Sujet Précédent Sujet Suivant

Au secours fenetre intempestive sous vista

Résolu/Fermé
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 - 7 août 2007 à 12:02
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 7 août 2007 à 18:10
BOnjour je suis totalement perdu je suis sous vista j'ai des fenetres intempestives qui viennent des que je navigue sur le net (mozilla et ie) IE ne fonctionne plus et il rame.Et depuis un dcertain tps c'est même mon ordi perso(mes doc ou autre) qui rame.J'ai essayé plusieurs façon de tout nettoyer en regardant les forums mais rien ne fonctionne sous vista je vous envoie mon rapport hijack SVP aidez moi j'en peux plus!!!!!!!
Logfile of HijackThis v1.99.1
Scan saved at 11:27:27, on 07/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=about%3ablank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=about%3ablank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67ed9c6b-18be-448e-89c7-116115b289cf} - C:\Windows\system32\modapi.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\jkkjhhi.dll
O20 - Winlogon Notify: modapi - C:\Windows\SYSTEM32\modapi.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
A voir également:

14 réponses

Réponse 1 / 14
fausty66 Messages postés 54 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 9 août 2007 7
7 août 2007 à 12:11
salut, telecharge avast version familiale www.avast.com,installe et dis oui a voulez faire un scan au demarrage ensuite lis les propostion faites par l'interface.

Esta la vista
0
Réponse 2 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
Modifié le 7 août 2007 à 18:10
non il a norton deja comme antivirus

_______________

scan avec des antiespions (en mode sans échec):

spybot :
https://www.commentcamarche.net/telecharger/securite/20939-spybot-search-and-destroy/

voir demo d utilisation (merci Balltrap)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

AD AWARE:
http://www.commentcamarche.net/download/telecharger-83-ad-aware-free-antivirus
---------------------

puis fait la deuxieme methode ici et clean



popups ouverture de fenetres internet publicitaires pop up


_________________

Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

* Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
* Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
* Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.

http://kerio.probb.fr/tuto-Clean-h37.html
0
Réponse 3 / 14
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 12:27
je ne vais pas utiliser la 1ere methode car elle n'est valable que sur xp donc je passe directement sur clean.En se qui concerne spybot et ad award en mode sans echec je l'ai fait plusieur fois sans resultat .Donc je fais le clean et je te repond.Merci
0
Réponse 4 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 août 2007 à 12:31
j'avais pas dis la premiere methode mais la deuxieme methode !!!!!!





popups ouverture de fenetres internet publicitaires pop up
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
fausty66 Messages postés 54 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 9 août 2007 7
7 août 2007 à 12:37
Laisse tomber norton ,lourd et gourmand en memoire et faillible pour les spywares et autres petite bete
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 août 2007 à 12:38
conseille plutot antvir a avast en gratuit

https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
0
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
7 août 2007 à 12:39
faillible pour les spywares et autres petite bete
Avast aussi...

Le risque zéro n'existe pas ;)
0
fausty66 Messages postés 54 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 9 août 2007 7 > ^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020
7 août 2007 à 13:00
C'est vrai mais il est gratuit (merci a l'editeur) et bien ecrit.
0
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 12:45
je fais le scan avec black light ensuite je fais tout ce que l'on me dit sur la methode 2 puis quand j'ai fini je fais un rapport clean et je t'envoie tout avec le rapportblack light ok?
0
Réponse 6 / 14
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 12:50
le scan avec blacklight n'a rien donné je t'envoie les deux rapport que j'ai
blacklight:
08/07/07 12:37:32 [Info]: BlackLight Engine 1.0.64 initialized
08/07/07 12:37:32 [Info]: OS: 6.0 build 6000 ()
08/07/07 12:37:32 [Note]: 7019 4
08/07/07 12:37:32 [Note]: 7005 0
08/07/07 12:37:45 [Note]: 7006 0
08/07/07 12:37:45 [Note]: 7027 0
08/07/07 12:37:45 [Note]: 7026 0
08/07/07 12:37:45 [Note]: 7026 0
08/07/07 12:37:47 [Note]: FSRAW library version 1.7.1022
08/07/07 12:45:35 [Note]: 7007 0

et le rapport clean:
07/08/2007 a 12:30:20,73

*** Recherche C:

*** Recherche C:\Windows\

*** Recherche C:\Windows\system32
C:\Windows\system32\wininit.exe FOUND
C:\Windows\system32\wininit.exe FOUND

*** Recherche C:\Program Files
"C:\Program Files\PokerStars\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** End of the report !
Voila, n'ayant rien trouvé avec blacklight je n'ai pas continué la methode 2puisqu'il n'a pas trouvé d'infection.
0
Réponse 7 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 août 2007 à 13:58
encore des pubs?
0
Réponse 8 / 14
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 13:58
voila je viens de faire un scan avec antivir il m'a trouvé 59 infection que j'ai mis en quarantaine quelqu'un peut-il m'aider voici le rapport :
AntiVir PersonalEdition Classic
Report file date: mardi 7 août 2007 13:18

Scanning for 1004132 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: jonathan
Computer name: STADE-VELODROME

Version information:
BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 11:16:53
ANTIVIR2.VDF : 6.39.0.207 1077248 Bytes 02/08/2007 11:16:53
ANTIVIR3.VDF : 6.39.0.217 96256 Bytes 07/08/2007 11:16:54
AVEWIN32.DLL : 7.4.0.57 2707968 Bytes 07/08/2007 11:16:54
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 07/08/2007 11:16:54
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: I:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 7 août 2007 13:18

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'VSSVC.exe' - '0' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'CPSHelpRunner.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '0' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '0' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'guard.exe' - '0' Module(s) have been scanned
Scan process 'aawservice.exe' - '0' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'SmpSys.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'RoxWatchTray9.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'AppSvc32.exe' - '0' Module(s) have been scanned
Scan process 'ccSvcHst.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'SLsvc.exe' - '0' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'lsm.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'wininit.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
19 processes with 19 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0005
[NOTE] Please restart the search with Administrator rights
Boot sector 'E:\'
[NOTE] In the drive 'E:\' no data medium is inserted!
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '23' files ).


Starting the file scan:

Begin scan in 'C:\' <HDD>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VBDCAAK\ffa_dn[2]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4719591c.qua'!
C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VBDCAAK\nauj[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472d591b.qua'!
C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OENC1JV\kcehc_eicooc20070702[1]
[DETECTION] Is the Trojan horse TR/Click.MNB
[INFO] The file was moved to '471d5920.qua'!
C:\Users\jonathan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JSRKAJT8\dedamisha[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '471c5925.qua'!
C:\Users\jonathan\AppData\Local\Temp\tmp3D20.tmp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '47285967.qua'!
C:\Users\jonathan\AppData\Local\Temp\tmp82E4.tmp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '4728596a.qua'!
C:\Users\jonathan\AppData\Local\Temp\tmp9E25.tmp.dll
[DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
[INFO] The file was moved to '4728596d.qua'!
C:\Users\jonathan\AppData\Roaming\tmp144B.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47285998.qua'!
C:\Users\jonathan\AppData\Roaming\tmp14E5.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4728599b.qua'!
C:\Users\jonathan\AppData\Roaming\tmp1817.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4728599e.qua'!
C:\Users\jonathan\AppData\Roaming\tmp1D45.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859a1.qua'!
C:\Users\jonathan\AppData\Roaming\tmp26FB.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859a4.qua'!
C:\Users\jonathan\AppData\Roaming\tmp2A67.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859a7.qua'!
C:\Users\jonathan\AppData\Roaming\tmp2AC5.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859ac.qua'!
C:\Users\jonathan\AppData\Roaming\tmp3158.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f11.qua'!
C:\Users\jonathan\AppData\Roaming\tmp3390.tmp.exe
[DETECTION] Is the Trojan horse TR/Click.MNB
[INFO] The file was moved to '472859ae.qua'!
C:\Users\jonathan\AppData\Roaming\tmp3D20.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859ad.qua'!
C:\Users\jonathan\AppData\Roaming\tmp3F8C.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f12.qua'!
C:\Users\jonathan\AppData\Roaming\tmp42A3.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859af.qua'!
C:\Users\jonathan\AppData\Roaming\tmp57E1.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f0c.qua'!
C:\Users\jonathan\AppData\Roaming\tmp6BDE.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f13.qua'!
C:\Users\jonathan\AppData\Roaming\tmp6DF2.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859a8.qua'!
C:\Users\jonathan\AppData\Roaming\tmp6E52.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f15.qua'!
C:\Users\jonathan\AppData\Roaming\tmp7577.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b0.qua'!
C:\Users\jonathan\AppData\Roaming\tmp78DC.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f0d.qua'!
C:\Users\jonathan\AppData\Roaming\tmp80E.tmp.exe
[DETECTION] Is the Trojan horse TR/Click.MNB
[INFO] The file was moved to '45439355.qua'!
C:\Users\jonathan\AppData\Roaming\tmp812.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b2.qua'!
C:\Users\jonathan\AppData\Roaming\tmp82E4.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b1.qua'!
C:\Users\jonathan\AppData\Roaming\tmp8358.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f0e.qua'!
C:\Users\jonathan\AppData\Roaming\tmp8391.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b3.qua'!
C:\Users\jonathan\AppData\Roaming\tmp8E97.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f0f.qua'!
C:\Users\jonathan\AppData\Roaming\tmp8F37.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859aa.qua'!
C:\Users\jonathan\AppData\Roaming\tmp91D8.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f17.qua'!
C:\Users\jonathan\AppData\Roaming\tmp9710.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f19.qua'!
C:\Users\jonathan\AppData\Roaming\tmp979C.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f08.qua'!
C:\Users\jonathan\AppData\Roaming\tmp9E25.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b5.qua'!
C:\Users\jonathan\AppData\Roaming\tmpA1DB.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f0a.qua'!
C:\Users\jonathan\AppData\Roaming\tmpA839.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b4.qua'!
C:\Users\jonathan\AppData\Roaming\tmpAE5D.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f09.qua'!
C:\Users\jonathan\AppData\Roaming\tmpB009.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b6.qua'!
C:\Users\jonathan\AppData\Roaming\tmpB685.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b7.qua'!
C:\Users\jonathan\AppData\Roaming\tmpB7C3.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f04.qua'!
C:\Users\jonathan\AppData\Roaming\tmpB85E.tmp.exe
[DETECTION] Is the Trojan horse TR/Click.MNB
[INFO] The file was moved to '45439352.qua'!
C:\Users\jonathan\AppData\Roaming\tmpC15A.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b9.qua'!
C:\Users\jonathan\AppData\Roaming\tmpCDDD.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f0b.qua'!
C:\Users\jonathan\AppData\Roaming\tmpD3A0.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859a6.qua'!
C:\Users\jonathan\AppData\Roaming\tmpD7B4.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f1b.qua'!
C:\Users\jonathan\AppData\Roaming\tmpDA76.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f06.qua'!
C:\Users\jonathan\AppData\Roaming\tmpE7E4.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859bb.qua'!
C:\Users\jonathan\AppData\Roaming\tmpEC14.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f00.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF11D.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859bd.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF153.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859b8.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF156.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f05.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF2BA.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859ba.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF2F6.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f02.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF5F5.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859bf.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF6FE.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f7c.qua'!
C:\Users\jonathan\AppData\Roaming\tmpF85.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '45439f07.qua'!
C:\Users\jonathan\AppData\Roaming\tmpFB3E.tmp.exe
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '472859a0.qua'!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'D:\'
Search path D:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: mardi 7 août 2007 13:50
Used time: 32:38 min

The scan has been done completely.

12920 Scanning directories
247989 Files were scanned
59 viruses and/or unwanted programs were found
0 classified as suspicious:
0 files were deleted
0 files were repaired
59 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
247930 Files not concerned
2243 Archives were scanned
3 Warnings
5 Notes
0 Hidden objects were found
0
Réponse 9 / 14
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 14:23
en fait je suis en train de voir qu'il n'y a plus de pub mais quand je veux rentrer dans mes doc ou dans le disque dur de mon pc pour ouvrir un dossier j'ai l'ordi qui rame et je ne peux rien ouvrir merci encore pour tes reponses rapides JLPJLP.
0
Réponse 10 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 août 2007 à 14:23
tout à été mis en quarantaine
supprime ce qui est en quarantaine
puis rescanne avec


_______________

combofix (colle le rapport)

http://mickael.barroux.free.fr/securite/combofix.php










__________________


si tes pubs persistent:

colle un rapport hijackthis
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html


manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
0
Réponse 11 / 14
fausty66 Messages postés 54 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 9 août 2007 7
7 août 2007 à 14:23
CA avance bien ,si tu as fait un petit coup avec cleaner (remove fichiers temporaires) c'est encore mieux.
0
Réponse 12 / 14
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 14:42
pour les fenetres intempestives je crois que c'est bon merci combofix n'est pas compatible vista ,et si ce n'est pas trop vous demander avez vous une solution pour mon probleme au niveau des ouverture de mes docs et de l'ouverture de mon disque dur
0
Réponse 13 / 14
jonathandu13 Messages postés 15 Date d'inscription mardi 7 août 2007 Statut Membre Dernière intervention 8 août 2007 2
7 août 2007 à 14:45
c'est bon tout refonctionne comme il faut MERCI MERCI MERCI MERCI jlpjlp F.O.R.M.I.D.A.B.L.E.
0
Réponse 14 / 14
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
7 août 2007 à 18:10
si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)
------------------



utilise aussi pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare erreurs) sans la barre yahoo

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html







a plus
0

Discussions similaires

autocad :fenetre ouvir/enrigistrer a disparu
pierrrou -
Pnic974 -

65 réponses
j'ai perdu mon mot de passe sous vista
gregos -
Samy -

9 réponses
Caler une adresse au niveau de la fenêtre d'une enveloppe
®omain -
kent -

15 réponses