Voila mon hijackthis qui peut m' aider merci
Résolu/Fermé
eric
-
6 nov. 2007 à 16:14
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 17 nov. 2007 à 11:05
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 17 nov. 2007 à 11:05
A voir également:
- Voila mon hijackthis qui peut m' aider merci
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Des problèmes sont survenus lors de l'installation des mises à jour, mais nous réessaierons ultérieurement. si le problème persiste et que vous souhaitez rechercher des informations sur internet ou contacter l'assistance pour en obtenir, ceci peut vous aider : (0x80070643) ✓ - Forum Windows 10
- Erreur 0x80070643 ✓ - Forum Windows
- Le serveur ne peut pas traiter l’image. cela peut se produire si le serveur est occupé ou ne dispose pas de suffisamment de ressources pour terminer la tâche. téléverser une image plus petite peut aider. la taille maximale suggérée est de 2560 pixels. ✓ - Forum Wordpress
- En préparant son diaporama, tom a pris quelques notes qui l'aideront lors de sa présentation. quand il présentera l'âne, il a prévu de raconter une anecdote sur cet animal. comment s'appelle l'âne de son histoire ? - Forum Powerpoint
200 réponses
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 00:17
16 nov. 2007 à 00:17
bon tres bien
tu peux commencer a supprimer/desinstaller les outils que nous avons utilisés
comment ce comporte ton pc?
je reviendrais que demain, je vais rejoindre morphée
bonne nuit
@+
tu peux commencer a supprimer/desinstaller les outils que nous avons utilisés
comment ce comporte ton pc?
je reviendrais que demain, je vais rejoindre morphée
bonne nuit
@+
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 00:22
16 nov. 2007 à 00:22
Ok g!rly je vais supprimer tout !!!!
mon pc rien de special !!!
par contre antivir a nouveau detecte des virus !!! je les ai mis en quarantaine
bonne nuit et encore merci
a demain
tchao
mon pc rien de special !!!
par contre antivir a nouveau detecte des virus !!! je les ai mis en quarantaine
bonne nuit et encore merci
a demain
tchao
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 09:37
16 nov. 2007 à 09:37
Bjr g!rly, au demarage de mon pc ce matin, le gestionnaire internet ne s' est plus mis en route automatiquement !! il y avait un mess d' erreur me disant qu 'il ne pouvait pas s' ouvrir, c normal !!! Sino j' ai commencé a desinstal tout les progr que tu m' avais fait instal, mis a part quelques un !!! par contre mon pc est tjr aussi long a demarrer, c normal !!!
je vais m' absenter quelques heures alors si je dois executer quelque chose met moi un post, je te dis a plus tard !!
merci a toi
je vais m' absenter quelques heures alors si je dois executer quelque chose met moi un post, je te dis a plus tard !!
merci a toi
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 09:58
16 nov. 2007 à 09:58
salut eric,
qu´appel tu le gestionnaiire internet?
quelles sont les virus detectés hier soir par antivir? si tu pouvais me donner le nom des fichiers et le chemins, tu les verras dans les evenement d´antivir.
@+
qu´appel tu le gestionnaiire internet?
quelles sont les virus detectés hier soir par antivir? si tu pouvais me donner le nom des fichiers et le chemins, tu les verras dans les evenement d´antivir.
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 11:20
16 nov. 2007 à 11:20
Bjr g!rly, avant lors du demarrage de mon pc le navigateur internet s' ouvrait en meme temps !! mais c pas grave je le lance par la suite !!! par contre antivir est en anglais c normal !!! il detecte encore des virus et me demande si je veux les mettre en quarantaine !!! comme je suis nul en anglais je galere un peu !!!
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 11:45
16 nov. 2007 à 11:45
oui antivir est en anglais
regarde dans la quarantaine et dis moi le nom des virus ou alors tu peux les voir aussi dans l´onglet events en clickant sur l´evenement en question
je voudrait savoir aussi le chemin
exemple :
C:\Documents and Settings\xxx\Local Settings\Temp\abdvhg5y.exe.
Action performed: Delete file
regarde dans la quarantaine et dis moi le nom des virus ou alors tu peux les voir aussi dans l´onglet events en clickant sur l´evenement en question
je voudrait savoir aussi le chemin
exemple :
C:\Documents and Settings\xxx\Local Settings\Temp\abdvhg5y.exe.
Action performed: Delete file
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 12:08
16 nov. 2007 à 12:08
voila events
Exported events:
16/11/2007 11:04 [Guard] Malware found
Virus or unwanted program 'TR/BHO.RF [TR/BHO.RF]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222350.dll.
Action performed: Move file to quarantine
16/11/2007 09:23 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
16/11/2007 09:22 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
16/11/2007 01:58 [Guard] Service stopped
Service stopped.
16/11/2007 01:57 [Scheduler] Service stopped
The service was stopped.
15/11/2007 22:24 [Guard] Malware found
Virus or unwanted program 'TR/BHO.RG [TR/BHO.RG]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222349.dll.
Action performed: Move file to quarantine
15/11/2007 21:36 [Guard] Malware found
Virus or unwanted program 'TR/Dldr.ConHook.Gen [TR/Dldr.ConHook.Gen]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222348.dll.
Action performed: Move file to quarantine
15/11/2007 21:11 [Guard] Malware found
Virus or unwanted program 'TR/BHO.RG [TR/BHO.RG]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222347.dll.
Action performed: Move file to quarantine
15/11/2007 20:19 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 20:19 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 13:12 [Scheduler] Service stopped
The service was stopped.
15/11/2007 12:04 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 12:03 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 12:03 [Guard] Service stopped
Service stopped.
15/11/2007 12:03 [Scheduler] Service stopped
The service was stopped.
15/11/2007 12:01 [Scanner] Scan performed
Scan ended [The scan has been canceled!].
Number of files: 1526
Number of folders: 174
Number of malware: 0
Number of alerts: 2
15/11/2007 12:00 [Scheduler] Job started
The job "Complete System Scan"
was started successfully.
15/11/2007 11:46 [Scanner] Scan performed
Scan ended [The scan has been canceled!].
Number of files: 19
Number of folders: 0
Number of malware: 0
Number of alerts: 0
15/11/2007 11:42 [Scanner] Scan performed
Scan ended [The scan has been canceled!].
Number of files: 83
Number of folders: 1
Number of malware: 0
Number of alerts: 0
15/11/2007 11:35 [Scheduler] Job started
The job "Complete system scan"
was started successfully.
15/11/2007 11:33 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 11:32 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 11:26 [Scanner] Scan performed
Scan ended [The scan has been done completely.].
Number of files: 175478
Number of folders: 4126
Number of malware: 15
Number of alerts: 1
15/11/2007 11:21 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47a91e0c.qua"!
15/11/2007 11:21 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "479f1e12.qua"!
15/11/2007 11:20 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47b11de9.qua"!
15/11/2007 11:20 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "479f1dea.qua"!
15/11/2007 11:20 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Vundo.CA' [trojan]
Action(s) taken:
The file was moved to "47b11db8.qua"!
15/11/2007 11:19 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RD' [trojan]
Action(s) taken:
The file was moved to "47a81db5.qua"!
15/11/2007 11:19 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "47ab1d91.qua"!
15/11/2007 11:18 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RF' [trojan]
Action(s) taken:
The file was moved to "47ab1d47.qua"!
15/11/2007 11:17 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47b51d40.qua"!
15/11/2007 11:17 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "47a31d3c.qua"!
15/11/2007 11:17 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47b11d27.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Vundo.CA' [trojan]
Action(s) taken:
The file was moved to "47aa163f.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Trash.Gen' [trojan]
Action(s) taken:
The file was moved to "479f161b.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "47b5161d.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "479f1616.qua"!
15/11/2007 10:03 [Guard] Service stopped
Service stopped.
15/11/2007 10:02 [Scheduler] Service stopped
The service was stopped.
15/11/2007 09:53 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 09:52 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 09:52 [Guard] Service stopped
Service stopped.
15/11/2007 09:52 [Scheduler] Service stopped
The service was stopped.
15/11/2007 09:46 [Updater] Update performed
Update performed successfully from http://dl7.avgate.net
10 new files downloaded and installed.
15/11/2007 09:46 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 09:46 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 09:45 [Guard] Service stopped
Service stopped.
15/11/2007 09:45 [Scheduler] Service stopped
The service was stopped.
15/11/2007 09:41 [Scheduler] Job started
The job "Immediate Update"
was started successfully.
15/11/2007 09:40 [Guard] Service started
Service started.
Version of service: 7.0.0.81
Version of Engine: 7.6.0.15
Version of VDF: 7.0.0.2
15/11/2007 09:40 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
Exported events:
16/11/2007 11:04 [Guard] Malware found
Virus or unwanted program 'TR/BHO.RF [TR/BHO.RF]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222350.dll.
Action performed: Move file to quarantine
16/11/2007 09:23 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
16/11/2007 09:22 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
16/11/2007 01:58 [Guard] Service stopped
Service stopped.
16/11/2007 01:57 [Scheduler] Service stopped
The service was stopped.
15/11/2007 22:24 [Guard] Malware found
Virus or unwanted program 'TR/BHO.RG [TR/BHO.RG]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222349.dll.
Action performed: Move file to quarantine
15/11/2007 21:36 [Guard] Malware found
Virus or unwanted program 'TR/Dldr.ConHook.Gen [TR/Dldr.ConHook.Gen]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222348.dll.
Action performed: Move file to quarantine
15/11/2007 21:11 [Guard] Malware found
Virus or unwanted program 'TR/BHO.RG [TR/BHO.RG]'
detected in file 'C:\System Volume
Information\_restore{05A02B45-3142-4C97-9696-A85294FF8E99}\RP488\A0222347.dll.
Action performed: Move file to quarantine
15/11/2007 20:19 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 20:19 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 13:12 [Scheduler] Service stopped
The service was stopped.
15/11/2007 12:04 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 12:03 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 12:03 [Guard] Service stopped
Service stopped.
15/11/2007 12:03 [Scheduler] Service stopped
The service was stopped.
15/11/2007 12:01 [Scanner] Scan performed
Scan ended [The scan has been canceled!].
Number of files: 1526
Number of folders: 174
Number of malware: 0
Number of alerts: 2
15/11/2007 12:00 [Scheduler] Job started
The job "Complete System Scan"
was started successfully.
15/11/2007 11:46 [Scanner] Scan performed
Scan ended [The scan has been canceled!].
Number of files: 19
Number of folders: 0
Number of malware: 0
Number of alerts: 0
15/11/2007 11:42 [Scanner] Scan performed
Scan ended [The scan has been canceled!].
Number of files: 83
Number of folders: 1
Number of malware: 0
Number of alerts: 0
15/11/2007 11:35 [Scheduler] Job started
The job "Complete system scan"
was started successfully.
15/11/2007 11:33 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 11:32 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 11:26 [Scanner] Scan performed
Scan ended [The scan has been done completely.].
Number of files: 175478
Number of folders: 4126
Number of malware: 15
Number of alerts: 1
15/11/2007 11:21 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47a91e0c.qua"!
15/11/2007 11:21 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "479f1e12.qua"!
15/11/2007 11:20 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47b11de9.qua"!
15/11/2007 11:20 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "479f1dea.qua"!
15/11/2007 11:20 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Vundo.CA' [trojan]
Action(s) taken:
The file was moved to "47b11db8.qua"!
15/11/2007 11:19 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RD' [trojan]
Action(s) taken:
The file was moved to "47a81db5.qua"!
15/11/2007 11:19 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "47ab1d91.qua"!
15/11/2007 11:18 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RF' [trojan]
Action(s) taken:
The file was moved to "47ab1d47.qua"!
15/11/2007 11:17 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47b51d40.qua"!
15/11/2007 11:17 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "47a31d3c.qua"!
15/11/2007 11:17 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/BHO.RG' [trojan]
Action(s) taken:
The file was moved to "47b11d27.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Vundo.CA' [trojan]
Action(s) taken:
The file was moved to "47aa163f.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Trash.Gen' [trojan]
Action(s) taken:
The file was moved to "479f161b.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "47b5161d.qua"!
15/11/2007 10:47 [Scanner] Malware found
The file contains a virus or unwanted program 'TR/Dldr.ConHook.Gen' [trojan]
Action(s) taken:
The file was moved to "479f1616.qua"!
15/11/2007 10:03 [Guard] Service stopped
Service stopped.
15/11/2007 10:02 [Scheduler] Service stopped
The service was stopped.
15/11/2007 09:53 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 09:52 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 09:52 [Guard] Service stopped
Service stopped.
15/11/2007 09:52 [Scheduler] Service stopped
The service was stopped.
15/11/2007 09:46 [Updater] Update performed
Update performed successfully from http://dl7.avgate.net
10 new files downloaded and installed.
15/11/2007 09:46 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
15/11/2007 09:46 [Guard] Service started
Service started.
Version of service: 7.0.0.82
Version of Engine: 7.6.0.34
Version of VDF: 7.0.0.218
15/11/2007 09:45 [Guard] Service stopped
Service stopped.
15/11/2007 09:45 [Scheduler] Service stopped
The service was stopped.
15/11/2007 09:41 [Scheduler] Job started
The job "Immediate Update"
was started successfully.
15/11/2007 09:40 [Guard] Service started
Service started.
Version of service: 7.0.0.81
Version of Engine: 7.6.0.15
Version of VDF: 7.0.0.2
15/11/2007 09:40 [Scheduler] Service started
The service was started.
Version of service 7.0.0.62
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 12:24
16 nov. 2007 à 12:24
peux tu reposter un hijack this stp
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 12:27
16 nov. 2007 à 12:27
VOILA
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:31:48, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:31:48, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 12:33
16 nov. 2007 à 12:33
peux tu renommer hijackthis.exe en scan.exe
pour cela tu click droit sur hijackthis.exe et dans l´arborescence tu fait renommer puis tu l´appel scan.exe et tu refais un rapport et le poste
pour cela tu click droit sur hijackthis.exe et dans l´arborescence tu fait renommer puis tu l´appel scan.exe et tu refais un rapport et le poste
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 12:36
16 nov. 2007 à 12:36
VOILA
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:06, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:06, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Trust\302KS\Keyboard\KbdAp32A.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE
O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Trust\302KS\Mouse\mouse32a.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - file:///C:/Documents%20and%20Settings/Client/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v6.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Client\Bureau\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 13:02
16 nov. 2007 à 13:02
eric,
nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...
http://www.infosecu.fr/atf.html
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
tiens moi aucourrant
car la je ne voie plus trace d´infection dans les rapports...
nettoie tes fichiers temporaires avec ceci : atf cleaner, regarde le tuto...
http://www.infosecu.fr/atf.html
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
tiens moi aucourrant
car la je ne voie plus trace d´infection dans les rapports...
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 13:33
16 nov. 2007 à 13:33
voila g!rly j' ai executé tes ordres !!
pourquoi mon pc est tres lent a l' ouverture !!!
donc je peux desinstal le reste et garde uniquement kerio, antivir, et AVG anti spyware je dois le garde ou pas !!!
comment voir si j' ai encore des virus ??????
pourquoi mon pc est tres lent a l' ouverture !!!
donc je peux desinstal le reste et garde uniquement kerio, antivir, et AVG anti spyware je dois le garde ou pas !!!
comment voir si j' ai encore des virus ??????
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 13:50
16 nov. 2007 à 13:50
pour le demarrage a l´aide de hijack this coche et fix ceci :
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
rien ne sera effacé juste les entrées vont plus se lancer au demarrage ca devrait un peu alleger le demarrage
comment fixer :
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
puis nettoie ton registre avec ceci :
telecharge et instal regcleaner:
http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html
tutorial :
http://www.softastuces.com/tuto/maint/regcleaner/
oui desinstale les autres outil a part kerio antivir et avg tu peux le garder aussi
on va attendre un peu, car comme je te l´ai dis je ne voie plus de trace d´infection dans hijack this ou le dernier combo fix > fais moi savoir si tu as d´autres alertes d´antivir...
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
rien ne sera effacé juste les entrées vont plus se lancer au demarrage ca devrait un peu alleger le demarrage
comment fixer :
Tutoriel d´utilisation (video) :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
puis nettoie ton registre avec ceci :
telecharge et instal regcleaner:
http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html
tutorial :
http://www.softastuces.com/tuto/maint/regcleaner/
oui desinstale les autres outil a part kerio antivir et avg tu peux le garder aussi
on va attendre un peu, car comme je te l´ai dis je ne voie plus de trace d´infection dans hijack this ou le dernier combo fix > fais moi savoir si tu as d´autres alertes d´antivir...
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 14:44
16 nov. 2007 à 14:44
voila g!rly j' ai fais le nettoyage de registre avec regcleaner je dois rien faire de plus car je l' ai laisse ouvert !!!
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 15:10
16 nov. 2007 à 15:10
pour le moment non...
tiens moi au courrant
@+
tiens moi au courrant
@+
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
16 nov. 2007 à 15:14
16 nov. 2007 à 15:14
Ok et encore un grand merci a toi, t' es vraiment sympa !!!!
Bonne continuation et je te tiendrai au courant sans probleme ...
tchao
Bonne continuation et je te tiendrai au courant sans probleme ...
tchao
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
16 nov. 2007 à 15:30
16 nov. 2007 à 15:30
de rien ;-)
a bientot
a bientot
ericdu57
Messages postés
181
Date d'inscription
mercredi 7 novembre 2007
Statut
Membre
Dernière intervention
22 mars 2008
17 nov. 2007 à 10:55
17 nov. 2007 à 10:55
Coucou g!rly, alors je voulais juste te dire que je n' ai plus de message d' erreur au demarrage !!!
Et que la derniere analyse de mon pc par antivir n' a rien detecté !!!
Plus de virus a l' horizon ...
Encore merci a toi
Et a+ si necessaire
Tchao
Et que la derniere analyse de mon pc par antivir n' a rien detecté !!!
Plus de virus a l' horizon ...
Encore merci a toi
Et a+ si necessaire
Tchao
g!rly
Messages postés
18209
Date d'inscription
vendredi 17 août 2007
Statut
Contributeur
Dernière intervention
30 novembre 2014
406
17 nov. 2007 à 11:05
17 nov. 2007 à 11:05
salut eric,
et bien je suis bien contente de l´apprendre :D
j´ai eu une petite crainte en te voyant poster...
c´est gentil de me tenir au courrant ,-)
passe un bon week end!
@+ si nessaire comme tu dis.
c!@0`
et bien je suis bien contente de l´apprendre :D
j´ai eu une petite crainte en te voyant poster...
c´est gentil de me tenir au courrant ,-)
passe un bon week end!
@+ si nessaire comme tu dis.
c!@0`
