Virus : PC ralenti et log Hijackthis fournie
Fermé
sam_dz
Messages postés
30
Date d'inscription
vendredi 16 juin 2006
Statut
Membre
Dernière intervention
1 juillet 2007
-
31 oct. 2006 à 22:32
Utilisateur anonyme - 1 nov. 2006 à 19:41
Utilisateur anonyme - 1 nov. 2006 à 19:41
A voir également:
- Virus : PC ralenti et log Hijackthis fournie
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Virus mcafee - Accueil - Piratage
- Tinyurl.com virus - Forum Virus
3 réponses
Utilisateur anonyme
31 oct. 2006 à 23:03
31 oct. 2006 à 23:03
Salut,
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
https://www.bitdefender.com/toolbox/
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
https://www.bitdefender.com/toolbox/
sam_dz
Messages postés
30
Date d'inscription
vendredi 16 juin 2006
Statut
Membre
Dernière intervention
1 juillet 2007
4
1 nov. 2006 à 11:46
1 nov. 2006 à 11:46
Merci de tes conseils. J'ai effectué le test, le PC a tourné toute la nuit, et plantage au petitmatin, avec pour info, 4 virus, mais sans rapport de log disponible.
J'ai fait un nouveau Hijackthis , merci de ton aide.
Logfile of HijackThis v1.99.1
Scan saved at 11:51:19, on 01/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\cisvc.exe
C:\WINNT\system32\drivers\dcfssvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
F:\Program Files\kodak\KODAK EASYSHARE Software\bin\ptssvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\WF2K.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINNT\system32\cidaemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (disabled by BHODemon)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [WinFoxV2] C:\WINNT\system32\WF2K.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINNT\web\OpenFrame.htm
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: ppctlcab -
O16 - DPF: teleir_cert -
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6c3Ryb25nIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL39m6miE0QILwMqIhbsY%2FvJiu7UJl7WZvF8VPb4eL8oAm9qEP956e87s3nS5atzOZfG0luGDlL2WYU7WZoZ1zDdAoKqXYtUXIlC0tM1yGpY2UaCJ5WBNOqn36UivxuG43utrzVfPG9e3o6WF72JgrvdGZk3o%2F4hfZoSCJSQ2O8nwTAtMVQUG6mqFnghMei6IoJ5NEkFJyLkWCxSUbE9%2FASTxmwksBWpkacMy4GSKY4CEmQ5zcxQnFExqPtyi4lxaO6CTEKHjXlYEZaq2hNQMF1DAtgTpO88XNNfUa2tja1byu0HwQ%2BDM1ENNjkP16TX3hbwcGIG23LzTvZNB4T0FZaSloKvSHmkY%2Fpn1Kv20pjrtf1sbJdxcsa90wq6Dj18oo3eoeq0cj9FS%2FrHx0JstvUPIv0F9lnPLO2ZezfNHBn4%2FtR4nOzjIfTKPTfzX%2FBA%3D%3D&RelayState=9f1e961a74788f8724702c25888484a5aaa08d23&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=UmUIBDdfgGMmYk5vOcvDMzYXNbUmI4iQC9VVrxXqIn8NfMXxIWiZjYxNvbS5jCooE6N2xerYJ0iucHrFbCgeTfsJ19%2FnYwfl65lpvlU%2FfLyKhUnsDgMpxGeJ7%2BbdMmQ0Du7hpS4m0b4PyW3AY6%2FYtj%2FF4bVWYHS0EHz4bKspk1fF7MU7cdzUjkA2Wdgcx6SMtHG0nlf6O6ql69lkG88CNVqmjCtAhq56ZZPDTOqIv0%2B9oMvUvHVgkUEIU8MKTAfzrgntZFBgdSh2fPpTRrWjJWWudj
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINNT\system32\drivers\dcfssvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINNT\system32\HPHipm11.exe
O23 - Service: ptssvc - KODAK - F:\Program Files\kodak\KODAK EASYSHARE Software\bin\ptssvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
J'ai fait un nouveau Hijackthis , merci de ton aide.
Logfile of HijackThis v1.99.1
Scan saved at 11:51:19, on 01/11/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\cisvc.exe
C:\WINNT\system32\drivers\dcfssvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
F:\Program Files\kodak\KODAK EASYSHARE Software\bin\ptssvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\WF2K.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\WINNT\system32\cidaemon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (disabled by BHODemon)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [WinFoxV2] C:\WINNT\system32\WF2K.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINNT\web\OpenFrame.htm
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: ppctlcab -
O16 - DPF: teleir_cert -
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6c3Ryb25nIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL39m6miE0QILwMqIhbsY%2FvJiu7UJl7WZvF8VPb4eL8oAm9qEP956e87s3nS5atzOZfG0luGDlL2WYU7WZoZ1zDdAoKqXYtUXIlC0tM1yGpY2UaCJ5WBNOqn36UivxuG43utrzVfPG9e3o6WF72JgrvdGZk3o%2F4hfZoSCJSQ2O8nwTAtMVQUG6mqFnghMei6IoJ5NEkFJyLkWCxSUbE9%2FASTxmwksBWpkacMy4GSKY4CEmQ5zcxQnFExqPtyi4lxaO6CTEKHjXlYEZaq2hNQMF1DAtgTpO88XNNfUa2tja1byu0HwQ%2BDM1ENNjkP16TX3hbwcGIG23LzTvZNB4T0FZaSloKvSHmkY%2Fpn1Kv20pjrtf1sbJdxcsa90wq6Dj18oo3eoeq0cj9FS%2FrHx0JstvUPIv0F9lnPLO2ZezfNHBn4%2FtR4nOzjIfTKPTfzX%2FBA%3D%3D&RelayState=9f1e961a74788f8724702c25888484a5aaa08d23&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=UmUIBDdfgGMmYk5vOcvDMzYXNbUmI4iQC9VVrxXqIn8NfMXxIWiZjYxNvbS5jCooE6N2xerYJ0iucHrFbCgeTfsJ19%2FnYwfl65lpvlU%2FfLyKhUnsDgMpxGeJ7%2BbdMmQ0Du7hpS4m0b4PyW3AY6%2FYtj%2FF4bVWYHS0EHz4bKspk1fF7MU7cdzUjkA2Wdgcx6SMtHG0nlf6O6ql69lkG88CNVqmjCtAhq56ZZPDTOqIv0%2B9oMvUvHVgkUEIU8MKTAfzrgntZFBgdSh2fPpTRrWjJWWudj
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINNT\system32\drivers\dcfssvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINNT\system32\HPHipm11.exe
O23 - Service: ptssvc - KODAK - F:\Program Files\kodak\KODAK EASYSHARE Software\bin\ptssvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Utilisateur anonyme
1 nov. 2006 à 19:41
1 nov. 2006 à 19:41
Salut,
pourquoi as tu installé Bitdefender ? désinstalle le
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (disabled by BHODemon)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O4 - HKLM\..\Run: [WinFoxV2] C:\WINNT\system32\WF2K.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O16 - DPF: ppctlcab -
O16 - DPF: teleir_cert -
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6c3Ryb25nIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL39m6miE0QILwMqIhbsY%2FvJiu7UJl7WZvF8VPb4eL8oAm9qEP956e87s3nS5atzOZfG0luGDlL2WYU7WZoZ1zDdAoKqXYtUXIlC0tM1yGpY2UaCJ5WBNOqn36UivxuG43utrzVfPG9e3o6WF72JgrvdGZk3o%2F4hfZoSCJSQ2O8nwTAtMVQUG6mqFnghMei6IoJ5NEkFJyLkWCxSUbE9%2FASTxmwksBWpkacMy4GSKY4CEmQ5zcxQnFExqPtyi4lxaO6CTEKHjXlYEZaq2hNQMF1DAtgTpO88XNNfUa2tja1byu0HwQ%2BDM1ENNjkP16TX3hbwcGIG23LzTvZNB4T0FZaSloKvSHmkY%2Fpn1Kv20pjrtf1sbJdxcsa90wq6Dj18oo3eoeq0cj9FS%2FrHx0JstvUPIv0F9lnPLO2ZezfNHBn4%2FtR4nOzjIfTKPTfzX%2FBA%3D%3D&RelayState=9f1e961a74788f8724702c25888484a5aaa08d23&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=UmUIBDdfgGMmYk5vOcvDMzYXNbUmI4iQC9VVrxXqIn8NfMXxIWiZjYxNvbS5jCooE6N2xerYJ0iucHrFbCgeTfsJ19%2FnYwfl65lpvlU%2FfLyKhUnsDgMpxGeJ7%2BbdMmQ0Du7hpS4m0b4PyW3AY6%2FYtj%2FF4bVWYHS0EHz4bKspk1fF7MU7cdzUjkA2Wdgcx6SMtHG0nlf6O6ql69lkG88CNVqmjCtAhq56ZZPDTOqIv0%2B9oMvUvHVgkUEIU8MKTAfzrgntZFBgdSh2fPpTRrWjJWWudj
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
télécharge et scanne ton PC avec ces deux logiciels et mets les rapports ici stp
A² squared: (gratuit)
A-squared
et
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici
Ewido: (reste gratuit après la période d'essai)
Ewido
pourquoi as tu installé Bitdefender ? désinstalle le
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (disabled by BHODemon)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O4 - HKLM\..\Run: [WinFoxV2] C:\WINNT\system32\WF2K.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O16 - DPF: ppctlcab -
O16 - DPF: teleir_cert -
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://fedhub.airfrance.fr/idp/eyJ2c2lkIjoidXJuOmlkcDpwcmQ6YWZyOnBmOmRtemk6c3Ryb25nIn0/SSO.saml2?SAMLRequest=lZJfT8IwFMXf%2BRRL39m6miE0QILwMqIhbsY%2FvJiu7UJl7WZvF8VPb4eL8oAm9qEP956e87s3nS5atzOZfG0luGDlL2WYU7WZoZ1zDdAoKqXYtUXIlC0tM1yGpY2UaCJ5WBNOqn36UivxuG43utrzVfPG9e3o6WF72JgrvdGZk3o%2F4hfZoSCJSQ2O8nwTAtMVQUG6mqFnghMei6IoJ5NEkFJyLkWCxSUbE9%2FASTxmwksBWpkacMy4GSKY4CEmQ5zcxQnFExqPtyi4lxaO6CTEKHjXlYEZaq2hNQMF1DAtgTpO88XNNfUa2tja1byu0HwQ%2BDM1ENNjkP16TX3hbwcGIG23LzTvZNB4T0FZaSloKvSHmkY%2Fpn1Kv20pjrtf1sbJdxcsa90wq6Dj18oo3eoeq0cj9FS%2FrHx0JstvUPIv0F9lnPLO2ZezfNHBn4%2FtR4nOzjIfTKPTfzX%2FBA%3D%3D&RelayState=9f1e961a74788f8724702c25888484a5aaa08d23&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=UmUIBDdfgGMmYk5vOcvDMzYXNbUmI4iQC9VVrxXqIn8NfMXxIWiZjYxNvbS5jCooE6N2xerYJ0iucHrFbCgeTfsJ19%2FnYwfl65lpvlU%2FfLyKhUnsDgMpxGeJ7%2BbdMmQ0Du7hpS4m0b4PyW3AY6%2FYtj%2FF4bVWYHS0EHz4bKspk1fF7MU7cdzUjkA2Wdgcx6SMtHG0nlf6O6ql69lkG88CNVqmjCtAhq56ZZPDTOqIv0%2B9oMvUvHVgkUEIU8MKTAfzrgntZFBgdSh2fPpTRrWjJWWudj
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
télécharge et scanne ton PC avec ces deux logiciels et mets les rapports ici stp
A² squared: (gratuit)
A-squared
et
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici
Ewido: (reste gratuit après la période d'essai)
Ewido
