Comment désinfecter mon pc sous vista
lavandeviolette
Messages postés
17
Statut
Membre
-
chouk -
chouk -
Bonjour,
comment me débarrasser de cete adresse svp
http://detoxitnow.com/?a=gambitlive
je voudrais savoir comment désinfecter mon pc, svp, merci
je suis sous vista
je vous envoie le rapport hijackhis
merci pour votre aide
cordialement
StartupList report, 04/03/2008, 08:47:53
StartupList version: 1.52.2
Started from : C:\Users\MFRANC~1.GON\AppData\Local\Temp\Rar$EX00.417\HijackThis.EXE
Detected: Unknown Windows (WinNT 6.00.1904)
Detected: Internet Explorer v7.00 (7.00.6000.16609)
* Using default options
==================================================
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ESET\nod32kui.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Windows\System32\rundll32.exe
C:\Users\MFRANC~1.GON\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\MFRANC~1.GON\AppData\Local\Temp\Rar$EX00.417\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\notepad.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
nod32kui = "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
WPCUMI = C:\Windows\system32\WpcUmi.exe
Windows Defender = %ProgramFiles%\Windows Defender\MSASCui.exe -hide
WarReg_PopUp = C:\Acer\WR_PopUp\WarReg_PopUp.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
RtHDVCpl = RtHDVCpl.exe
NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
ISUSPM Startup = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
eDataSecurity Loader = C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MediaBarFileManager = C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
LManager = C:\PROGRA~1\LAUNCH~1\LManager.exe
Acer Tour Reminder = C:\Acer\AcerTour\Reminder.exe
BM299b28c0 = Rundll32.exe "C:\Windows\system32\hpysabig.dll",s
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Gadwin PrintScreen = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
ISUSPM Startup = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe
Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
msnmsgr = "c:\program files\windows live\messenger\msnmsgr.exe" /background
IncrediMail = C:\Program Files\IncrediMail\bin\IncMail.exe /c
ehTray.exe = C:\Windows\ehome\ehTray.exe
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
Windows Mail = C:\Program Files\Windows Mail\WinMail.exe
Internet Explorer = C:\Program Files\Internet Explorer\iexplore.exe
Acer Tour Reminder =
--------------------------------------------------
Load/Run keys from C:\Windows\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=eNetHook.dll
--------------------------------------------------
Shell & screensaver key from C:\Windows\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\logon.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Task Scheduler jobs:
Maintenance en 1 clic.job
Vérifier les mises à jour de Windows Live Toolbar.job
--------------------------------------------------
Enumerating Download Program Files:
[F-Secure Online Scanner 3.1]
InProcServer32 = C:\Windows\Downloaded Program Files\fscax.dll
CODEBASE = https://www.f-secure.com/en/home/support
[Checkers Class]
InProcServer32 = C:\Windows\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
[YInstStarter Class]
InProcServer32 = C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll
CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll
[UnoCtrl Class]
InProcServer32 = C:\Windows\Downloaded Program Files\GAME_UNO1.dll
CODEBASE = http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
[Windows Live Photo Upload Control]
InProcServer32 = C:\Windows\Downloaded Program Files\MsnPUpld.dll
CODEBASE = http://lavandeviolette.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
[Java Plug-in 1.6.0_03]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
[PhotoPickConvert Class]
InProcServer32 = C:\Windows\Downloaded Program Files\PhtPkMSN.dll
CODEBASE = http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
[{BFB5F154-9212-46F3-B547-AC6106030A54}]
CODEBASE = https://carrefourinternet.com/index.asp
[MessengerStatsClient Class]
InProcServer32 = C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
[IPSUploader Control]
CODEBASE = http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Users\mfrance.gonzalez\Local Settings\Temporary Internet Files\Content.IE5\index.dat||C:\Users\MFRANC~1.GON\AppData\Local\Temp\GLB1A2B.EXE||C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll||C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll|||m
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: C:\Windows\system32\webcheck.dll
--------------------------------------------------
End of report, 9 337 bytes
Report generated in 0,031 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
comment me débarrasser de cete adresse svp
http://detoxitnow.com/?a=gambitlive
je voudrais savoir comment désinfecter mon pc, svp, merci
je suis sous vista
je vous envoie le rapport hijackhis
merci pour votre aide
cordialement
StartupList report, 04/03/2008, 08:47:53
StartupList version: 1.52.2
Started from : C:\Users\MFRANC~1.GON\AppData\Local\Temp\Rar$EX00.417\HijackThis.EXE
Detected: Unknown Windows (WinNT 6.00.1904)
Detected: Internet Explorer v7.00 (7.00.6000.16609)
* Using default options
==================================================
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ESET\nod32kui.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Windows\System32\rundll32.exe
C:\Users\MFRANC~1.GON\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\MFRANC~1.GON\AppData\Local\Temp\Rar$EX00.417\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\notepad.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
nod32kui = "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
WPCUMI = C:\Windows\system32\WpcUmi.exe
Windows Defender = %ProgramFiles%\Windows Defender\MSASCui.exe -hide
WarReg_PopUp = C:\Acer\WR_PopUp\WarReg_PopUp.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
RtHDVCpl = RtHDVCpl.exe
NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
ISUSPM Startup = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
eDataSecurity Loader = C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
MediaBarFileManager = C:\Program Files\On Demand Distribution\OD2 Music Manager\OD2MediaBar_VistaFileManager.exe
LManager = C:\PROGRA~1\LAUNCH~1\LManager.exe
Acer Tour Reminder = C:\Acer\AcerTour\Reminder.exe
BM299b28c0 = Rundll32.exe "C:\Windows\system32\hpysabig.dll",s
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Gadwin PrintScreen = C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
ISUSPM Startup = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
WMPNSCFG = C:\Program Files\Windows Media Player\WMPNSCFG.exe
Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
msnmsgr = "c:\program files\windows live\messenger\msnmsgr.exe" /background
IncrediMail = C:\Program Files\IncrediMail\bin\IncMail.exe /c
ehTray.exe = C:\Windows\ehome\ehTray.exe
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
Windows Mail = C:\Program Files\Windows Mail\WinMail.exe
Internet Explorer = C:\Program Files\Internet Explorer\iexplore.exe
Acer Tour Reminder =
--------------------------------------------------
Load/Run keys from C:\Windows\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=eNetHook.dll
--------------------------------------------------
Shell & screensaver key from C:\Windows\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\logon.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Task Scheduler jobs:
Maintenance en 1 clic.job
Vérifier les mises à jour de Windows Live Toolbar.job
--------------------------------------------------
Enumerating Download Program Files:
[F-Secure Online Scanner 3.1]
InProcServer32 = C:\Windows\Downloaded Program Files\fscax.dll
CODEBASE = https://www.f-secure.com/en/home/support
[Checkers Class]
InProcServer32 = C:\Windows\Downloaded Program Files\msgrchkr.dll
CODEBASE = http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
[YInstStarter Class]
InProcServer32 = C:\PROGRA~1\Yahoo!\Common\yinsthelper.dll
CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll
[UnoCtrl Class]
InProcServer32 = C:\Windows\Downloaded Program Files\GAME_UNO1.dll
CODEBASE = http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
[Windows Live Photo Upload Control]
InProcServer32 = C:\Windows\Downloaded Program Files\MsnPUpld.dll
CODEBASE = http://lavandeviolette.spaces.live.com/PhotoUpload/VistaMsnPUpldfr-fr.cab
[Java Plug-in 1.6.0_03]
InProcServer32 = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
CODEBASE = http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
[PhotoPickConvert Class]
InProcServer32 = C:\Windows\Downloaded Program Files\PhtPkMSN.dll
CODEBASE = http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
[{BFB5F154-9212-46F3-B547-AC6106030A54}]
CODEBASE = https://carrefourinternet.com/index.asp
[MessengerStatsClient Class]
InProcServer32 = C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
[IPSUploader Control]
CODEBASE = http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Users\mfrance.gonzalez\Local Settings\Temporary Internet Files\Content.IE5\index.dat||C:\Users\MFRANC~1.GON\AppData\Local\Temp\GLB1A2B.EXE||C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll||C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll|||m
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: C:\Windows\system32\webcheck.dll
--------------------------------------------------
End of report, 9 337 bytes
Report generated in 0,031 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
A voir également:
- Comment désinfecter mon pc sous vista
- Comment réinitialiser un pc - Guide
- Mon pc est lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Plus de son sur mon pc - Guide
- Double ecran pc - Guide
2 réponses
salut tu peux essayer avec Spybot S&D si s'est un malware il le trouvera. Après essai avec différent type d'antivirus (http://www.secuser.com/telechargement/index.htm ).
