Virus multiples
Fermé
ModJo_62
-
18 févr. 2007 à 19:30
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 18 févr. 2007 à 21:22
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 18 févr. 2007 à 21:22
A voir également:
- Virus multiples
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Operagxsetup virus ✓ - Forum Virus
- Produkey virus ✓ - Forum Windows 10
- Youtu.be virus - Guide
6 réponses
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
18 févr. 2007 à 19:43
18 févr. 2007 à 19:43
Salut
fais un clic droit sur l'icone du logiciel hijackthis puis renommer et nomme le CCM.exe
ensuite poste un nouveau hijackthis stp
++
fais un clic droit sur l'icone du logiciel hijackthis puis renommer et nomme le CCM.exe
ensuite poste un nouveau hijackthis stp
++
OK c'est fait.
Voilà le nouveau log :
Logfile of HijackThis v1.99.1
Scan saved at 19:52:36, on 18/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\eim.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\instdrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\CCM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free-firefox.dl.am
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {98CC582F-5DAD-43DB-8ADA-5C9C3560554A} - C:\WINDOWS\System32\opnmkll.dll
O2 - BHO: (no name) - {B930E311-904B-467B-975A-29AAB2E9A65B} - C:\WINDOWS\System32\awvvw.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\System32\dlfoiaru.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels1118.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Win32] eim.exe
O4 - HKLM\..\RunServices: [Win32] eim.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Win32] eim.exe
O4 - Global Startup: Akimania.com.lnk = C:\Program Files\Akimania.com\Pochette express pro v5.0\Akimania.com.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{36FA681B-3082-4F32-8067-30F9E6507D06}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{610DCE3D-4DE2-40B7-936A-EA44585BDEF8}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{68533139-8343-4F56-8E22-4F1E7D876358}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFC59596-D800-4661-A8B8-92D5F2FB6E6E}: NameServer = 212.30.96.108
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: IVMxlCYHN - {38529C79-92F8-36D3-08E3-4D4265BF510E} - C:\WINDOWS\System32\zsdm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\12.tmp".exe (file missing)
O23 - Service: Windows Instrument Driver (WMID) - Unknown owner - C:\WINDOWS\instdrv.exe
Voilà le nouveau log :
Logfile of HijackThis v1.99.1
Scan saved at 19:52:36, on 18/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\eim.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\instdrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\CCM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free-firefox.dl.am
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {98CC582F-5DAD-43DB-8ADA-5C9C3560554A} - C:\WINDOWS\System32\opnmkll.dll
O2 - BHO: (no name) - {B930E311-904B-467B-975A-29AAB2E9A65B} - C:\WINDOWS\System32\awvvw.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\System32\dlfoiaru.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels1118.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Win32] eim.exe
O4 - HKLM\..\RunServices: [Win32] eim.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Win32] eim.exe
O4 - Global Startup: Akimania.com.lnk = C:\Program Files\Akimania.com\Pochette express pro v5.0\Akimania.com.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{36FA681B-3082-4F32-8067-30F9E6507D06}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{610DCE3D-4DE2-40B7-936A-EA44585BDEF8}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{68533139-8343-4F56-8E22-4F1E7D876358}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFC59596-D800-4661-A8B8-92D5F2FB6E6E}: NameServer = 212.30.96.108
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: IVMxlCYHN - {38529C79-92F8-36D3-08E3-4D4265BF510E} - C:\WINDOWS\System32\zsdm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\12.tmp".exe (file missing)
O23 - Service: Windows Instrument Driver (WMID) - Unknown owner - C:\WINDOWS\instdrv.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
18 févr. 2007 à 20:05
18 févr. 2007 à 20:05
bien,
Téléchargez VundoFix.exe (par Atribune) sur ton Bureau :
http://www.atribune.org/ccount/click.php?id=4
*Double-clique VundoFix.exe afin de le lancer.
* Cochez Run VundoFix as a task.
* l'outil va se fermer et s'ouvrir à nouveau : cliquez Ok
* Cliquez sur le bouton Scan for Vundo.
* Lorsque le scan est complété, cliquez sur le bouton Remove Vundo.
* Une invite vous demandera supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* le PC va s'éteindre ("shutdown") : clique OK
* Démarrez votre PC à nouveau
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
++
Téléchargez VundoFix.exe (par Atribune) sur ton Bureau :
http://www.atribune.org/ccount/click.php?id=4
*Double-clique VundoFix.exe afin de le lancer.
* Cochez Run VundoFix as a task.
* l'outil va se fermer et s'ouvrir à nouveau : cliquez Ok
* Cliquez sur le bouton Scan for Vundo.
* Lorsque le scan est complété, cliquez sur le bouton Remove Vundo.
* Une invite vous demandera supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
* le PC va s'éteindre ("shutdown") : clique OK
* Démarrez votre PC à nouveau
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
++
voila le rapport vundo:
VundoFix V6.3.6
Checking Java version...
Java version is 1.5.0.4
Scan started at 20:17:22 18/02/2007
Listing files found while scanning....
C:\WINDOWS\system32\cgiwwfrj.exe
C:\WINDOWS\system32\efcyxvs.dll
C:\WINDOWS\system32\irpbxato.dll
C:\WINDOWS\system32\jkkijkk.dll
C:\WINDOWS\system32\jmlgqice.dll
C:\WINDOWS\system32\lddunwfp.exe
C:\WINDOWS\system32\nhphhasf.exe
C:\WINDOWS\system32\opnmkll.dll
C:\WINDOWS\system32\rrtoslid.dll
C:\WINDOWS\System32\rxypsivh.dll
C:\WINDOWS\system32\seniotil.dll
C:\WINDOWS\system32\tuvwtsr.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\cgiwwfrj.exe
C:\WINDOWS\system32\cgiwwfrj.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcyxvs.dll
C:\WINDOWS\system32\efcyxvs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\irpbxato.dll
C:\WINDOWS\system32\irpbxato.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkijkk.dll
C:\WINDOWS\system32\jkkijkk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jmlgqice.dll
C:\WINDOWS\system32\jmlgqice.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lddunwfp.exe
C:\WINDOWS\system32\lddunwfp.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\nhphhasf.exe
C:\WINDOWS\system32\nhphhasf.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\opnmkll.dll
C:\WINDOWS\system32\opnmkll.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\rrtoslid.dll
C:\WINDOWS\system32\rrtoslid.dll Has been deleted!
Attempting to delete C:\WINDOWS\S
Beginning removal...
Attempting to delete C:\WINDOWS\system32\opnmkll.dll
C:\WINDOWS\system32\opnmkll.dll Could not be deleted.
Performing Repairs to the registry.
Done!
Beginning removal...
Voila le rapport hjt:
Logfile of HijackThis v1.99.1
Scan saved at 20:47:07, on 18/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\instdrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\eim.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\VPro500.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrateur\Bureau\CCM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free-firefox.dl.am
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1416D84A-38F2-46BA-A31B-F7F528CBC5B1} - C:\WINDOWS\System32\awvvw.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {98CC582F-5DAD-43DB-8ADA-5C9C3560554A} - C:\WINDOWS\System32\opnmkll.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\System32\dlfoiaru.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels1118.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Win32] eim.exe
O4 - HKLM\..\RunServices: [Win32] eim.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Win32] eim.exe
O4 - Global Startup: Akimania.com.lnk = C:\Program Files\Akimania.com\Pochette express pro v5.0\Akimania.com.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{36FA681B-3082-4F32-8067-30F9E6507D06}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{610DCE3D-4DE2-40B7-936A-EA44585BDEF8}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{68533139-8343-4F56-8E22-4F1E7D876358}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFC59596-D800-4661-A8B8-92D5F2FB6E6E}: NameServer = 212.30.96.108
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: IVMxlCYHN - {38529C79-92F8-36D3-08E3-4D4265BF510E} - C:\WINDOWS\System32\zsdm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\12.tmp".exe (file missing)
O23 - Service: Windows Instrument Driver (WMID) - Unknown owner - C:\WINDOWS\instdrv.exe
Merci
VundoFix V6.3.6
Checking Java version...
Java version is 1.5.0.4
Scan started at 20:17:22 18/02/2007
Listing files found while scanning....
C:\WINDOWS\system32\cgiwwfrj.exe
C:\WINDOWS\system32\efcyxvs.dll
C:\WINDOWS\system32\irpbxato.dll
C:\WINDOWS\system32\jkkijkk.dll
C:\WINDOWS\system32\jmlgqice.dll
C:\WINDOWS\system32\lddunwfp.exe
C:\WINDOWS\system32\nhphhasf.exe
C:\WINDOWS\system32\opnmkll.dll
C:\WINDOWS\system32\rrtoslid.dll
C:\WINDOWS\System32\rxypsivh.dll
C:\WINDOWS\system32\seniotil.dll
C:\WINDOWS\system32\tuvwtsr.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\cgiwwfrj.exe
C:\WINDOWS\system32\cgiwwfrj.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\efcyxvs.dll
C:\WINDOWS\system32\efcyxvs.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\irpbxato.dll
C:\WINDOWS\system32\irpbxato.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkijkk.dll
C:\WINDOWS\system32\jkkijkk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jmlgqice.dll
C:\WINDOWS\system32\jmlgqice.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lddunwfp.exe
C:\WINDOWS\system32\lddunwfp.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\nhphhasf.exe
C:\WINDOWS\system32\nhphhasf.exe Has been deleted!
Attempting to delete C:\WINDOWS\system32\opnmkll.dll
C:\WINDOWS\system32\opnmkll.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\rrtoslid.dll
C:\WINDOWS\system32\rrtoslid.dll Has been deleted!
Attempting to delete C:\WINDOWS\S
Beginning removal...
Attempting to delete C:\WINDOWS\system32\opnmkll.dll
C:\WINDOWS\system32\opnmkll.dll Could not be deleted.
Performing Repairs to the registry.
Done!
Beginning removal...
Voila le rapport hjt:
Logfile of HijackThis v1.99.1
Scan saved at 20:47:07, on 18/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\instdrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\eim.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\VPro500.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrateur\Bureau\CCM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free-firefox.dl.am
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1416D84A-38F2-46BA-A31B-F7F528CBC5B1} - C:\WINDOWS\System32\awvvw.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {98CC582F-5DAD-43DB-8ADA-5C9C3560554A} - C:\WINDOWS\System32\opnmkll.dll
O2 - BHO: (no name) - {E03C740E-BB24-4d3c-B92A-6F84DE1DD99C} - C:\WINDOWS\System32\dlfoiaru.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels1118.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Win32] eim.exe
O4 - HKLM\..\RunServices: [Win32] eim.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Win32] eim.exe
O4 - Global Startup: Akimania.com.lnk = C:\Program Files\Akimania.com\Pochette express pro v5.0\Akimania.com.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VPro500.lnk = C:\WINDOWS\VPro500.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{36FA681B-3082-4F32-8067-30F9E6507D06}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{610DCE3D-4DE2-40B7-936A-EA44585BDEF8}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{68533139-8343-4F56-8E22-4F1E7D876358}: NameServer = 212.30.96.108
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFC59596-D800-4661-A8B8-92D5F2FB6E6E}: NameServer = 212.30.96.108
O17 - HKLM\System\CS1\Services\Tcpip\..\{2D31FDF1-846D-4180-87B9-C6907FA20A4E}: NameServer = 212.30.96.108
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: IVMxlCYHN - {38529C79-92F8-36D3-08E3-4D4265BF510E} - C:\WINDOWS\System32\zsdm.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\12.tmp".exe (file missing)
O23 - Service: Windows Instrument Driver (WMID) - Unknown owner - C:\WINDOWS\instdrv.exe
Merci
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
18 févr. 2007 à 20:53
18 févr. 2007 à 20:53
bien,
télécharge l2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe
Double-cliquer sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuyer sur n'importe quelle touche puis choisir l'option #1 (et pas autre chose) et valider avec la touche entre.
Le bloc note va s'ouvrir avec le rsultat du scan.copie/colles le rapport ici
++
télécharge l2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe
Double-cliquer sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuyer sur n'importe quelle touche puis choisir l'option #1 (et pas autre chose) et valider avec la touche entre.
Le bloc note va s'ouvrir avec le rsultat du scan.copie/colles le rapport ici
++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
18 févr. 2007 à 21:09
18 févr. 2007 à 21:09
retélécharge le et re-essaye ...
++
++
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
18 févr. 2007 à 21:22
18 févr. 2007 à 21:22
ok, passons,
fais les manips de ce lien stp :
virus methode preliminaire de desinfection version fr
@+
fais les manips de ce lien stp :
virus methode preliminaire de desinfection version fr
@+