Pubs +lenteur pc,voici mon rapport hijackthis
Résolu/Fermé
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
-
22 avril 2007 à 17:33
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 3 mai 2007 à 10:20
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 3 mai 2007 à 10:20
A voir également:
- Pubs +lenteur pc,voici mon rapport hijackthis
- Lenteur pc - Guide
- Benchmark pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
77 réponses
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
28 avril 2007 à 13:46
28 avril 2007 à 13:46
Salut
marche pas le clic droit,le site est mort je pense...
marche pas le clic droit,le site est mort je pense...
balltrap34
Messages postés
16240
Date d'inscription
jeudi 8 janvier 2004
Statut
Contributeur sécurité
Dernière intervention
28 novembre 2009
331
28 avril 2007 à 15:30
28 avril 2007 à 15:30
salut
l adresse pour Winsoftware.bfu
http://www.alt-shift-return.org/Info/Fichi...Winsoftware.bfu
dans le rapport smitfraud fix il y a des traces de detournement dns
fait lui passer l option 5
et plusieur passage de vundofix
a++
l adresse pour Winsoftware.bfu
http://www.alt-shift-return.org/Info/Fichi...Winsoftware.bfu
dans le rapport smitfraud fix il y a des traces de detournement dns
fait lui passer l option 5
et plusieur passage de vundofix
a++
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
28 avril 2007 à 16:38
28 avril 2007 à 16:38
Merci :-)
Sly : essaye avec cette nouvelle adresse, puis, on fera l'option 5 avec smitfraud.fix
@+
Sly : essaye avec cette nouvelle adresse, puis, on fera l'option 5 avec smitfraud.fix
@+
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
28 avril 2007 à 18:01
28 avril 2007 à 18:01
Bonjour,
décidement ce lien est difficile :
http://www.alt-shift-return.org/Info/Fichiers/Winsoftware.bfu
Bonne suite.
décidement ce lien est difficile :
http://www.alt-shift-return.org/Info/Fichiers/Winsoftware.bfu
Bonne suite.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
28 avril 2007 à 18:14
28 avril 2007 à 18:14
Salut
Je viens de retenter : clic droit < enregister la cible sous ...
et lorsque je veux l'ouvrir, il me demande avec quel programme l'ouvrir ???
merci à vous !
++
Je viens de retenter : clic droit < enregister la cible sous ...
et lorsque je veux l'ouvrir, il me demande avec quel programme l'ouvrir ???
merci à vous !
++
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
28 avril 2007 à 20:21
28 avril 2007 à 20:21
Bonsoir....et bien j'ai essayé tout les liens mais aucun ne marchent....
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
28 avril 2007 à 21:26
28 avril 2007 à 21:26
Oups !
il fallait que je résume le tout :)
Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)
Ensuite, télécharge Winsoftware.bfu :
Fais un clik droit ici : http://www.alt-shift-return.org/Info/Fichiers/Winsoftware.bfu
et choisis
"Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica).
Sauvegarde dans le dossier créé (C:\BFU).
**Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Winsoftware.bfu et BFU.exe (très important).
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : Winsoftware.bfu
- Coches la case Show log after scrïpt ends
- Clique sur Execute pour que le fix fasse son boulot : Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
poste le rapport que tu auras sauvegarder stp
@+
il fallait que je résume le tout :)
Télécharge Brute Force Uninstaller (de Merijn) ici: http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)
Ensuite, télécharge Winsoftware.bfu :
Fais un clik droit ici : http://www.alt-shift-return.org/Info/Fichiers/Winsoftware.bfu
et choisis
"Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica).
Sauvegarde dans le dossier créé (C:\BFU).
**Note : si tu utilises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Winsoftware.bfu et BFU.exe (très important).
Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : Winsoftware.bfu
- Coches la case Show log after scrïpt ends
- Clique sur Execute pour que le fix fasse son boulot : Attends que le message Complete scrïpt execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
poste le rapport que tu auras sauvegarder stp
@+
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
30 avril 2007 à 01:12
30 avril 2007 à 01:12
Salut Green day
Voila j ai fait comme tu m as dit et voila le rapport :
BFU v1.00.9
Windows XP SP1 (WinNT 5.01.2600 SP1)
Script started at 01:07:14, on 30/04/2007
Option Unload Explorer: Yes
Failed: ServiceStop FWSvc (service not found)
Failed: ServiceDisable FWSvc (service not found)
Failed: ServiceDelete FWSvc (service not found)
Failed: DllUnregister C:\Program Files\DriveCleaner 2006 Free\UDCPChk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\DriveCleaner 2006 Free\UDCShell.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\df_fixer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\df_proxy.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\ecc.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\esSPCheck.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FFWraper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FixCore.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FiFxr5.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FTRec.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\MMFix.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\StrRes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\compclr.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\df_fixer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\df_proxy.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\FFWrapr.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\flfxr10.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\FTRec.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\FxCore.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\MMFx.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\StrRes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SystemDoctor 2006 Free\order.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006\AsAgents.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006\shellext.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\AsAgents.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\shellext.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\uwas6chk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\was6chk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\avkernel.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\IEFWBHO.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\libfn.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\rpt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\compcln.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\df_fixer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\df_proxy.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\ffCom.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\FFWraper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\FileTypeRecognizer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\FixCore.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\MMFix.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\OEDrop.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\StrRes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\Companion Wizard\WapCHK.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinAntiSpyware 2006\was6chk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinAntiVirus Pro 2006\WapCHK.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinSoftware\CrXML.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinSoftware\PCheck.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Fichiers communs\WinFixer 2005\uwappchk.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\System32\SpOrder.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\syst32.dll|1 (file not found)
Failed: FileDelete C:\Program Files\Common Files\Companion Wizard\WapCHK{*}.dll (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.1\U*_*_*NetInstaller.exe (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.2\U*_*_*NetInstaller.exe (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.3\U*_*_*NetInstaller.exe (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.4\U*_*_*NetInstaller.exe (operation failed)
Failed: FolderDelete C:\Documents and Settings\marwoan\Application Data\systemdoctor 2006 free (folder not found)
Failed: FolderDelete C:\Documents and Settings\marwoan\Application Data\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\WinAntiVirus Corp (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ErrorSafe (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SystemDoctor 2006 Unregistered Version (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiSpyware 2006 Scanner (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\SysProtect (folder not found)
Failed: FolderDelete C:\Program Files\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Error Safe (folder not found)
Failed: FolderDelete C:\Program Files\Error Safe Free (folder not found)
Failed: FolderDelete C:\Program Files\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\errorsafe free (folder not found)
Failed: FolderDelete C:\Program Files\SysProtect Free (folder not found)
Failed: FolderDelete C:\Program Files\SystemDoctor 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiSpyware 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiSpyware 2006 Scanner (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiVirus 2005 (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\WinPopupGuard 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\DriveCleaner 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\DriveCleaner Free (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\Error Safe (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\errorguard (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\SystemDoctor 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinSoftware (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\errorguard (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\SysProtect (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\SystemDoctor 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinSoftware (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\DriveCleaner 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\DriveCleaner Free (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\Error Safe (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\errorguard (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\SystemDoctor 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinAntivirus Pro 2007 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinSoftware (folder not found)
Failed: FolderDelete C:\WinAntiVirus Pro 2006 (folder not found)
Failed: FileDelete %USERPROFILE%\Cookies\*@*drivecleaner*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*errorsafe*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*systemdoctor*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*WinAntiSpyware*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*winantivirus*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*winfixer*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*yieldmanager*.txt (operation failed)
Failed: FolderDelete C:\Documents and Settings\marwoan\Local Settings\Temporary Internet Files\Content.IE5\BI0LHLBX (operation failed)
Failed: FolderDelete C:\Documents and Settings\marwoan\Local Settings\Temporary Internet Files\Content.IE5\K383QFON (operation failed)
Failed: FileDelete C:\DOCUME~1\marwoan\LOCALS~1\Temp\~DFC4AE.tmp (operation failed)
Script completed.
Ca m as pas l air tres super tout ca.... :(
Voila j ai fait comme tu m as dit et voila le rapport :
BFU v1.00.9
Windows XP SP1 (WinNT 5.01.2600 SP1)
Script started at 01:07:14, on 30/04/2007
Option Unload Explorer: Yes
Failed: ServiceStop FWSvc (service not found)
Failed: ServiceDisable FWSvc (service not found)
Failed: ServiceDelete FWSvc (service not found)
Failed: DllUnregister C:\Program Files\DriveCleaner 2006 Free\UDCPChk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\DriveCleaner 2006 Free\UDCShell.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\df_fixer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\df_proxy.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\ecc.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\esSPCheck.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FFWraper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FixCore.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FiFxr5.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\FTRec.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\MMFix.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\ErrorSafe\StrRes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\compclr.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\df_fixer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\df_proxy.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\FFWrapr.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\flfxr10.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\FTRec.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\FxCore.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\MMFx.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SysProtect\StrRes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\SystemDoctor 2006 Free\order.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006\AsAgents.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006\shellext.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\AsAgents.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\shellext.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\uwas6chk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiSpyware 2006 Scanner\was6chk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\avkernel.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\IEFWBHO.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\libfn.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\rpt.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinAntiVirus Pro 2006\winpgi.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\compcln.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\df_fixer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\df_proxy.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\ffCom.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\FFWraper.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\FileTypeRecognizer.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\FixCore.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\MMFix.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\OEDrop.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\WinFixer 2005\StrRes.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\Companion Wizard\WapCHK.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinAntiSpyware 2006\was6chk.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinAntiVirus Pro 2006\WapCHK.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinSoftware\CrXML.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Common Files\WinSoftware\PCheck.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Fichiers communs\WinFixer 2005\uwappchk.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\System32\SpOrder.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\syst32.dll|1 (file not found)
Failed: FileDelete C:\Program Files\Common Files\Companion Wizard\WapCHK{*}.dll (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.1\U*_*_*NetInstaller.exe (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.2\U*_*_*NetInstaller.exe (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.3\U*_*_*NetInstaller.exe (operation failed)
Failed: FileDelete C:\WINDOWS\Downloaded Program Files\CONFLICT.4\U*_*_*NetInstaller.exe (operation failed)
Failed: FolderDelete C:\Documents and Settings\marwoan\Application Data\systemdoctor 2006 free (folder not found)
Failed: FolderDelete C:\Documents and Settings\marwoan\Application Data\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\WinAntiVirus Corp (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ErrorSafe (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SystemDoctor 2006 Unregistered Version (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiSpyware 2006 Scanner (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\SysProtect (folder not found)
Failed: FolderDelete C:\Program Files\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Error Safe (folder not found)
Failed: FolderDelete C:\Program Files\Error Safe Free (folder not found)
Failed: FolderDelete C:\Program Files\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\errorsafe free (folder not found)
Failed: FolderDelete C:\Program Files\SysProtect Free (folder not found)
Failed: FolderDelete C:\Program Files\SystemDoctor 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiSpyware 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiSpyware 2006 Scanner (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiVirus 2005 (folder not found)
Failed: FolderDelete C:\Program Files\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\WinPopupGuard 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\DriveCleaner 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\DriveCleaner Free (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\Error Safe (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\errorguard (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\SystemDoctor 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Archivos comunes\WinSoftware (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\errorguard (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\SysProtect (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\SystemDoctor 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\WinSoftware (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\DriveCleaner 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\DriveCleaner 2006 Free (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\DriveCleaner Free (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\Error Safe (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\erroguard (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\errorguard (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\ErrorSafe (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\SystemDoctor 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinAntiSpyware 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinAntivirus Pro 2007 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinFixer 2005 (folder not found)
Failed: FolderDelete C:\Program Files\Fichiers communs\WinSoftware (folder not found)
Failed: FolderDelete C:\WinAntiVirus Pro 2006 (folder not found)
Failed: FileDelete %USERPROFILE%\Cookies\*@*drivecleaner*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*errorsafe*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*systemdoctor*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*WinAntiSpyware*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*winantivirus*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*winfixer*.txt (operation failed)
Failed: FileDelete %USERPROFILE%\Cookies\*@*yieldmanager*.txt (operation failed)
Failed: FolderDelete C:\Documents and Settings\marwoan\Local Settings\Temporary Internet Files\Content.IE5\BI0LHLBX (operation failed)
Failed: FolderDelete C:\Documents and Settings\marwoan\Local Settings\Temporary Internet Files\Content.IE5\K383QFON (operation failed)
Failed: FileDelete C:\DOCUME~1\marwoan\LOCALS~1\Temp\~DFC4AE.tmp (operation failed)
Script completed.
Ca m as pas l air tres super tout ca.... :(
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
30 avril 2007 à 10:24
30 avril 2007 à 10:24
Salut
passe ccleaner et vundo.fix en mode sans echec !
et poste celui de vundo stp
++
passe ccleaner et vundo.fix en mode sans echec !
et poste celui de vundo stp
++
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
30 avril 2007 à 21:25
30 avril 2007 à 21:25
Salut!!
Voila ce que ca donne :
VundoFix V6.3.21
Checking Java version...
Sun Java not detected
Scan started at 21:11:10 30/04/2007
Listing files found while scanning....
C:\WINDOWS\system32\boffbubd.dll
C:\WINDOWS\system32\dbubffob.ini
C:\WINDOWS\System32\gfhkj.bak1
C:\WINDOWS\System32\gfhkj.bak2
C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\system32\gwfuaqbu.dll
C:\WINDOWS\system32\hfjmwxpb.dll
C:\WINDOWS\system32\hgkpnhul.dll
C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\luhnpkgh.ini
C:\WINDOWS\system32\wuwrogsk.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\boffbubd.dll
C:\WINDOWS\system32\boffbubd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\dbubffob.ini
C:\WINDOWS\system32\dbubffob.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\gfhkj.bak1
C:\WINDOWS\System32\gfhkj.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gfhkj.bak2
C:\WINDOWS\System32\gfhkj.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\System32\gfhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\gwfuaqbu.dll
C:\WINDOWS\system32\gwfuaqbu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hfjmwxpb.dll
C:\WINDOWS\system32\hfjmwxpb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgkpnhul.dll
C:\WINDOWS\system32\hgkpnhul.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\System32\jkhfg.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\jkkijkh.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\luhnpkgh.ini
C:\WINDOWS\system32\luhnpkgh.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\wuwrogsk.dll
C:\WINDOWS\system32\wuwrogsk.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\System32\gfhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\System32\jkhfg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\jkkijkh.dll Has been deleted!
Performing Repairs to the registry.
Done!
Qu en pense tu? :)
Voila ce que ca donne :
VundoFix V6.3.21
Checking Java version...
Sun Java not detected
Scan started at 21:11:10 30/04/2007
Listing files found while scanning....
C:\WINDOWS\system32\boffbubd.dll
C:\WINDOWS\system32\dbubffob.ini
C:\WINDOWS\System32\gfhkj.bak1
C:\WINDOWS\System32\gfhkj.bak2
C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\system32\gwfuaqbu.dll
C:\WINDOWS\system32\hfjmwxpb.dll
C:\WINDOWS\system32\hgkpnhul.dll
C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\luhnpkgh.ini
C:\WINDOWS\system32\wuwrogsk.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\boffbubd.dll
C:\WINDOWS\system32\boffbubd.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\dbubffob.ini
C:\WINDOWS\system32\dbubffob.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\gfhkj.bak1
C:\WINDOWS\System32\gfhkj.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gfhkj.bak2
C:\WINDOWS\System32\gfhkj.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\System32\gfhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\gwfuaqbu.dll
C:\WINDOWS\system32\gwfuaqbu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hfjmwxpb.dll
C:\WINDOWS\system32\hfjmwxpb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgkpnhul.dll
C:\WINDOWS\system32\hgkpnhul.dll Has been deleted!
Attempting to delete C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\System32\jkhfg.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\jkkijkh.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\luhnpkgh.ini
C:\WINDOWS\system32\luhnpkgh.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\wuwrogsk.dll
C:\WINDOWS\system32\wuwrogsk.dll Has been deleted!
Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\System32\gfhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\System32\jkhfg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\jkkijkh.dll Has been deleted!
Performing Repairs to the registry.
Done!
Qu en pense tu? :)
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
30 avril 2007 à 21:44
30 avril 2007 à 21:44
Could not be deleted ... toujours les mêmes ...
Télécharge ComboFix (par sUBs) d'un de ces liens sur ton bureau:
http://www.techsupportforum.com/sectools/combofix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe et suis les invites, à la fin poste le rapport stp
++
Télécharge ComboFix (par sUBs) d'un de ces liens sur ton bureau:
http://www.techsupportforum.com/sectools/combofix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe et suis les invites, à la fin poste le rapport stp
++
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
1 mai 2007 à 20:34
1 mai 2007 à 20:34
Salut green day !!
Ah lol je croyai ca avai viré apres le redemarrage du PC pq c etait marquer: "Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\System32\gfhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\System32\jkhfg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\jkkijkh.dll Has been deleted!
Performing Repairs to the registry.
Done! "
Sinon j ai fait comme tu m as dit avec combofix et voila le rapport :
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\marwoan\Bureau\"
((((((((((((((((((((((((((((((( Files Created from 2007-04-01 to 2007-05-01 ))))))))))))))))))))))))))))))))))
2007-04-30 21:11 <REP> d-------- C:\VundoFix Backups
2007-04-28 14:17 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-24 13:15 <REP> d-------- C:\Hijackthis
2007-04-22 22:28 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-04-22 22:24 <REP> d-------- C:\Avg spyware
2007-04-22 21:48 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-04-22 21:48 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-04-22 21:48 2,484 --a------ C:\WINDOWS\system32\tmp.reg
2007-04-22 21:08 497,538 --------- C:\WINDOWS\system32\pstwa.bak1
2007-04-22 21:08 281,172 --ahs---- C:\WINDOWS\system32\awtsp.dll.vir
2007-04-22 21:02 73,728 --a------ C:\WINDOWS\system32\pv.exe
2007-04-22 21:02 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2007-04-22 21:02 175,616 --a------ C:\WINDOWS\system32\strings.exe
2007-04-22 21:02 16,384 --a------ C:\WINDOWS\system32\restart.exe
2007-04-22 21:02 126,976 --a------ C:\WINDOWS\system32\zip.exe
2007-04-22 21:02 11,254 --a------ C:\WINDOWS\system32\locate.com
2007-04-22 17:12 497,498 --------- C:\WINDOWS\system32\qttss.bak1
2007-04-22 15:45 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-04-22 11:14 26,714 --a------ C:\WINDOWS\system32\cbxvwxv.dll
2007-04-21 22:28 26,714 --a------ C:\WINDOWS\system32\opnoomk(2).dll
2007-04-21 20:46 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft(2)
2007-04-21 19:50 26,714 --a------ C:\WINDOWS\system32\opnkihf(2).dll
2007-04-21 19:37 26,714 --a------ C:\WINDOWS\system32\pmnoppq(2).dll
2007-04-20 15:55 4,456,448 --a------ C:\DOCUME~1\marwoan\ntuser.dat
2007-04-19 18:02 26,714 --a------ C:\WINDOWS\system32\efccaxw.dll.vir
2007-04-19 11:57 26,714 --a------ C:\WINDOWS\system32\ddcyyyw.dll
2007-04-18 12:24 26,714 --a------ C:\WINDOWS\system32\hgghfgf.dll
2007-04-17 16:42 26,714 --a------ C:\WINDOWS\system32\ljjghhi.dll
2007-04-17 16:31 <REP> d-------- C:\Ccleaner
2007-04-16 17:25 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-16 17:23 <REP> d-------- C:\Spybot
2007-04-16 12:33 26,714 --a------ C:\WINDOWS\system32\awtqrqp.dll
2007-04-14 10:20 26,714 --a------ C:\WINDOWS\system32\gebbaya.dll
2007-04-06 12:35 2,903 --------- C:\WINDOWS\system32\vyadd.ini2
2007-04-01 21:51 <REP> d-------- C:\QuickZip
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-05-01 13:08 1825 --a------ C:\DOCUME~1\marwoan\APPLIC~1\quickzip45.ini
2007-04-25 01:07 71248 --a------ C:\WINDOWS\system32\perfc00c.dat
2007-04-25 01:07 458230 --a------ C:\WINDOWS\system32\perfh00c.dat
2007-03-31 05:16 31844 --------- C:\WINDOWS\system32\awvtt.exe
2007-03-30 16:54 -------- d-------- C:\DOCUME~1\marwoan\APPLIC~1\secondlife
2007-03-29 14:06 -------- d-------- C:\DOCUME~1\marwoan\APPLIC~1\pc suite
2007-03-20 20:25 39 --a------ C:\WINDOWS\winomnifile.dat
2007-03-04 17:47 -------- d-------- C:\Program Files\Fichiers communs\real
2007-02-12 19:29 59232 --a------ C:\WINDOWS\system32\sourceplug.dll
2007-02-12 19:29 257376 --a------ C:\WINDOWS\system32\medialogic.dll
2007-02-09 19:34 57344 --a------ C:\WINDOWS\system32\kdfapi.dll
2007-02-09 19:34 48128 --a------ C:\WINDOWS\system32\kdfhok.dll
2007-02-09 19:34 155648 --a------ C:\WINDOWS\system32\kdfmgr.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Adobe reader\ActiveX\AcroIEHelper.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BluetoothAuthenticationAgent"="rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent"
"SoundMan"="SOUNDMAN.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AGRSMMSG"="AGRSMMSG.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"VX3000"="C:\\WINDOWS\\vVX3000.exe"
"ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1156517496.job
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-01 20:30:59
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-05-01 20:31:03
C:\ComboFix-quarantined-files.txt ... 07-05-01 20:31
Ah lol je croyai ca avai viré apres le redemarrage du PC pq c etait marquer: "Performing Repairs to the registry.
Done!
Beginning removal...
Attempting to delete C:\WINDOWS\System32\gfhkj.ini
C:\WINDOWS\System32\gfhkj.ini Has been deleted!
Attempting to delete C:\WINDOWS\System32\jkhfg.dll
C:\WINDOWS\System32\jkhfg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkijkh.dll
C:\WINDOWS\system32\jkkijkh.dll Has been deleted!
Performing Repairs to the registry.
Done! "
Sinon j ai fait comme tu m as dit avec combofix et voila le rapport :
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\marwoan\Bureau\"
((((((((((((((((((((((((((((((( Files Created from 2007-04-01 to 2007-05-01 ))))))))))))))))))))))))))))))))))
2007-04-30 21:11 <REP> d-------- C:\VundoFix Backups
2007-04-28 14:17 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-24 13:15 <REP> d-------- C:\Hijackthis
2007-04-22 22:28 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-04-22 22:24 <REP> d-------- C:\Avg spyware
2007-04-22 21:48 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-04-22 21:48 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-04-22 21:48 2,484 --a------ C:\WINDOWS\system32\tmp.reg
2007-04-22 21:08 497,538 --------- C:\WINDOWS\system32\pstwa.bak1
2007-04-22 21:08 281,172 --ahs---- C:\WINDOWS\system32\awtsp.dll.vir
2007-04-22 21:02 73,728 --a------ C:\WINDOWS\system32\pv.exe
2007-04-22 21:02 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2007-04-22 21:02 175,616 --a------ C:\WINDOWS\system32\strings.exe
2007-04-22 21:02 16,384 --a------ C:\WINDOWS\system32\restart.exe
2007-04-22 21:02 126,976 --a------ C:\WINDOWS\system32\zip.exe
2007-04-22 21:02 11,254 --a------ C:\WINDOWS\system32\locate.com
2007-04-22 17:12 497,498 --------- C:\WINDOWS\system32\qttss.bak1
2007-04-22 15:45 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-04-22 11:14 26,714 --a------ C:\WINDOWS\system32\cbxvwxv.dll
2007-04-21 22:28 26,714 --a------ C:\WINDOWS\system32\opnoomk(2).dll
2007-04-21 20:46 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft(2)
2007-04-21 19:50 26,714 --a------ C:\WINDOWS\system32\opnkihf(2).dll
2007-04-21 19:37 26,714 --a------ C:\WINDOWS\system32\pmnoppq(2).dll
2007-04-20 15:55 4,456,448 --a------ C:\DOCUME~1\marwoan\ntuser.dat
2007-04-19 18:02 26,714 --a------ C:\WINDOWS\system32\efccaxw.dll.vir
2007-04-19 11:57 26,714 --a------ C:\WINDOWS\system32\ddcyyyw.dll
2007-04-18 12:24 26,714 --a------ C:\WINDOWS\system32\hgghfgf.dll
2007-04-17 16:42 26,714 --a------ C:\WINDOWS\system32\ljjghhi.dll
2007-04-17 16:31 <REP> d-------- C:\Ccleaner
2007-04-16 17:25 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-16 17:23 <REP> d-------- C:\Spybot
2007-04-16 12:33 26,714 --a------ C:\WINDOWS\system32\awtqrqp.dll
2007-04-14 10:20 26,714 --a------ C:\WINDOWS\system32\gebbaya.dll
2007-04-06 12:35 2,903 --------- C:\WINDOWS\system32\vyadd.ini2
2007-04-01 21:51 <REP> d-------- C:\QuickZip
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-05-01 13:08 1825 --a------ C:\DOCUME~1\marwoan\APPLIC~1\quickzip45.ini
2007-04-25 01:07 71248 --a------ C:\WINDOWS\system32\perfc00c.dat
2007-04-25 01:07 458230 --a------ C:\WINDOWS\system32\perfh00c.dat
2007-03-31 05:16 31844 --------- C:\WINDOWS\system32\awvtt.exe
2007-03-30 16:54 -------- d-------- C:\DOCUME~1\marwoan\APPLIC~1\secondlife
2007-03-29 14:06 -------- d-------- C:\DOCUME~1\marwoan\APPLIC~1\pc suite
2007-03-20 20:25 39 --a------ C:\WINDOWS\winomnifile.dat
2007-03-04 17:47 -------- d-------- C:\Program Files\Fichiers communs\real
2007-02-12 19:29 59232 --a------ C:\WINDOWS\system32\sourceplug.dll
2007-02-12 19:29 257376 --a------ C:\WINDOWS\system32\medialogic.dll
2007-02-09 19:34 57344 --a------ C:\WINDOWS\system32\kdfapi.dll
2007-02-09 19:34 48128 --a------ C:\WINDOWS\system32\kdfhok.dll
2007-02-09 19:34 155648 --a------ C:\WINDOWS\system32\kdfmgr.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Adobe reader\ActiveX\AcroIEHelper.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BluetoothAuthenticationAgent"="rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent"
"SoundMan"="SOUNDMAN.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AGRSMMSG"="AGRSMMSG.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"VX3000"="C:\\WINDOWS\\vVX3000.exe"
"ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1156517496.job
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-01 20:30:59
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-05-01 20:31:03
C:\ComboFix-quarantined-files.txt ... 07-05-01 20:31
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
1 mai 2007 à 21:18
1 mai 2007 à 21:18
Salut
je crois que c'est enfin parti :)
poste un nouveau hijack stp
++
je crois que c'est enfin parti :)
poste un nouveau hijack stp
++
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
2 mai 2007 à 09:08
2 mai 2007 à 09:08
Salut green !
YEahhh waouuu lol Number one donc c est Vundo :)
En tout cas merci pour tout green day :)
Voila je te poste le rapport hijackthis en esperant que c est positif :)
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:06:25, on 02/05/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Imprimante\Digital Imaging\bin\hpohmr08.exe
C:\Avg spyware\AVG Anti-Spyware 7.5\guard.exe
C:\Imprimante\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Imprimante\Digital Imaging\bin\hpoevm08.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Imprimante\Digital Imaging\Bin\hpoSTS08.exe
C:\Spybot\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Hijackthis\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2A220FAB-5BDA-4DBE-BEEC-691E5CE84903} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {1E15B1A7-95CA-4377-B893-697CD95951AE} (ClientATXCtrl Control) - http://www.wayi.com.tw/gameup/ClientATXCtrl.OCX
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by140fd.bay140.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} - http://monatoweb.nefficient.co.kr/monatoweb/inca/nProtect/Netizen/npx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.gamengame.com/KALogoutComponent.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F2D47376-7118-421F-AD84-4D4AEA43005C} (SpyDrRun Control) - http://down.spy-dr.co.kr/spydr/partner/activex/SpyDrRun.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Avg spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
YEahhh waouuu lol Number one donc c est Vundo :)
En tout cas merci pour tout green day :)
Voila je te poste le rapport hijackthis en esperant que c est positif :)
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:06:25, on 02/05/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Imprimante\Digital Imaging\bin\hpohmr08.exe
C:\Avg spyware\AVG Anti-Spyware 7.5\guard.exe
C:\Imprimante\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Imprimante\Digital Imaging\bin\hpoevm08.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Imprimante\Digital Imaging\Bin\hpoSTS08.exe
C:\Spybot\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Hijackthis\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2A220FAB-5BDA-4DBE-BEEC-691E5CE84903} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Telechargeur\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .avi: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {1E15B1A7-95CA-4377-B893-697CD95951AE} (ClientATXCtrl Control) - http://www.wayi.com.tw/gameup/ClientATXCtrl.OCX
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by140fd.bay140.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} - http://monatoweb.nefficient.co.kr/monatoweb/inca/nProtect/Netizen/npx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.gamengame.com/KALogoutComponent.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F2D47376-7118-421F-AD84-4D4AEA43005C} (SpyDrRun Control) - http://down.spy-dr.co.kr/spydr/partner/activex/SpyDrRun.cab
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Avg spyware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
2 mai 2007 à 20:56
2 mai 2007 à 20:56
Salut :-)
c'est nickel !
petit détail au passage : ligne à fixer !
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O16 - DPF: {1E15B1A7-95CA-4377-B893-697CD95951AE} (ClientATXCtrl Control) - http://www.wayi.com.tw/gameup/ClientATXCtrl.OCX
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by140fd.bay140.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} - http://monatoweb.nefficient.co.kr/monatoweb/inca/nProtect/Netizen/npx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.gamengame.com/KALogoutComponent.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F2D47376-7118-421F-AD84-4D4AEA43005C} (SpyDrRun Control) - http://down.spy-dr.co.kr/spydr/partner/activex/SpyDrRun.cab
et tu installe un parefeu !
voir ici : securite proteger un ordinateur contre les malwares d internet
@+
;-))
c'est nickel !
petit détail au passage : ligne à fixer !
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O16 - DPF: {1E15B1A7-95CA-4377-B893-697CD95951AE} (ClientATXCtrl Control) - http://www.wayi.com.tw/gameup/ClientATXCtrl.OCX
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by140fd.bay140.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} - http://monatoweb.nefficient.co.kr/monatoweb/inca/nProtect/Netizen/npx.cab
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - http://www.gamengame.com/KALogoutComponent.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F2D47376-7118-421F-AD84-4D4AEA43005C} (SpyDrRun Control) - http://down.spy-dr.co.kr/spydr/partner/activex/SpyDrRun.cab
et tu installe un parefeu !
voir ici : securite proteger un ordinateur contre les malwares d internet
@+
;-))
sly4ever
Messages postés
44
Date d'inscription
samedi 21 avril 2007
Statut
Membre
Dernière intervention
3 mai 2007
3 mai 2007 à 09:22
3 mai 2007 à 09:22
Salut!
Super, j ai fait t es derniere instructions et installé un par feu conseiller dans ton lien :)
Il est temps de te dire un grand merci pour ton aide sans quoi j aurai ete noyé de trojan et virus ;)
Et bonne continuation !
salut
Super, j ai fait t es derniere instructions et installé un par feu conseiller dans ton lien :)
Il est temps de te dire un grand merci pour ton aide sans quoi j aurai ete noyé de trojan et virus ;)
Et bonne continuation !
salut
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
3 mai 2007 à 10:20
3 mai 2007 à 10:20
Salut !
Pas d'quoi
Bonne continuation itoo ... ;-))
++
Pas d'quoi
Bonne continuation itoo ... ;-))
++
