensuite, redémarre ton Pc en mode sans echec puis fait un nettoyage complet avec Ccleaner
Tu me dira ou en est ton problème ;-)
attention avec le PeerToPeer !
à supprimer car infecté >Ad-Aware SE Personal Edition Crack and Serial.exe
à supprimer car infecté > G:\eMule\Incoming\Norton Ghost 10 Crack and Serial.exe
Ensuite, redémarre ton Pc en mode sans echec puis fait un nettoyage complet avec Ccleaner
Tu me dira ou en est ton problème ;-)
Salut,
J'ai toujours le même problème au bout d'un moment impossible de surfer, je peux télécharger mais si je veux changer de page web un redémarrage est obligatoire.
Merci si quelqu'un connait ce symptôme je veux bien de l'aide sinon formatage...
J'ai toujours le même problème au bout d'un moment impossible de surfer, je peux télécharger mais si je veux changer de page web un redémarrage est obligatoire.
Merci si quelqu'un connait ce symptôme je veux bien de l'aide sinon formatage...
Utilisateur anonyme
3 nov. 2006 à 03:57
3 nov. 2006 à 03:57
Salut,
Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisis l option 1 copie le rapport ici stp
et
telecharge ça:
http://download.bleepingcomputer.com/sUBs/combofix.exe
appuyes sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisis l option 1 copie le rapport ici stp
et
telecharge ça:
http://download.bleepingcomputer.com/sUBs/combofix.exe
appuyes sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
Salut,
Voila les copies des rapports:
SmitFraudFix v2.114
Rapport fait à 13:18:16,70, 03/11/2006
Executé à partir de F:\Telechargement\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Admin\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll"
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Admin - 06-11-03 13:21:24,51 Service Pack 2
ComboFix 06.10.19 - Running from: "F:\Telechargement"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
((((((((((((((((((((((((((((((( Files Created from 2006-10-03 to 2006-11-03 ))))))))))))))))))))))))))))))))))
2006-11-01 19:42 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2006-10-28 01:15 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-28 01:15 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-28 01:15 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-28 01:15 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-27 09:21 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2006-10-27 09:21 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2006-10-27 09:21 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2006-10-25 12:32 164 --a------ C:\WINDOWS\system32\del32.bat
2006-10-25 12:31 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2006-10-13 21:03 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2006-10-08 21:49 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-03 13:23 -------- d-------- C:\Program Files\Fichiers communs
2006-11-03 13:10 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-01 19:47 -------- d-------- C:\Program Files\Norton Ghost
2006-11-01 19:46 -------- d-------- C:\Documents and Settings\Admin\Application Data\Symantec
2006-11-01 19:42 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2006-11-01 19:28 -------- d-------- C:\Documents and Settings\Admin\Application Data\Ahead
2006-11-01 19:11 -------- d-------- C:\Program Files\Fichiers communs\Ahead
2006-11-01 19:06 -------- d-------- C:\Program Files\Windows Media Player
2006-11-01 16:04 -------- d-------- C:\Program Files\Hijackthis Version Fran‡aise
2006-11-01 15:41 -------- d-------- C:\Documents and Settings\Admin\Application Data\vlc
2006-11-01 15:40 -------- d-------- C:\Program Files\VideoLAN
2006-11-01 15:22 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-11-01 14:33 -------- d-------- C:\Program Files\FpTest
2006-11-01 14:23 -------- d-------- C:\Program Files\freeBrowser
2006-10-30 22:18 -------- d-------- C:\Program Files\Symantec
2006-10-30 22:17 -------- d-------- C:\Program Files\Driver Validation
2006-10-29 18:44 -------- d-------- C:\Documents and Settings\Admin\Application Data\Sun
2006-10-29 18:42 -------- d-------- C:\Program Files\Java
2006-10-29 18:37 -------- d-------- C:\Program Files\Fichiers communs\Java
2006-10-29 10:34 -------- d-------- C:\Program Files\Fichiers communs\Softwin
2006-10-28 09:49 -------- d-------- C:\Program Files\Google
2006-10-28 01:40 -------- d-------- C:\Documents and Settings\Admin\Application Data\Lavasoft
2006-10-28 01:39 -------- d-------- C:\Program Files\Lavasoft
2006-10-28 00:56 -------- d-------- C:\Documents and Settings\Admin\Application Data\Google
2006-10-28 00:53 -------- d-------- C:\Program Files\CCleaner
2006-10-27 23:10 -------- d-------- C:\Documents and Settings\Admin\Application Data\Talkback
2006-10-27 23:09 -------- d-------- C:\Documents and Settings\Admin\Application Data\Mozilla
2006-10-27 09:21 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-26 19:24 71808 --a------ C:\WINDOWS\system32\drivers\bdfndisf.sys
2006-10-26 19:21 -------- d-------- C:\Documents and Settings\Admin\Application Data\Bitdefender
2006-10-26 19:17 -------- d-------- C:\Program Files\Softwin
2006-10-09 12:23 -------- d-------- C:\Documents and Settings\Admin\Application Data\Adobe
2006-10-07 11:49 73216 --a------ C:\WINDOWS\ST6UNST.EXE
2006-10-07 11:49 249856 --------- C:\WINDOWS\Setup1.exe
2006-10-03 06:51 -------- d-------- C:\Documents and Settings\Admin\Application Data\Opera
2006-10-01 15:45 -------- d-------- C:\Program Files\Adobe
2006-10-01 15:43 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-10-01 15:41 -------- d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-10-01 11:45 7314334 --a------ C:\WINDOWS\system32\WinTemp20584.exe
2006-10-01 10:32 -------- d-------- C:\Program Files\PSCS2
2006-09-30 11:58 49152 --a------ C:\WINDOWS\system32\apache.dll
2006-09-26 20:34 -------- d-------- C:\Documents and Settings\Admin\Application Data\HP
2006-09-26 18:59 -------- d-------- C:\Program Files\HP
2006-09-26 18:57 -------- d-------- C:\Program Files\Fichiers communs\Sonic Shared
2006-09-26 18:56 -------- d-------- C:\Program Files\Fichiers communs\HP
2006-09-26 18:53 -------- d-------- C:\Program Files\Hewlett-Packard
2006-09-26 18:52 -------- d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2006-09-23 22:11 -------- d-------- C:\Documents and Settings\Admin\Application Data\Help
2006-09-23 17:18 -------- d-------- C:\Documents and Settings\Admin\Application Data\U3
2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-31 23:22 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 13:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 12:59 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-03 13:24 901 --a------ C:\Program Files\INSTALL.LOG
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe\" /reg"
"BDAgent"="\"C:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe\""
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"Norton Ghost 10.0"="\"C:\\Program Files\\Norton Ghost\\Agent\\GhostTray.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"Config"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
5c,72,75,6e,2e,63,6d,64,00
"nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25,\
53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73,\
65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,\
79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"Config"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
5c,72,75,6e,2e,63,6d,64,00
"nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25,\
53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73,\
65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,\
79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoCDBurning"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoSMHelp"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoWelcomeScreen"=dword:00000001
"NoAutoUpdate"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"Generic Host Process"="C:\\WINDOWS\\system32\\scvhost.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoCDBurning"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoSMHelp"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoWelcomeScreen"=dword:00000001
"NoAutoUpdate"=dword:00000001
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoCDBurning"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoSMHelp"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoWelcomeScreen"=dword:00000001
"NoAutoUpdate"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\WebReg Photosmart C5100 series.job
Completion time: 06-11-03 13:23:16.96
C:\ComboFix.txt ... 06-11-03 13:23
Bon merci j'attends de tes nouvelles
Voila les copies des rapports:
SmitFraudFix v2.114
Rapport fait à 13:18:16,70, 03/11/2006
Executé à partir de F:\Telechargement\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Admin\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Admin\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll"
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Admin - 06-11-03 13:21:24,51 Service Pack 2
ComboFix 06.10.19 - Running from: "F:\Telechargement"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
((((((((((((((((((((((((((((((( Files Created from 2006-10-03 to 2006-11-03 ))))))))))))))))))))))))))))))))))
2006-11-01 19:42 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2006-10-28 01:15 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-28 01:15 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-28 01:15 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-28 01:15 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-27 09:21 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2006-10-27 09:21 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2006-10-27 09:21 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2006-10-25 12:32 164 --a------ C:\WINDOWS\system32\del32.bat
2006-10-25 12:31 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2006-10-13 21:03 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2006-10-08 21:49 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-03 13:23 -------- d-------- C:\Program Files\Fichiers communs
2006-11-03 13:10 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-01 19:47 -------- d-------- C:\Program Files\Norton Ghost
2006-11-01 19:46 -------- d-------- C:\Documents and Settings\Admin\Application Data\Symantec
2006-11-01 19:42 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2006-11-01 19:28 -------- d-------- C:\Documents and Settings\Admin\Application Data\Ahead
2006-11-01 19:11 -------- d-------- C:\Program Files\Fichiers communs\Ahead
2006-11-01 19:06 -------- d-------- C:\Program Files\Windows Media Player
2006-11-01 16:04 -------- d-------- C:\Program Files\Hijackthis Version Fran‡aise
2006-11-01 15:41 -------- d-------- C:\Documents and Settings\Admin\Application Data\vlc
2006-11-01 15:40 -------- d-------- C:\Program Files\VideoLAN
2006-11-01 15:22 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-11-01 14:33 -------- d-------- C:\Program Files\FpTest
2006-11-01 14:23 -------- d-------- C:\Program Files\freeBrowser
2006-10-30 22:18 -------- d-------- C:\Program Files\Symantec
2006-10-30 22:17 -------- d-------- C:\Program Files\Driver Validation
2006-10-29 18:44 -------- d-------- C:\Documents and Settings\Admin\Application Data\Sun
2006-10-29 18:42 -------- d-------- C:\Program Files\Java
2006-10-29 18:37 -------- d-------- C:\Program Files\Fichiers communs\Java
2006-10-29 10:34 -------- d-------- C:\Program Files\Fichiers communs\Softwin
2006-10-28 09:49 -------- d-------- C:\Program Files\Google
2006-10-28 01:40 -------- d-------- C:\Documents and Settings\Admin\Application Data\Lavasoft
2006-10-28 01:39 -------- d-------- C:\Program Files\Lavasoft
2006-10-28 00:56 -------- d-------- C:\Documents and Settings\Admin\Application Data\Google
2006-10-28 00:53 -------- d-------- C:\Program Files\CCleaner
2006-10-27 23:10 -------- d-------- C:\Documents and Settings\Admin\Application Data\Talkback
2006-10-27 23:09 -------- d-------- C:\Documents and Settings\Admin\Application Data\Mozilla
2006-10-27 09:21 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-26 19:24 71808 --a------ C:\WINDOWS\system32\drivers\bdfndisf.sys
2006-10-26 19:21 -------- d-------- C:\Documents and Settings\Admin\Application Data\Bitdefender
2006-10-26 19:17 -------- d-------- C:\Program Files\Softwin
2006-10-09 12:23 -------- d-------- C:\Documents and Settings\Admin\Application Data\Adobe
2006-10-07 11:49 73216 --a------ C:\WINDOWS\ST6UNST.EXE
2006-10-07 11:49 249856 --------- C:\WINDOWS\Setup1.exe
2006-10-03 06:51 -------- d-------- C:\Documents and Settings\Admin\Application Data\Opera
2006-10-01 15:45 -------- d-------- C:\Program Files\Adobe
2006-10-01 15:43 -------- d-------- C:\Program Files\Fichiers communs\Adobe
2006-10-01 15:41 -------- d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2006-10-01 11:45 7314334 --a------ C:\WINDOWS\system32\WinTemp20584.exe
2006-10-01 10:32 -------- d-------- C:\Program Files\PSCS2
2006-09-30 11:58 49152 --a------ C:\WINDOWS\system32\apache.dll
2006-09-26 20:34 -------- d-------- C:\Documents and Settings\Admin\Application Data\HP
2006-09-26 18:59 -------- d-------- C:\Program Files\HP
2006-09-26 18:57 -------- d-------- C:\Program Files\Fichiers communs\Sonic Shared
2006-09-26 18:56 -------- d-------- C:\Program Files\Fichiers communs\HP
2006-09-26 18:53 -------- d-------- C:\Program Files\Hewlett-Packard
2006-09-26 18:52 -------- d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2006-09-23 22:11 -------- d-------- C:\Documents and Settings\Admin\Application Data\Help
2006-09-23 17:18 -------- d-------- C:\Documents and Settings\Admin\Application Data\U3
2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-31 23:22 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 13:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 12:59 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-03 13:24 901 --a------ C:\Program Files\INSTALL.LOG
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NMBgMonitor.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe\" /reg"
"BDAgent"="\"C:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe\""
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"NeroFilterCheck"="C:\\Program Files\\Fichiers communs\\Ahead\\Lib\\NeroCheck.exe"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"Norton Ghost 10.0"="\"C:\\Program Files\\Norton Ghost\\Agent\\GhostTray.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"Config"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
5c,72,75,6e,2e,63,6d,64,00
"nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25,\
53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73,\
65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,\
79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"Config"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,\
5c,72,75,6e,2e,63,6d,64,00
"nlsf"=hex(2):63,6d,64,2e,65,78,65,20,2f,43,20,6d,6f,76,65,20,2f,59,20,22,25,\
53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,32,5c,73,79,73,73,\
65,74,75,62,2e,64,6c,6c,22,20,22,25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,\
79,73,74,65,6d,33,32,5c,73,79,73,73,65,74,75,70,2e,64,6c,6c,22,00
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoCDBurning"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoSMHelp"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoWelcomeScreen"=dword:00000001
"NoAutoUpdate"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"Generic Host Process"="C:\\WINDOWS\\system32\\scvhost.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoCDBurning"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoSMHelp"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoWelcomeScreen"=dword:00000001
"NoAutoUpdate"=dword:00000001
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoCDBurning"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoStartBanner"=hex:01,00,00,00
"NoSMHelp"=dword:00000001
"MemCheckBoxInRunDlg"=dword:00000001
"NoSMBalloonTip"=dword:00000001
"NoDesktopCleanupWizard"=dword:00000001
"NoWelcomeScreen"=dword:00000001
"NoAutoUpdate"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\WebReg Photosmart C5100 series.job
Completion time: 06-11-03 13:23:16.96
C:\ComboFix.txt ... 06-11-03 13:23
Bon merci j'attends de tes nouvelles
Utilisateur anonyme
3 nov. 2006 à 15:50
3 nov. 2006 à 15:50
Salut,
clic sur démarrer, rechercher et supprime ces fichiers:
scvhost.exe < attention à l'orthographe !
del32.bat
**Si un fichier persiste lors de la suppression fait ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Rends toi sur se site, en haut à droite clique sur "choose" tu vas dans C:, windows, system32 tu cherche le processus ci-dessous et tu cliques sur "ouvrir" dès que c'est fait tu cliques sur "send" tu attends un peu et colle le rapport ici une fois qu'il a terminé stp
http://www.virustotal.com/en/virustotalx.html
WinTemp20584.exe
clic sur démarrer, rechercher et supprime ces fichiers:
scvhost.exe < attention à l'orthographe !
del32.bat
**Si un fichier persiste lors de la suppression fait ceci:
-Redemarres ton pc, dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement
Rends toi sur se site, en haut à droite clique sur "choose" tu vas dans C:, windows, system32 tu cherche le processus ci-dessous et tu cliques sur "ouvrir" dès que c'est fait tu cliques sur "send" tu attends un peu et colle le rapport ici une fois qu'il a terminé stp
http://www.virustotal.com/en/virustotalx.html
WinTemp20584.exe
Voila par contre je n'ai pas trouvé scvhost.exe et est effacé del32.bat
le rapport
AntiVir 7.2.0.37 11.03.2006 no virus found
Authentium 4.93.8 11.03.2006 no virus found
Avast 4.7.892.0 11.03.2006 no virus found
AVG 386 11.03.2006 no virus found
BitDefender 7.2 11.03.2006 no virus found
CAT-QuickHeal 8.00 11.03.2006 no virus found
ClamAV devel-20060426 11.03.2006 no virus found
DrWeb 4.33 11.03.2006 no virus found
eTrust-InoculateIT 23.73.44 11.03.2006 no virus found
eTrust-Vet 30.3.3176 11.03.2006 no virus found
Ewido 4.0 11.03.2006 no virus found
Fortinet 2.82.0.0 11.03.2006 no virus found
F-Prot 3.16f 11.03.2006 no virus found
F-Prot4 4.2.1.29 11.03.2006 no virus found
Ikarus 0.2.65.0 11.03.2006 no virus found
Kaspersky 4.0.2.24 11.03.2006 no virus found
McAfee 4888 11.03.2006 no virus found
Microsoft 1.1609 11.03.2006 no virus found
NOD32v2 1.1852 11.03.2006 no virus found
Norman 5.80.02 11.03.2006 no virus found
Panda 9.0.0.4 11.03.2006 no virus found
Sophos 4.10.0 10.26.2006 no virus found
TheHacker 6.0.1.111 11.02.2006 no virus found
UNA 1.83 11.02.2006 no virus found
VBA32 3.11.1 11.03.2006 no virus found
VirusBuster 4.3.15:9 11.03.2006 no virus found
le rapport
AntiVir 7.2.0.37 11.03.2006 no virus found
Authentium 4.93.8 11.03.2006 no virus found
Avast 4.7.892.0 11.03.2006 no virus found
AVG 386 11.03.2006 no virus found
BitDefender 7.2 11.03.2006 no virus found
CAT-QuickHeal 8.00 11.03.2006 no virus found
ClamAV devel-20060426 11.03.2006 no virus found
DrWeb 4.33 11.03.2006 no virus found
eTrust-InoculateIT 23.73.44 11.03.2006 no virus found
eTrust-Vet 30.3.3176 11.03.2006 no virus found
Ewido 4.0 11.03.2006 no virus found
Fortinet 2.82.0.0 11.03.2006 no virus found
F-Prot 3.16f 11.03.2006 no virus found
F-Prot4 4.2.1.29 11.03.2006 no virus found
Ikarus 0.2.65.0 11.03.2006 no virus found
Kaspersky 4.0.2.24 11.03.2006 no virus found
McAfee 4888 11.03.2006 no virus found
Microsoft 1.1609 11.03.2006 no virus found
NOD32v2 1.1852 11.03.2006 no virus found
Norman 5.80.02 11.03.2006 no virus found
Panda 9.0.0.4 11.03.2006 no virus found
Sophos 4.10.0 10.26.2006 no virus found
TheHacker 6.0.1.111 11.02.2006 no virus found
UNA 1.83 11.02.2006 no virus found
VBA32 3.11.1 11.03.2006 no virus found
VirusBuster 4.3.15:9 11.03.2006 no virus found
Utilisateur anonyme
3 nov. 2006 à 20:27
3 nov. 2006 à 20:27
ok, merci je pense que l'on arrive vers la fin
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Scannes ton Pc avec ces logiciels si tu ne les as pas
Spybot
A² squared: (gratuit)
A-squared
Ad-Aware SE Personal: (en Anglais, gratuit)
Ad-aware
Dès que tu as fait tout ça dit moi ou en ets ton problème ;-)
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Scannes ton Pc avec ces logiciels si tu ne les as pas
Spybot
A² squared: (gratuit)
A-squared
Ad-Aware SE Personal: (en Anglais, gratuit)
Ad-aware
Dès que tu as fait tout ça dit moi ou en ets ton problème ;-)
