Pb avec sdfix aidez moi svp
Fermé
zoubibi
Messages postés
20
Date d'inscription
mercredi 24 janvier 2007
Statut
Membre
Dernière intervention
6 octobre 2007
-
24 janv. 2007 à 00:19
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 - 16 sept. 2007 à 17:48
philae83 Messages postés 12837 Date d'inscription mercredi 3 janvier 2007 Statut Contributeur sécurité Dernière intervention 8 décembre 2009 - 16 sept. 2007 à 17:48
7 réponses
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
24 janv. 2007 à 00:41
24 janv. 2007 à 00:41
bonsoir,
il serait préférable d'attendre qu'on te dise de l'utiliser.
si on commençait par le départ
* Télécharge HijackThis et poste le rapport stp
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
il serait préférable d'attendre qu'on te dise de l'utiliser.
si on commençait par le départ
* Télécharge HijackThis et poste le rapport stp
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm
Logfile of HijackThis v1.99.1
Scan saved at 01:20:07, on 24/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files/installers/cab/SystemDoctor2006FreeInstall_fr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://taquina0.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/bejeweled2/Oberongamesloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
voila j'espere que j'ai bien fait ca!!!!
Scan saved at 01:20:07, on 24/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files/installers/cab/SystemDoctor2006FreeInstall_fr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://taquina0.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/bejeweled2/Oberongamesloader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
voila j'espere que j'ai bien fait ca!!!!
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
24 janv. 2007 à 15:17
24 janv. 2007 à 15:17
Bonjour,
oui c'est bien ça, maintenant
* Télécharge Blacklight
https://europe.f-secure.com/exclude/blacklight/index.shtml
(de F-Secure)
(le premier de la page)
Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence;
clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport,
car des fichiers légitimes peuvent être présents, tel wbemtest.exe
oui c'est bien ça, maintenant
* Télécharge Blacklight
https://europe.f-secure.com/exclude/blacklight/index.shtml
(de F-Secure)
(le premier de la page)
Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique blbeta.exe et accepte la licence;
clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport,
sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie et colle le contenu de ce rapport dans ta prochaine réponse.
NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport,
car des fichiers légitimes peuvent être présents, tel wbemtest.exe
zoubibi
Messages postés
20
Date d'inscription
mercredi 24 janvier 2007
Statut
Membre
Dernière intervention
6 octobre 2007
24 janv. 2007 à 16:36
24 janv. 2007 à 16:36
01/24/07 16:27:03 [Info]: BlackLight Engine 1.0.55 initialized
01/24/07 16:27:03 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/24/07 16:27:03 [Note]: 7019 4
01/24/07 16:27:03 [Note]: 7005 0
01/24/07 16:27:06 [Note]: 7006 0
01/24/07 16:27:06 [Note]: 7011 1744
01/24/07 16:27:07 [Note]: 7026 0
01/24/07 16:27:07 [Note]: 7026 0
01/24/07 16:27:10 [Note]: FSRAW library version 1.7.1021
01/24/07 16:32:44 [Note]: 2000 1012
01/24/07 16:33:01 [Note]: 7007 0
Voila merci de ton aide...
01/24/07 16:27:03 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/24/07 16:27:03 [Note]: 7019 4
01/24/07 16:27:03 [Note]: 7005 0
01/24/07 16:27:06 [Note]: 7006 0
01/24/07 16:27:06 [Note]: 7011 1744
01/24/07 16:27:07 [Note]: 7026 0
01/24/07 16:27:07 [Note]: 7026 0
01/24/07 16:27:10 [Note]: FSRAW library version 1.7.1021
01/24/07 16:32:44 [Note]: 2000 1012
01/24/07 16:33:01 [Note]: 7007 0
Voila merci de ton aide...
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
24 janv. 2007 à 21:55
24 janv. 2007 à 21:55
bonsoir,
* Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
* Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
* Redémarre ton ordinateur en mode sans échec
* Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum,
avec un nouveau log Hijackthis
* Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
* Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
* Redémarre ton ordinateur en mode sans échec
* Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum,
avec un nouveau log Hijackthis
zoubibi
Messages postés
20
Date d'inscription
mercredi 24 janvier 2007
Statut
Membre
Dernière intervention
6 octobre 2007
24 janv. 2007 à 22:13
24 janv. 2007 à 22:13
SDFix: Version 1.62
24/01/2007 - 22:02:01,03
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\galante\Bureau\SDFix
Safe Mode:
Checking Services:
Name:
Path:
Restoring Windows Registry Entries
Restoring Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Files Found..
Alternate Streams Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Alice_Triway_WiFi\\Wizard\\CTD_FirmwareUpgrader.exe"="C:\\Program Files\\Alice_Triway_WiFi\\Wizard\\CTD_FirmwareUpgrader.exe:*:Enabled:CTD_FirmwareUpgrader"
"R:\\Fr_main\\tools\\CTD_FirmwareUpgrader.exe"="R:\\Fr_main\\tools\\CTD_FirmwareUpgrader.exe:*:Enabled:CTD_FirmwareUpgrader"
"C:\\Program Files\\Atlantzone\\atlantzone.exe"="C:\\Program Files\\Atlantzone\\atlantzone.exe:*:Enabled:Abyss Web Server X1"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Free Multimedia Center\\Free Multimedia Center.exe"="C:\\Program Files\\Free Multimedia Center\\Free Multimedia Center.exe:*:Enabled:Multimédia Center pour Freebox"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\DOCUME~1\galante\Bureau\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes :
C:\NTDETECT.COM
C:\Program Files\Autodesk\Autodesk Express Viewer\Setup.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
Finished
Logfile of HijackThis v1.99.1
Scan saved at 22:07:48, on 24/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
voila....
24/01/2007 - 22:02:01,03
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\galante\Bureau\SDFix
Safe Mode:
Checking Services:
Name:
Path:
Restoring Windows Registry Entries
Restoring Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Files Found..
Alternate Streams Check:
C:\WINDOWS\system32
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Alice_Triway_WiFi\\Wizard\\CTD_FirmwareUpgrader.exe"="C:\\Program Files\\Alice_Triway_WiFi\\Wizard\\CTD_FirmwareUpgrader.exe:*:Enabled:CTD_FirmwareUpgrader"
"R:\\Fr_main\\tools\\CTD_FirmwareUpgrader.exe"="R:\\Fr_main\\tools\\CTD_FirmwareUpgrader.exe:*:Enabled:CTD_FirmwareUpgrader"
"C:\\Program Files\\Atlantzone\\atlantzone.exe"="C:\\Program Files\\Atlantzone\\atlantzone.exe:*:Enabled:Abyss Web Server X1"
"C:\\WINDOWS\\system32\\svchost.exe"="C:\\WINDOWS\\system32\\svchost.exe:*:Enabled:Microsoft Update"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Free Multimedia Center\\Free Multimedia Center.exe"="C:\\Program Files\\Free Multimedia Center\\Free Multimedia Center.exe:*:Enabled:Multimédia Center pour Freebox"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
Remaining Files:
---------------
Backups Folder: - C:\DOCUME~1\galante\Bureau\SDFix\backups\backups.zip
Checking For Files with Hidden Attributes :
C:\NTDETECT.COM
C:\Program Files\Autodesk\Autodesk Express Viewer\Setup.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
Finished
Logfile of HijackThis v1.99.1
Scan saved at 22:07:48, on 24/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Update Service] "C:\Program Files\Fichiers communs\Teknum Systems\update.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
voila....
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
24 janv. 2007 à 22:40
24 janv. 2007 à 22:40
re
c déjà plus propre.
* Télécharge CCleaner.
https://www.pcastuces.com/logitheque/ccleaner.htm
Installe le dans un répertoire dédié.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner
* Lance Ccleaner pour un nettoyage complet.
------
* télécharge AVG Anti-Spyware (ewido)
https://www.avg.com/en-ww/free-antivirus-download
* tu l'installes
* lance AVG Anti-Spyware et clique sur le bouton Mise à jour.<g/ras> Patiente
puis
Lance <gras>AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option 3
"Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport".
Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
Poste le.
c déjà plus propre.
* Télécharge CCleaner.
https://www.pcastuces.com/logitheque/ccleaner.htm
Installe le dans un répertoire dédié.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner
* Lance Ccleaner pour un nettoyage complet.
------
* télécharge AVG Anti-Spyware (ewido)
https://www.avg.com/en-ww/free-antivirus-download
* tu l'installes
* lance AVG Anti-Spyware et clique sur le bouton Mise à jour.<g/ras> Patiente
puis
Lance <gras>AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option 3
"Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport".
Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
Poste le.
salut moi aussi jai telecharger sfix et jai suivi les instruction et je ne sai aps quoi faire apres si quelquen pourai maider ce serai gentil merci voici le raport : SDFix: Version 1.104
Run by Jenny on 16/09/2007 at 16:52
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
ntndis
ImagePath:
\??\C:\WINDOWS\system32\drivers\ntndis.sys
ntndis - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Service xpdx - Deleted after Reboot
Normal Mode:
Checking Files:
Trojan Files Found:
C:\Documents and Settings\Jenny\auto.txt - Deleted
C:\WINDOWS\beachpicture0.zip - Deleted
C:\WINDOWS\beachpicture15.zip - Deleted
C:\WINDOWS\beachpicture21.zip - Deleted
C:\WINDOWS\beachpicture24.zip - Deleted
C:\WINDOWS\beachpicture27.zip - Deleted
C:\WINDOWS\beachpicture3.zip - Deleted
C:\WINDOWS\beachpicture30.zip - Deleted
C:\WINDOWS\beachpicture33.zip - Deleted
C:\WINDOWS\beachpicture36.zip - Deleted
C:\WINDOWS\beachpicture39.zip - Deleted
C:\WINDOWS\beachpicture42.zip - Deleted
C:\WINDOWS\beachpicture48.zip - Deleted
C:\WINDOWS\beachpicture54.zip - Deleted
C:\WINDOWS\beachpicture6.zip - Deleted
C:\WINDOWS\beachpicture60.zip - Deleted
C:\WINDOWS\beachpicture63.zip - Deleted
C:\WINDOWS\beachpicture66.zip - Deleted
C:\WINDOWS\beachpicture69.zip - Deleted
C:\WINDOWS\beachpicture78.zip - Deleted
C:\WINDOWS\beachpicture81.zip - Deleted
C:\WINDOWS\beachpicture84.zip - Deleted
C:\WINDOWS\beachpicture87.zip - Deleted
C:\WINDOWS\beachpicture9.zip - Deleted
C:\WINDOWS\beachpicture90.zip - Deleted
C:\WINDOWS\DSC0343510.zip - Deleted
C:\WINDOWS\DSC0343513.zip - Deleted
C:\WINDOWS\DSC0343516.zip - Deleted
C:\WINDOWS\DSC0343519.zip - Deleted
C:\WINDOWS\DSC0343522.zip - Deleted
C:\WINDOWS\DSC0343525.zip - Deleted
C:\WINDOWS\DSC0343528.zip - Deleted
C:\WINDOWS\DSC0343534.zip - Deleted
C:\WINDOWS\DSC034354.zip - Deleted
C:\WINDOWS\DSC0343540.zip - Deleted
C:\WINDOWS\DSC0343543.zip - Deleted
C:\WINDOWS\DSC0343546.zip - Deleted
C:\WINDOWS\DSC0343549.zip - Deleted
C:\WINDOWS\DSC0343552.zip - Deleted
C:\WINDOWS\DSC0343555.zip - Deleted
C:\WINDOWS\DSC0343558.zip - Deleted
C:\WINDOWS\DSC0343564.zip - Deleted
C:\WINDOWS\DSC0343567.zip - Deleted
C:\WINDOWS\DSC034357.zip - Deleted
C:\WINDOWS\DSC0343570.zip - Deleted
C:\WINDOWS\DSC0343573.zip - Deleted
C:\WINDOWS\DSC0343588.zip - Deleted
C:\WINDOWS\DSC0343591.zip - Deleted
C:\WINDOWS\DSC0343594.zip - Deleted
C:\WINDOWS\DSC0343597.zip - Deleted
C:\WINDOWS\IMG12.zip - Deleted
C:\WINDOWS\IMG18.zip - Deleted
C:\WINDOWS\IMG21.zip - Deleted
C:\WINDOWS\IMG27.zip - Deleted
C:\WINDOWS\IMG3.zip - Deleted
C:\WINDOWS\IMG33.zip - Deleted
C:\WINDOWS\IMG39.zip - Deleted
C:\WINDOWS\IMG42.zip - Deleted
C:\WINDOWS\IMG45.zip - Deleted
C:\WINDOWS\IMG48.zip - Deleted
C:\WINDOWS\IMG54.zip - Deleted
C:\WINDOWS\IMG57.zip - Deleted
C:\WINDOWS\IMG6.zip - Deleted
C:\WINDOWS\IMG66.zip - Deleted
C:\WINDOWS\IMG72.zip - Deleted
C:\WINDOWS\IMG81.zip - Deleted
C:\WINDOWS\IMG8438711.zip - Deleted
C:\WINDOWS\IMG8438717.zip - Deleted
C:\WINDOWS\IMG843872.zip - Deleted
C:\WINDOWS\IMG8438720.zip - Deleted
C:\WINDOWS\IMG8438723.zip - Deleted
C:\WINDOWS\IMG8438726.zip - Deleted
C:\WINDOWS\IMG8438729.zip - Deleted
C:\WINDOWS\IMG8438732.zip - Deleted
C:\WINDOWS\IMG8438735.zip - Deleted
C:\WINDOWS\IMG8438741.zip - Deleted
C:\WINDOWS\IMG8438744.zip - Deleted
C:\WINDOWS\IMG8438747.zip - Deleted
C:\WINDOWS\IMG8438750.zip - Deleted
C:\WINDOWS\IMG8438753.zip - Deleted
C:\WINDOWS\IMG8438756.zip - Deleted
C:\WINDOWS\IMG8438759.zip - Deleted
C:\WINDOWS\IMG8438762.zip - Deleted
C:\WINDOWS\IMG8438771.zip - Deleted
C:\WINDOWS\IMG8438777.zip - Deleted
C:\WINDOWS\IMG843878.zip - Deleted
C:\WINDOWS\IMG8438780.zip - Deleted
C:\WINDOWS\IMG8438783.zip - Deleted
C:\WINDOWS\IMG8438786.zip - Deleted
C:\WINDOWS\IMG8438792.zip - Deleted
C:\WINDOWS\IMG8438795.zip - Deleted
C:\WINDOWS\IMG90.zip - Deleted
C:\WINDOWS\love0.zip - Deleted
C:\WINDOWS\love15.zip - Deleted
C:\WINDOWS\love18.zip - Deleted
C:\WINDOWS\love21.zip - Deleted
C:\WINDOWS\love24.zip - Deleted
C:\WINDOWS\love27.zip - Deleted
C:\WINDOWS\love3.zip - Deleted
C:\WINDOWS\love33.zip - Deleted
C:\WINDOWS\love36.zip - Deleted
C:\WINDOWS\love45.zip - Deleted
C:\WINDOWS\love48.zip - Deleted
C:\WINDOWS\love51.zip - Deleted
C:\WINDOWS\love6.zip - Deleted
C:\WINDOWS\love60.zip - Deleted
C:\WINDOWS\love63.zip - Deleted
C:\WINDOWS\love66.zip - Deleted
C:\WINDOWS\love75.zip - Deleted
C:\WINDOWS\love78.zip - Deleted
C:\WINDOWS\love84.zip - Deleted
C:\WINDOWS\love87.zip - Deleted
C:\WINDOWS\love9.zip - Deleted
C:\WINDOWS\love90.zip - Deleted
C:\WINDOWS\love93.zip - Deleted
C:\WINDOWS\love96.zip - Deleted
C:\WINDOWS\Photo10.zip - Deleted
C:\WINDOWS\Photo13.zip - Deleted
C:\WINDOWS\Photo16.zip - Deleted
C:\WINDOWS\Photo22.zip - Deleted
C:\WINDOWS\Photo28.zip - Deleted
C:\WINDOWS\photo3.zip - Deleted
C:\WINDOWS\Photo31.zip - Deleted
C:\WINDOWS\photo36.zip - Deleted
C:\WINDOWS\photo39.zip - Deleted
C:\WINDOWS\Photo4.zip - Deleted
C:\WINDOWS\Photo40.zip - Deleted
C:\WINDOWS\photo42.zip - Deleted
C:\WINDOWS\Photo43.zip - Deleted
C:\WINDOWS\Photo46.zip - Deleted
C:\WINDOWS\Photo49.zip - Deleted
C:\WINDOWS\Photo52.zip - Deleted
C:\WINDOWS\Photo55.zip - Deleted
C:\WINDOWS\Photo58.zip - Deleted
C:\WINDOWS\Photo61.zip - Deleted
C:\WINDOWS\Photo64.zip - Deleted
C:\WINDOWS\Photo67.zip - Deleted
C:\WINDOWS\Photo70.zip - Deleted
C:\WINDOWS\Photo73.zip - Deleted
C:\WINDOWS\Photo82.zip - Deleted
C:\WINDOWS\Photo85.zip - Deleted
C:\WINDOWS\Photo88.zip - Deleted
C:\WINDOWS\Photo91.zip - Deleted
C:\WINDOWS\Photo94.zip - Deleted
C:\WINDOWS\Photo97.zip - Deleted
C:\WINDOWS\Photos-JPG2.zip - Deleted
C:\WINDOWS\Photos-JPG20.zip - Deleted
C:\WINDOWS\Photos-JPG23.zip - Deleted
C:\WINDOWS\Photos-JPG29.zip - Deleted
C:\WINDOWS\Photos-JPG32.zip - Deleted
C:\WINDOWS\Photos-JPG41.zip - Deleted
C:\WINDOWS\Photos-JPG44.zip - Deleted
C:\WINDOWS\Photos-JPG5.zip - Deleted
C:\WINDOWS\Photos-JPG50.zip - Deleted
C:\WINDOWS\Photos-JPG56.zip - Deleted
C:\WINDOWS\Photos-JPG59.zip - Deleted
C:\WINDOWS\Photos-JPG62.zip - Deleted
C:\WINDOWS\Photos-JPG65.zip - Deleted
C:\WINDOWS\Photos-JPG68.zip - Deleted
C:\WINDOWS\Photos-JPG71.zip - Deleted
C:\WINDOWS\Photos-JPG77.zip - Deleted
C:\WINDOWS\Photos-JPG8.zip - Deleted
C:\WINDOWS\Photos-JPG86.zip - Deleted
C:\WINDOWS\Photos-JPG92.zip - Deleted
C:\WINDOWS\Photos-JPG95.zip - Deleted
C:\WINDOWS\photos052.zip - Deleted
C:\WINDOWS\photos070.zip - Deleted
C:\WINDOWS\photos076.zip - Deleted
C:\WINDOWS\PICS1.zip - Deleted
C:\WINDOWS\PICS13.zip - Deleted
C:\WINDOWS\PICS22.zip - Deleted
C:\WINDOWS\PICS31.zip - Deleted
C:\WINDOWS\PICS37.zip - Deleted
C:\WINDOWS\PICS4.zip - Deleted
C:\WINDOWS\PICS43.zip - Deleted
C:\WINDOWS\PICS52.zip - Deleted
C:\WINDOWS\PICS58.zip - Deleted
C:\WINDOWS\PICS61.zip - Deleted
C:\WINDOWS\PICS64.zip - Deleted
C:\WINDOWS\PICS67.zip - Deleted
C:\WINDOWS\PICS70.zip - Deleted
C:\WINDOWS\PICS76.zip - Deleted
C:\WINDOWS\PICS79.zip - Deleted
C:\WINDOWS\PICS85.zip - Deleted
C:\WINDOWS\PICS91.zip - Deleted
C:\WINDOWS\PICS97.zip - Deleted
C:\WINDOWS\secretimages11.zip - Deleted
C:\WINDOWS\secretimages2.zip - Deleted
C:\WINDOWS\secretimages20.zip - Deleted
C:\WINDOWS\secretimages26.zip - Deleted
C:\WINDOWS\secretimages29.zip - Deleted
C:\WINDOWS\secretimages32.zip - Deleted
C:\WINDOWS\secretimages38.zip - Deleted
C:\WINDOWS\secretimages41.zip - Deleted
C:\WINDOWS\secretimages44.zip - Deleted
C:\WINDOWS\secretimages47.zip - Deleted
C:\WINDOWS\secretimages5.zip - Deleted
C:\WINDOWS\secretimages50.zip - Deleted
C:\WINDOWS\secretimages56.zip - Deleted
C:\WINDOWS\secretimages59.zip - Deleted
C:\WINDOWS\secretimages62.zip - Deleted
C:\WINDOWS\secretimages65.zip - Deleted
C:\WINDOWS\secretimages68.zip - Deleted
C:\WINDOWS\secretimages71.zip - Deleted
C:\WINDOWS\secretimages74.zip - Deleted
C:\WINDOWS\secretimages77.zip - Deleted
C:\WINDOWS\secretimages8.zip - Deleted
C:\WINDOWS\secretimages86.zip - Deleted
C:\WINDOWS\secretimages89.zip - Deleted
C:\WINDOWS\secretimages92.zip - Deleted
C:\WINDOWS\secretimages98.zip - Deleted
C:\WINDOWS\svchost.DLL - Deleted
C:\WINDOWS\system32\syspoint.dll - Deleted
C:\WINDOWS\system32\syspoints.dll - Deleted
C:\WINDOWS\system32\xpdx.sys - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Documents and Settings\\Jenny\\szmpuh.exe"="C:\\Documents and Settings\\Jenny\\szmpuh.exe:*:Enabled:Control"
"C:\\WINDOWS\\system32\\msnmsgr.exe"="C:\\WINDOWS\\system32\\msnmsgr.exe:*:Enabled:Windows Update"
"C:\\Documents and Settings\\Jenny\\eznewf.exe"="C:\\Documents and Settings\\Jenny\\eznewf.exe:*:Enabled:Control"
"C:\\Documents and Settings\\Jenny\\mwcmnz.exe"="C:\\Documents and Settings\\Jenny\\mwcmnz.exe:*:Enabled:Control"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
C:\Documents and Settings\Jenny\Local Settings\Application Data\Microsoft\Messenger\jennydu33640@hotmail.fr\Sharing Folders\oncebobleponge@hotmail.com\Thumbs.db
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Picasa2\setup.exe
C:\WINDOWS\BricoPacks\SysFiles\79_iexplore.exe
C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
C:\WINDOWS\SoftwareDistribution\Download\5bfc2df566e0403671b1abf7e607c521\BIT39.tmp
Finished!
Run by Jenny on 16/09/2007 at 16:52
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Name:
ntndis
ImagePath:
\??\C:\WINDOWS\system32\drivers\ntndis.sys
ntndis - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Service xpdx - Deleted after Reboot
Normal Mode:
Checking Files:
Trojan Files Found:
C:\Documents and Settings\Jenny\auto.txt - Deleted
C:\WINDOWS\beachpicture0.zip - Deleted
C:\WINDOWS\beachpicture15.zip - Deleted
C:\WINDOWS\beachpicture21.zip - Deleted
C:\WINDOWS\beachpicture24.zip - Deleted
C:\WINDOWS\beachpicture27.zip - Deleted
C:\WINDOWS\beachpicture3.zip - Deleted
C:\WINDOWS\beachpicture30.zip - Deleted
C:\WINDOWS\beachpicture33.zip - Deleted
C:\WINDOWS\beachpicture36.zip - Deleted
C:\WINDOWS\beachpicture39.zip - Deleted
C:\WINDOWS\beachpicture42.zip - Deleted
C:\WINDOWS\beachpicture48.zip - Deleted
C:\WINDOWS\beachpicture54.zip - Deleted
C:\WINDOWS\beachpicture6.zip - Deleted
C:\WINDOWS\beachpicture60.zip - Deleted
C:\WINDOWS\beachpicture63.zip - Deleted
C:\WINDOWS\beachpicture66.zip - Deleted
C:\WINDOWS\beachpicture69.zip - Deleted
C:\WINDOWS\beachpicture78.zip - Deleted
C:\WINDOWS\beachpicture81.zip - Deleted
C:\WINDOWS\beachpicture84.zip - Deleted
C:\WINDOWS\beachpicture87.zip - Deleted
C:\WINDOWS\beachpicture9.zip - Deleted
C:\WINDOWS\beachpicture90.zip - Deleted
C:\WINDOWS\DSC0343510.zip - Deleted
C:\WINDOWS\DSC0343513.zip - Deleted
C:\WINDOWS\DSC0343516.zip - Deleted
C:\WINDOWS\DSC0343519.zip - Deleted
C:\WINDOWS\DSC0343522.zip - Deleted
C:\WINDOWS\DSC0343525.zip - Deleted
C:\WINDOWS\DSC0343528.zip - Deleted
C:\WINDOWS\DSC0343534.zip - Deleted
C:\WINDOWS\DSC034354.zip - Deleted
C:\WINDOWS\DSC0343540.zip - Deleted
C:\WINDOWS\DSC0343543.zip - Deleted
C:\WINDOWS\DSC0343546.zip - Deleted
C:\WINDOWS\DSC0343549.zip - Deleted
C:\WINDOWS\DSC0343552.zip - Deleted
C:\WINDOWS\DSC0343555.zip - Deleted
C:\WINDOWS\DSC0343558.zip - Deleted
C:\WINDOWS\DSC0343564.zip - Deleted
C:\WINDOWS\DSC0343567.zip - Deleted
C:\WINDOWS\DSC034357.zip - Deleted
C:\WINDOWS\DSC0343570.zip - Deleted
C:\WINDOWS\DSC0343573.zip - Deleted
C:\WINDOWS\DSC0343588.zip - Deleted
C:\WINDOWS\DSC0343591.zip - Deleted
C:\WINDOWS\DSC0343594.zip - Deleted
C:\WINDOWS\DSC0343597.zip - Deleted
C:\WINDOWS\IMG12.zip - Deleted
C:\WINDOWS\IMG18.zip - Deleted
C:\WINDOWS\IMG21.zip - Deleted
C:\WINDOWS\IMG27.zip - Deleted
C:\WINDOWS\IMG3.zip - Deleted
C:\WINDOWS\IMG33.zip - Deleted
C:\WINDOWS\IMG39.zip - Deleted
C:\WINDOWS\IMG42.zip - Deleted
C:\WINDOWS\IMG45.zip - Deleted
C:\WINDOWS\IMG48.zip - Deleted
C:\WINDOWS\IMG54.zip - Deleted
C:\WINDOWS\IMG57.zip - Deleted
C:\WINDOWS\IMG6.zip - Deleted
C:\WINDOWS\IMG66.zip - Deleted
C:\WINDOWS\IMG72.zip - Deleted
C:\WINDOWS\IMG81.zip - Deleted
C:\WINDOWS\IMG8438711.zip - Deleted
C:\WINDOWS\IMG8438717.zip - Deleted
C:\WINDOWS\IMG843872.zip - Deleted
C:\WINDOWS\IMG8438720.zip - Deleted
C:\WINDOWS\IMG8438723.zip - Deleted
C:\WINDOWS\IMG8438726.zip - Deleted
C:\WINDOWS\IMG8438729.zip - Deleted
C:\WINDOWS\IMG8438732.zip - Deleted
C:\WINDOWS\IMG8438735.zip - Deleted
C:\WINDOWS\IMG8438741.zip - Deleted
C:\WINDOWS\IMG8438744.zip - Deleted
C:\WINDOWS\IMG8438747.zip - Deleted
C:\WINDOWS\IMG8438750.zip - Deleted
C:\WINDOWS\IMG8438753.zip - Deleted
C:\WINDOWS\IMG8438756.zip - Deleted
C:\WINDOWS\IMG8438759.zip - Deleted
C:\WINDOWS\IMG8438762.zip - Deleted
C:\WINDOWS\IMG8438771.zip - Deleted
C:\WINDOWS\IMG8438777.zip - Deleted
C:\WINDOWS\IMG843878.zip - Deleted
C:\WINDOWS\IMG8438780.zip - Deleted
C:\WINDOWS\IMG8438783.zip - Deleted
C:\WINDOWS\IMG8438786.zip - Deleted
C:\WINDOWS\IMG8438792.zip - Deleted
C:\WINDOWS\IMG8438795.zip - Deleted
C:\WINDOWS\IMG90.zip - Deleted
C:\WINDOWS\love0.zip - Deleted
C:\WINDOWS\love15.zip - Deleted
C:\WINDOWS\love18.zip - Deleted
C:\WINDOWS\love21.zip - Deleted
C:\WINDOWS\love24.zip - Deleted
C:\WINDOWS\love27.zip - Deleted
C:\WINDOWS\love3.zip - Deleted
C:\WINDOWS\love33.zip - Deleted
C:\WINDOWS\love36.zip - Deleted
C:\WINDOWS\love45.zip - Deleted
C:\WINDOWS\love48.zip - Deleted
C:\WINDOWS\love51.zip - Deleted
C:\WINDOWS\love6.zip - Deleted
C:\WINDOWS\love60.zip - Deleted
C:\WINDOWS\love63.zip - Deleted
C:\WINDOWS\love66.zip - Deleted
C:\WINDOWS\love75.zip - Deleted
C:\WINDOWS\love78.zip - Deleted
C:\WINDOWS\love84.zip - Deleted
C:\WINDOWS\love87.zip - Deleted
C:\WINDOWS\love9.zip - Deleted
C:\WINDOWS\love90.zip - Deleted
C:\WINDOWS\love93.zip - Deleted
C:\WINDOWS\love96.zip - Deleted
C:\WINDOWS\Photo10.zip - Deleted
C:\WINDOWS\Photo13.zip - Deleted
C:\WINDOWS\Photo16.zip - Deleted
C:\WINDOWS\Photo22.zip - Deleted
C:\WINDOWS\Photo28.zip - Deleted
C:\WINDOWS\photo3.zip - Deleted
C:\WINDOWS\Photo31.zip - Deleted
C:\WINDOWS\photo36.zip - Deleted
C:\WINDOWS\photo39.zip - Deleted
C:\WINDOWS\Photo4.zip - Deleted
C:\WINDOWS\Photo40.zip - Deleted
C:\WINDOWS\photo42.zip - Deleted
C:\WINDOWS\Photo43.zip - Deleted
C:\WINDOWS\Photo46.zip - Deleted
C:\WINDOWS\Photo49.zip - Deleted
C:\WINDOWS\Photo52.zip - Deleted
C:\WINDOWS\Photo55.zip - Deleted
C:\WINDOWS\Photo58.zip - Deleted
C:\WINDOWS\Photo61.zip - Deleted
C:\WINDOWS\Photo64.zip - Deleted
C:\WINDOWS\Photo67.zip - Deleted
C:\WINDOWS\Photo70.zip - Deleted
C:\WINDOWS\Photo73.zip - Deleted
C:\WINDOWS\Photo82.zip - Deleted
C:\WINDOWS\Photo85.zip - Deleted
C:\WINDOWS\Photo88.zip - Deleted
C:\WINDOWS\Photo91.zip - Deleted
C:\WINDOWS\Photo94.zip - Deleted
C:\WINDOWS\Photo97.zip - Deleted
C:\WINDOWS\Photos-JPG2.zip - Deleted
C:\WINDOWS\Photos-JPG20.zip - Deleted
C:\WINDOWS\Photos-JPG23.zip - Deleted
C:\WINDOWS\Photos-JPG29.zip - Deleted
C:\WINDOWS\Photos-JPG32.zip - Deleted
C:\WINDOWS\Photos-JPG41.zip - Deleted
C:\WINDOWS\Photos-JPG44.zip - Deleted
C:\WINDOWS\Photos-JPG5.zip - Deleted
C:\WINDOWS\Photos-JPG50.zip - Deleted
C:\WINDOWS\Photos-JPG56.zip - Deleted
C:\WINDOWS\Photos-JPG59.zip - Deleted
C:\WINDOWS\Photos-JPG62.zip - Deleted
C:\WINDOWS\Photos-JPG65.zip - Deleted
C:\WINDOWS\Photos-JPG68.zip - Deleted
C:\WINDOWS\Photos-JPG71.zip - Deleted
C:\WINDOWS\Photos-JPG77.zip - Deleted
C:\WINDOWS\Photos-JPG8.zip - Deleted
C:\WINDOWS\Photos-JPG86.zip - Deleted
C:\WINDOWS\Photos-JPG92.zip - Deleted
C:\WINDOWS\Photos-JPG95.zip - Deleted
C:\WINDOWS\photos052.zip - Deleted
C:\WINDOWS\photos070.zip - Deleted
C:\WINDOWS\photos076.zip - Deleted
C:\WINDOWS\PICS1.zip - Deleted
C:\WINDOWS\PICS13.zip - Deleted
C:\WINDOWS\PICS22.zip - Deleted
C:\WINDOWS\PICS31.zip - Deleted
C:\WINDOWS\PICS37.zip - Deleted
C:\WINDOWS\PICS4.zip - Deleted
C:\WINDOWS\PICS43.zip - Deleted
C:\WINDOWS\PICS52.zip - Deleted
C:\WINDOWS\PICS58.zip - Deleted
C:\WINDOWS\PICS61.zip - Deleted
C:\WINDOWS\PICS64.zip - Deleted
C:\WINDOWS\PICS67.zip - Deleted
C:\WINDOWS\PICS70.zip - Deleted
C:\WINDOWS\PICS76.zip - Deleted
C:\WINDOWS\PICS79.zip - Deleted
C:\WINDOWS\PICS85.zip - Deleted
C:\WINDOWS\PICS91.zip - Deleted
C:\WINDOWS\PICS97.zip - Deleted
C:\WINDOWS\secretimages11.zip - Deleted
C:\WINDOWS\secretimages2.zip - Deleted
C:\WINDOWS\secretimages20.zip - Deleted
C:\WINDOWS\secretimages26.zip - Deleted
C:\WINDOWS\secretimages29.zip - Deleted
C:\WINDOWS\secretimages32.zip - Deleted
C:\WINDOWS\secretimages38.zip - Deleted
C:\WINDOWS\secretimages41.zip - Deleted
C:\WINDOWS\secretimages44.zip - Deleted
C:\WINDOWS\secretimages47.zip - Deleted
C:\WINDOWS\secretimages5.zip - Deleted
C:\WINDOWS\secretimages50.zip - Deleted
C:\WINDOWS\secretimages56.zip - Deleted
C:\WINDOWS\secretimages59.zip - Deleted
C:\WINDOWS\secretimages62.zip - Deleted
C:\WINDOWS\secretimages65.zip - Deleted
C:\WINDOWS\secretimages68.zip - Deleted
C:\WINDOWS\secretimages71.zip - Deleted
C:\WINDOWS\secretimages74.zip - Deleted
C:\WINDOWS\secretimages77.zip - Deleted
C:\WINDOWS\secretimages8.zip - Deleted
C:\WINDOWS\secretimages86.zip - Deleted
C:\WINDOWS\secretimages89.zip - Deleted
C:\WINDOWS\secretimages92.zip - Deleted
C:\WINDOWS\secretimages98.zip - Deleted
C:\WINDOWS\svchost.DLL - Deleted
C:\WINDOWS\system32\syspoint.dll - Deleted
C:\WINDOWS\system32\syspoints.dll - Deleted
C:\WINDOWS\system32\xpdx.sys - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe:*:Enabled:Assistance … distance - Windows Messenger et voix"
"C:\\Documents and Settings\\Jenny\\szmpuh.exe"="C:\\Documents and Settings\\Jenny\\szmpuh.exe:*:Enabled:Control"
"C:\\WINDOWS\\system32\\msnmsgr.exe"="C:\\WINDOWS\\system32\\msnmsgr.exe:*:Enabled:Windows Update"
"C:\\Documents and Settings\\Jenny\\eznewf.exe"="C:\\Documents and Settings\\Jenny\\eznewf.exe:*:Enabled:Control"
"C:\\Documents and Settings\\Jenny\\mwcmnz.exe"="C:\\Documents and Settings\\Jenny\\mwcmnz.exe:*:Enabled:Control"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
---------------
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
C:\Documents and Settings\Jenny\Local Settings\Application Data\Microsoft\Messenger\jennydu33640@hotmail.fr\Sharing Folders\oncebobleponge@hotmail.com\Thumbs.db
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Picasa2\setup.exe
C:\WINDOWS\BricoPacks\SysFiles\79_iexplore.exe
C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
C:\WINDOWS\SoftwareDistribution\Download\5bfc2df566e0403671b1abf7e607c521\BIT39.tmp
Finished!
philae83
Messages postés
12837
Date d'inscription
mercredi 3 janvier 2007
Statut
Contributeur sécurité
Dernière intervention
8 décembre 2009
206
16 sept. 2007 à 17:48
16 sept. 2007 à 17:48
bonjour,
missjenny
il faut te créer ton propre sujet afin de recevoir de l'aide stp. Merci
missjenny
il faut te créer ton propre sujet afin de recevoir de l'aide stp. Merci