Fenetres intempestives!!!
Résolu
zsimo
Messages postés
33
Date d'inscription
Statut
Membre
Dernière intervention
-
^^Marie^^ Messages postés 126523 Statut Membre -
^^Marie^^ Messages postés 126523 Statut Membre -
Bonjour,
cela fais preque une semaine que chaque fois que je me connecte sur internet je recois des fenetres intempestives me disant d'acheter des antiverus ou des antispywar tel: viruseffaceur ou diqudurprotection. j'ai aussi 3 ou 4 chevales de troie détéctés par avst à chaque demarage dans les fichiers temp de windows. j'ai essayé de faire le tour du forum pour voir si quelqu'un a pu avoir une solution à un tel probleme mais malheurement je n'ai rien trouvé.
alors j'ai fais un scan avec HijackThis et voila le resultat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:51:28, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\avast4\aswUpdSv.exe
D:\avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\veoh tv\VeohClient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Menara\dslmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\veoh tv\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\quick time\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "D:\veoh tv\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ADILOOK Français sur disque C.LNK = C:\COKTEL\ADI4\ADILOOK.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1A4CCE6-A386-4029-A584-52DD232C4BA9}: NameServer = 212.217.0.3 196.217.246.210
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
cela fais preque une semaine que chaque fois que je me connecte sur internet je recois des fenetres intempestives me disant d'acheter des antiverus ou des antispywar tel: viruseffaceur ou diqudurprotection. j'ai aussi 3 ou 4 chevales de troie détéctés par avst à chaque demarage dans les fichiers temp de windows. j'ai essayé de faire le tour du forum pour voir si quelqu'un a pu avoir une solution à un tel probleme mais malheurement je n'ai rien trouvé.
alors j'ai fais un scan avec HijackThis et voila le resultat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:51:28, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\avast4\aswUpdSv.exe
D:\avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\veoh tv\VeohClient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Menara\dslmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\veoh tv\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\quick time\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "D:\veoh tv\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ADILOOK Français sur disque C.LNK = C:\COKTEL\ADI4\ADILOOK.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1A4CCE6-A386-4029-A584-52DD232C4BA9}: NameServer = 212.217.0.3 196.217.246.210
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
A voir également:
- Fenetres intempestives!!!
- Afficher toutes les fenetres ouvertes windows - Guide
- Afficher toutes les fenetres ouvertes windows 11 - Guide
- Il semble que les fenêtres surgissantes sont bloquées, ce qui a stoppé l'exécution de ce scorm. veuillez vérifier les réglages de votre navigateur avant de recommencer. ✓ - Forum MacOS
- Comment ouvrir plusieurs fenêtres sur windows 10 - Guide
- Mon clavier n'écrit plus et ouvre des fenetres ✓ - Forum Virus
27 réponses
j'ai compté sur toi et la j'ai un probléme, une fenetre s'ouvre ou je trouve c:\windows\system32\bptupnfc.dll n'est pas une image windows valide. vérifichier grace à ladisquette d'instalation
et voila le rapport
VundoFix V6.7.7
Checking Java version...
Scan started at 00:14:23 01/01/2000
Listing files found while scanning....
C:\windows\system32\awvvv.dll
C:\WINDOWS\system32\cbxxwus.dll
C:\WINDOWS\system32\cbxywus.dll
C:\WINDOWS\system32\fcccyya.dll
C:\WINDOWS\system32\hggddda.dll
C:\WINDOWS\system32\hgggfeb.dll
C:\WINDOWS\system32\iifcbaa.dll
C:\WINDOWS\system32\jkkifgg.dll
C:\WINDOWS\system32\jkklijg.dll
C:\WINDOWS\system32\khfgddc.dll
C:\WINDOWS\system32\mljggge.dll
C:\WINDOWS\system32\mljjhii.dll
C:\WINDOWS\system32\opnlijh.dll
C:\WINDOWS\system32\qommmlm.dll
C:\windows\system32\spxzfceg.dllbox
C:\WINDOWS\system32\ssqomnl.dll
C:\WINDOWS\system32\ssqqomm.dll
C:\WINDOWS\system32\vtuuuvv.dll
C:\windows\system32\vvvwa.ini
C:\windows\system32\vvvwa.ini2
C:\WINDOWS\system32\wvusqnm.dll
C:\WINDOWS\system32\xxyyywx.dll
C:\WINDOWS\system32\yayvtut.dll
C:\WINDOWS\system32\yayvvvt.dll
Beginning removal...
Beginning removal...
Attempting to delete C:\windows\system32\awvvv.dll
C:\windows\system32\awvvv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxxwus.dll
C:\WINDOWS\system32\cbxxwus.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxywus.dll
C:\WINDOWS\system32\cbxywus.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fcccyya.dll
C:\WINDOWS\system32\fcccyya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggddda.dll
C:\WINDOWS\system32\hggddda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggfeb.dll
C:\WINDOWS\system32\hgggfeb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcbaa.dll
C:\WINDOWS\system32\iifcbaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkifgg.dll
C:\WINDOWS\system32\jkkifgg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkklijg.dll
C:\WINDOWS\system32\jkklijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfgddc.dll
C:\WINDOWS\system32\khfgddc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljggge.dll
C:\WINDOWS\system32\mljggge.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljjhii.dll
C:\WINDOWS\system32\mljjhii.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\opnlijh.dll
C:\WINDOWS\system32\opnlijh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qommmlm.dll
C:\WINDOWS\system32\qommmlm.dll Has been deleted!
Attempting to delete C:\windows\system32\spxzfceg.dllbox
C:\windows\system32\spxzfceg.dllbox Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqomnl.dll
C:\WINDOWS\system32\ssqomnl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqqomm.dll
C:\WINDOWS\system32\ssqqomm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtuuuvv.dll
C:\WINDOWS\system32\vtuuuvv.dll Has been deleted!
Attempting to delete C:\windows\system32\vvvwa.ini
C:\windows\system32\vvvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\vvvwa.ini2
C:\windows\system32\vvvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvusqnm.dll
C:\WINDOWS\system32\wvusqnm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\xxyyywx.dll
C:\WINDOWS\system32\xxyyywx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yayvtut.dll
C:\WINDOWS\system32\yayvtut.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yayvvvt.dll
C:\WINDOWS\system32\yayvvvt.dll Has been deleted!
Performing Repairs to the registry.
Done!
et voila le rapport
VundoFix V6.7.7
Checking Java version...
Scan started at 00:14:23 01/01/2000
Listing files found while scanning....
C:\windows\system32\awvvv.dll
C:\WINDOWS\system32\cbxxwus.dll
C:\WINDOWS\system32\cbxywus.dll
C:\WINDOWS\system32\fcccyya.dll
C:\WINDOWS\system32\hggddda.dll
C:\WINDOWS\system32\hgggfeb.dll
C:\WINDOWS\system32\iifcbaa.dll
C:\WINDOWS\system32\jkkifgg.dll
C:\WINDOWS\system32\jkklijg.dll
C:\WINDOWS\system32\khfgddc.dll
C:\WINDOWS\system32\mljggge.dll
C:\WINDOWS\system32\mljjhii.dll
C:\WINDOWS\system32\opnlijh.dll
C:\WINDOWS\system32\qommmlm.dll
C:\windows\system32\spxzfceg.dllbox
C:\WINDOWS\system32\ssqomnl.dll
C:\WINDOWS\system32\ssqqomm.dll
C:\WINDOWS\system32\vtuuuvv.dll
C:\windows\system32\vvvwa.ini
C:\windows\system32\vvvwa.ini2
C:\WINDOWS\system32\wvusqnm.dll
C:\WINDOWS\system32\xxyyywx.dll
C:\WINDOWS\system32\yayvtut.dll
C:\WINDOWS\system32\yayvvvt.dll
Beginning removal...
Beginning removal...
Attempting to delete C:\windows\system32\awvvv.dll
C:\windows\system32\awvvv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxxwus.dll
C:\WINDOWS\system32\cbxxwus.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\cbxywus.dll
C:\WINDOWS\system32\cbxywus.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\fcccyya.dll
C:\WINDOWS\system32\fcccyya.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hggddda.dll
C:\WINDOWS\system32\hggddda.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hgggfeb.dll
C:\WINDOWS\system32\hgggfeb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\iifcbaa.dll
C:\WINDOWS\system32\iifcbaa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkkifgg.dll
C:\WINDOWS\system32\jkkifgg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jkklijg.dll
C:\WINDOWS\system32\jkklijg.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\khfgddc.dll
C:\WINDOWS\system32\khfgddc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljggge.dll
C:\WINDOWS\system32\mljggge.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljjhii.dll
C:\WINDOWS\system32\mljjhii.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\opnlijh.dll
C:\WINDOWS\system32\opnlijh.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\qommmlm.dll
C:\WINDOWS\system32\qommmlm.dll Has been deleted!
Attempting to delete C:\windows\system32\spxzfceg.dllbox
C:\windows\system32\spxzfceg.dllbox Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqomnl.dll
C:\WINDOWS\system32\ssqomnl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqqomm.dll
C:\WINDOWS\system32\ssqqomm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vtuuuvv.dll
C:\WINDOWS\system32\vtuuuvv.dll Has been deleted!
Attempting to delete C:\windows\system32\vvvwa.ini
C:\windows\system32\vvvwa.ini Has been deleted!
Attempting to delete C:\windows\system32\vvvwa.ini2
C:\windows\system32\vvvwa.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\wvusqnm.dll
C:\WINDOWS\system32\wvusqnm.dll Could not be deleted.
Attempting to delete C:\WINDOWS\system32\xxyyywx.dll
C:\WINDOWS\system32\xxyyywx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yayvtut.dll
C:\WINDOWS\system32\yayvtut.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\yayvvvt.dll
C:\WINDOWS\system32\yayvvvt.dll Has been deleted!
Performing Repairs to the registry.
Done!
et voila l'autre rapport :
[01/01/2000, 1:27:51] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Winxp\Bureau\VirtumundoBeGone.exe" )
[01/01/2000, 1:28:07] - Detected System Information:
[01/01/2000, 1:28:07] - Windows Version: 5.1.2600, Service Pack 2
[01/01/2000, 1:28:07] - Current Username: Winxp (Admin)
[01/01/2000, 1:28:07] - Windows is in NORMAL mode.
[01/01/2000, 1:28:07] - Searching for Browser Helper Objects:
[01/01/2000, 1:28:07] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[01/01/2000, 1:28:07] - BHO 2: {0A87E45F-537A-40B4-B812-E2544C21A09F} (SpywareBlock Class)
[01/01/2000, 1:28:07] - BHO 3: {24C61C09-62C0-42ED-B640-53F7FEC9098A} ()
[01/01/2000, 1:28:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:07] - Checking for HKLM\...\Winlogon\Notify\wvusqnm
[01/01/2000, 1:28:07] - Key not found: HKLM\...\Winlogon\Notify\wvusqnm, continuing.
[01/01/2000, 1:28:07] - BHO 4: {40868A62-EBC6-406C-BEC6-56970D76498A} ()
[01/01/2000, 1:28:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:07] - Checking for HKLM\...\Winlogon\Notify\pmkhh
[01/01/2000, 1:28:07] - Key not found: HKLM\...\Winlogon\Notify\pmkhh, continuing.
[01/01/2000, 1:28:07] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[01/01/2000, 1:28:07] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[01/01/2000, 1:28:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:08] - No filename found. Continuing.
[01/01/2000, 1:28:08] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[01/01/2000, 1:28:08] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[01/01/2000, 1:28:08] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[01/01/2000, 1:28:08] - BHO 10: {D0F58369-B583-44E2-AE88-ED346994E177} ()
[01/01/2000, 1:28:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:08] - Checking for HKLM\...\Winlogon\Notify\awvvv
[01/01/2000, 1:28:08] - Key not found: HKLM\...\Winlogon\Notify\awvvv, continuing.
[01/01/2000, 1:28:08] - Finished Searching Browser Helper Objects
[01/01/2000, 1:28:08] - Finishing up...
[01/01/2000, 1:28:08] - Nothing found! Exiting...
[01/01/2000, 1:27:51] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Winxp\Bureau\VirtumundoBeGone.exe" )
[01/01/2000, 1:28:07] - Detected System Information:
[01/01/2000, 1:28:07] - Windows Version: 5.1.2600, Service Pack 2
[01/01/2000, 1:28:07] - Current Username: Winxp (Admin)
[01/01/2000, 1:28:07] - Windows is in NORMAL mode.
[01/01/2000, 1:28:07] - Searching for Browser Helper Objects:
[01/01/2000, 1:28:07] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[01/01/2000, 1:28:07] - BHO 2: {0A87E45F-537A-40B4-B812-E2544C21A09F} (SpywareBlock Class)
[01/01/2000, 1:28:07] - BHO 3: {24C61C09-62C0-42ED-B640-53F7FEC9098A} ()
[01/01/2000, 1:28:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:07] - Checking for HKLM\...\Winlogon\Notify\wvusqnm
[01/01/2000, 1:28:07] - Key not found: HKLM\...\Winlogon\Notify\wvusqnm, continuing.
[01/01/2000, 1:28:07] - BHO 4: {40868A62-EBC6-406C-BEC6-56970D76498A} ()
[01/01/2000, 1:28:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:07] - Checking for HKLM\...\Winlogon\Notify\pmkhh
[01/01/2000, 1:28:07] - Key not found: HKLM\...\Winlogon\Notify\pmkhh, continuing.
[01/01/2000, 1:28:07] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[01/01/2000, 1:28:07] - BHO 6: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[01/01/2000, 1:28:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:08] - No filename found. Continuing.
[01/01/2000, 1:28:08] - BHO 7: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[01/01/2000, 1:28:08] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[01/01/2000, 1:28:08] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[01/01/2000, 1:28:08] - BHO 10: {D0F58369-B583-44E2-AE88-ED346994E177} ()
[01/01/2000, 1:28:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/01/2000, 1:28:08] - Checking for HKLM\...\Winlogon\Notify\awvvv
[01/01/2000, 1:28:08] - Key not found: HKLM\...\Winlogon\Notify\awvvv, continuing.
[01/01/2000, 1:28:08] - Finished Searching Browser Helper Objects
[01/01/2000, 1:28:08] - Finishing up...
[01/01/2000, 1:28:08] - Nothing found! Exiting...
et enfin celui de hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:30:05, on 01/01/2000
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
D:\avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
D:\avast4\ashMaiSv.exe
D:\avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\veoh tv\VeohClient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Menara\dslmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\veoh tv\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\quick time\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "D:\veoh tv\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ADILOOK Français sur disque C.LNK = C:\COKTEL\ADI4\ADILOOK.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1A4CCE6-A386-4029-A584-52DD232C4BA9}: NameServer = 212.217.0.3 196.217.246.210
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:30:05, on 01/01/2000
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
D:\avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
D:\avast4\ashMaiSv.exe
D:\avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\veoh tv\VeohClient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Menara\dslmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\veoh tv\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\quick time\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "D:\veoh tv\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ADILOOK Français sur disque C.LNK = C:\COKTEL\ADI4\ADILOOK.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1A4CCE6-A386-4029-A584-52DD232C4BA9}: NameServer = 212.217.0.3 196.217.246.210
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Arrfff -- il ne sort pas
Fais ce qui suit
stp
RENOMMER HT
Fais un clic droit sur hijackthis, choisis "renommer" marque : PROUT.exe
Puis remet un rapport stp
Pourquoi renommer HT
Parce que qu'il semble que les infections Vundo aient la particularité de se "cacher" à la détection de HJT proprement dite ou à son analyse : la modification du nom de l'exe pallie ce problème...
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Fais ce qui suit
stp
RENOMMER HT
Fais un clic droit sur hijackthis, choisis "renommer" marque : PROUT.exe
Puis remet un rapport stp
Pourquoi renommer HT
Parce que qu'il semble que les infections Vundo aient la particularité de se "cacher" à la détection de HJT proprement dite ou à son analyse : la modification du nom de l'exe pallie ce problème...
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re, je m'excuse pour l'absence j'avias un empechement, mais grace à dieu plus de problemes, tout ca grace à antivir que je garde avec avast. je tiens à te remercier marie pour tes efforts et pour toutes personne qui m'a aidé à trouver la solusion.