Redirection vers pub depuis google.
Fermé
Soari.
-
25 oct. 2007 à 15:48
Megan Fox Messages postés 410 Date d'inscription mercredi 8 août 2007 Statut Membre Dernière intervention 10 juin 2011 - 25 oct. 2007 à 20:20
Megan Fox Messages postés 410 Date d'inscription mercredi 8 août 2007 Statut Membre Dernière intervention 10 juin 2011 - 25 oct. 2007 à 20:20
A voir également:
- Redirection vers pub depuis google.
- Google maps satellite - Guide
- Dns google - Guide
- Youtube sans pub - Accueil - Streaming
- Google earth - Télécharger - 3D
- Netflix avec pub avis - Accueil - Streaming
7 réponses
Megan Fox
Messages postés
410
Date d'inscription
mercredi 8 août 2007
Statut
Membre
Dernière intervention
10 juin 2011
9
25 oct. 2007 à 16:00
25 oct. 2007 à 16:00
Salut Soari,
On va regarder pour commencer avec un log hijackthis
* Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre-le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
Clique sur "do a system scan and save logfile" (cf démo)
Faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
A+
On va regarder pour commencer avec un log hijackthis
* Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre-le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
Clique sur "do a system scan and save logfile" (cf démo)
Faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
A+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:07:30, on 25/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\lxcfcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 72.30.186.56 babelfish.yahoo.com
O1 - Hosts: 208.254.7.195 www.warhammeronline.com
O1 - Hosts: 193.252.123.5 www.war-europe.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{2164E559-AF26-49C3-990A-126AA5353C1F}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{3087229C-12A5-431E-AEE2-2DA5C4E5E990}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C170C4-38F4-4AB7-8FB6-613799517612}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.51 85.255.112.158
O17 - HKLM\System\CS1\Services\Tcpip\..\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.51 85.255.112.158
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Scan saved at 16:07:30, on 25/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\lxcfcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 72.30.186.56 babelfish.yahoo.com
O1 - Hosts: 208.254.7.195 www.warhammeronline.com
O1 - Hosts: 193.252.123.5 www.war-europe.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{2164E559-AF26-49C3-990A-126AA5353C1F}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{3087229C-12A5-431E-AEE2-2DA5C4E5E990}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C170C4-38F4-4AB7-8FB6-613799517612}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.51 85.255.112.158
O17 - HKLM\System\CS1\Services\Tcpip\..\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}: NameServer = 85.255.114.51,85.255.112.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.51 85.255.112.158
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Megan Fox
Messages postés
410
Date d'inscription
mercredi 8 août 2007
Statut
Membre
Dernière intervention
10 juin 2011
9
25 oct. 2007 à 16:15
25 oct. 2007 à 16:15
* Télécharge FixWareout de ce site sur le bureau:
http://downloads.subratam.org/Fixwareout.exe
* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt) avec un nouveau rapport HijackThis! dans ta prochaine réponse.
Quel est ton pare-feu?
http://downloads.subratam.org/Fixwareout.exe
* Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
*Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt) avec un nouveau rapport HijackThis! dans ta prochaine réponse.
Quel est ton pare-feu?
Fixwareout.
Username "Kabendji" - 25/10/2007 16:17:12 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdctq.exe"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.114.51 85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}
"nameserver"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{2164E559-AF26-49C3-990A-126AA5353C1F}
"nameserver"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{3087229C-12A5-431E-AEE2-2DA5C4E5E990}
"nameserver"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}
"DhcpNameServer"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{2164E559-AF26-49C3-990A-126AA5353C1F}
"DhcpNameServer"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{E9657A14-C46E-4136-994A-1D10D6843493}
"DhcpNameServer"="85.255.114.51,85.255.112.158" <Value cleared.
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Other
C:\WINDOWS\Temp\kdctq.ren 72254 13/06/2007
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Alcatel\\SpeedTouch USB\\Dragdiag.exe\" /icon"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"HControl"="C:\\WINDOWS\\ATK0100\\HControl.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Steam"=""
....
Hosts file was reset, If you use a custom hosts file please replace it...
C:\WINDOWS\repair\autoexec.nt missing
C:\WINDOWS\repair\Config.nt missing
~~~~~ End report ~~~~~
HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:58, on 25/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxcfcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJackThis\HijackThis.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C170C4-38F4-4AB7-8FB6-613799517612}: NameServer = 195.238.2.22 195.238.2.21
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Username "Kabendji" - 25/10/2007 16:17:12 [Fixwareout edited 9/01/2007]
~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdctq.exe"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.114.51 85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}
"nameserver"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{2164E559-AF26-49C3-990A-126AA5353C1F}
"nameserver"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{3087229C-12A5-431E-AEE2-2DA5C4E5E990}
"nameserver"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{193C68F1-F870-45A5-9DFD-413B0D2EEA1B}
"DhcpNameServer"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{2164E559-AF26-49C3-990A-126AA5353C1F}
"DhcpNameServer"="85.255.114.51,85.255.112.158" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{E9657A14-C46E-4136-994A-1D10D6843493}
"DhcpNameServer"="85.255.114.51,85.255.112.158" <Value cleared.
Cache de résolution DNS vidé.
System was rebooted successfully.
~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....
~~~~~ Other
C:\WINDOWS\Temp\kdctq.ren 72254 13/06/2007
~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Alcatel\\SpeedTouch USB\\Dragdiag.exe\" /icon"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"HControl"="C:\\WINDOWS\\ATK0100\\HControl.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"updateMgr"="C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_9"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Steam"=""
....
Hosts file was reset, If you use a custom hosts file please replace it...
C:\WINDOWS\repair\autoexec.nt missing
C:\WINDOWS\repair\Config.nt missing
~~~~~ End report ~~~~~
HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:58, on 25/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxcfcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJackThis\HijackThis.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C170C4-38F4-4AB7-8FB6-613799517612}: NameServer = 195.238.2.22 195.238.2.21
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Megan Fox
Messages postés
410
Date d'inscription
mercredi 8 août 2007
Statut
Membre
Dernière intervention
10 juin 2011
9
25 oct. 2007 à 17:00
25 oct. 2007 à 17:00
Bon on a déjà bien avancé,
Le pare-feu Windows xp ne fait que la moitié du travail, si tu veux un vrai pare-feu regarde ici:
Comme pare-feu, il y a kerio ou zonealarme qui sont bien. Je te laisse voir ici section firewall.
http://www.malekal.com/menu_tutorials_logiciels.php
* Relance HijackThis.
Choisis Do a scan only
Coche la case devant la ligne suivante
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Clique sur fix checked.
Ferme Hijackthis.
---------------------------------------------------------------
On va continuer avec un scan en ligne pour voir s'il n'y a pas d'autres petits trucs qui se cache.
Scanne ensuite ton PC avec BitDefender en ligne (uniquement sous Internet Explorer).
ouvre ce lien :
www.bitdefender.com/scan8/ie.html
Utilisation :
Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
Ensuite, cliquer sur "Cliquez ici pour scanner".
Patienter jusqu'à la fin du scan qui peut durer assez longtemps...
Copier/coller le rapport entier sur le forum.
Tutoriel en images ici : http://pageperso.aol.fr/rginformatique/mapage/defender.htm (merci à Balltrap34 pour cette réalisation)
A+
Le pare-feu Windows xp ne fait que la moitié du travail, si tu veux un vrai pare-feu regarde ici:
Comme pare-feu, il y a kerio ou zonealarme qui sont bien. Je te laisse voir ici section firewall.
http://www.malekal.com/menu_tutorials_logiciels.php
* Relance HijackThis.
Choisis Do a scan only
Coche la case devant la ligne suivante
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Clique sur fix checked.
Ferme Hijackthis.
---------------------------------------------------------------
On va continuer avec un scan en ligne pour voir s'il n'y a pas d'autres petits trucs qui se cache.
Scanne ensuite ton PC avec BitDefender en ligne (uniquement sous Internet Explorer).
ouvre ce lien :
www.bitdefender.com/scan8/ie.html
Utilisation :
Cliquer sur "J'accepte" puis accepter également l'ActiveX bloqué par la barre anti-popup du SP2 qui clignotera en haut et l'installer.
Ensuite, cliquer sur "Cliquez ici pour scanner".
Patienter jusqu'à la fin du scan qui peut durer assez longtemps...
Copier/coller le rapport entier sur le forum.
Tutoriel en images ici : http://pageperso.aol.fr/rginformatique/mapage/defender.htm (merci à Balltrap34 pour cette réalisation)
A+
BitDefender Online Scanner
Scan report generated at: Thu, Oct 25, 2007 - 19:05:33
Scan path: C:\;D:\;
Statistics
Time
01:21:03
Files
343295
Folders
9655
Boot Sectors
3
Archives
9053
Packed Files
15624
Results
Identified Viruses
4
Infected Files
22
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
22
Engines Info
Virus Definitions
858009
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0024934.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0024934.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0024934.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026281.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026281.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026281.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027628.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027628.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027628.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP171\A0033976.exe
Infected with: Trojan.DNSCHanger.QN
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP171\A0033976.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP171\A0033976.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP82\A0017833.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP82\A0017833.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP82\A0017833.exe
Deleted
C:\WINDOWS\Temp\kdctq.ren
Infected with: Trojan.DNSCHanger.QN
C:\WINDOWS\Temp\kdctq.ren
Disinfection failed
C:\WINDOWS\Temp\kdctq.ren
Deleted
Scan report generated at: Thu, Oct 25, 2007 - 19:05:33
Scan path: C:\;D:\;
Statistics
Time
01:21:03
Files
343295
Folders
9655
Boot Sectors
3
Archives
9053
Packed Files
15624
Results
Identified Viruses
4
Infected Files
22
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
22
Engines Info
Virus Definitions
858009
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
14
Archive plugins
38
Unpack plugins
7
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0024934.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0024934.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0024934.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025077.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP117\A0025103.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026281.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026281.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026281.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026424.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP118\A0026450.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027628.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027628.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027628.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027771.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP119\A0027797.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP171\A0033976.exe
Infected with: Trojan.DNSCHanger.QN
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP171\A0033976.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP171\A0033976.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Generic.59897
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)=>Setup.exe
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP76\A0016627.exe=>(CAB Sfx r)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0002
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0002
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0002
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0003
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0003
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0003
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0004
Infected with: Trojan.Spy.Agent.AR
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0004
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)=>bzip2_solid_nsis0004
Deleted
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP78\A0016742.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP82\A0017833.exe
Infected with: Trojan.Downloader.Agent.YMJ
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP82\A0017833.exe
Disinfection failed
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP82\A0017833.exe
Deleted
C:\WINDOWS\Temp\kdctq.ren
Infected with: Trojan.DNSCHanger.QN
C:\WINDOWS\Temp\kdctq.ren
Disinfection failed
C:\WINDOWS\Temp\kdctq.ren
Deleted
Megan Fox
Messages postés
410
Date d'inscription
mercredi 8 août 2007
Statut
Membre
Dernière intervention
10 juin 2011
9
25 oct. 2007 à 20:20
25 oct. 2007 à 20:20
On continue,
*Télécharge Ccleaner:
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !
->Lance CCleaner.
Suppression des fichiers temporaires
Va dans la section "Options" situé dans la marge gauche.
Décoche "Avancé"
Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes ces cases dans la marge gauche (Internet Explorer/Windows Explorer/Système)
• Clique sur [Analyse]
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur [Lancer le Nettoyage]
------------------------------------------------------------
Télécharge AVG anti spyware
https://www.01net.com/telecharger/
Mets le a jour avant de lancer le scan.
Tuto :
https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/
->Lance AVG pour un scan complet "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau et [copie/colle le rapport en forum]
Bonne soirée
A+
*Télécharge Ccleaner:
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Tuto :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
Lors de l’installation, [décoche] l’option qui t’installerait la barre Yahoo !
->Lance CCleaner.
Suppression des fichiers temporaires
Va dans la section "Options" situé dans la marge gauche.
Décoche "Avancé"
Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes ces cases dans la marge gauche (Internet Explorer/Windows Explorer/Système)
• Clique sur [Analyse]
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur [Lancer le Nettoyage]
------------------------------------------------------------
Télécharge AVG anti spyware
https://www.01net.com/telecharger/
Mets le a jour avant de lancer le scan.
Tuto :
https://www.malekal.com/avg-antivirus-free-antivirus-gratuit-pour-proteger-son-pc-des-virus/
->Lance AVG pour un scan complet "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau et [copie/colle le rapport en forum]
Bonne soirée
A+