Sujet Précédent Sujet Suivant

Virus sur win 32

Résolu/Fermé
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008 - 4 avril 2008 à 20:29
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 - 5 avril 2008 à 16:37
Bonjour,
j'ai chopé un virus qui empeche toute installation de programme et qui a viré mon antivirus
j'ai essayé les scans en ligne mais meme ceux ci sont bloqués

quelqu'un peut il m'aider ??
merci
A voir également:

42 réponses

Précédent
Réponse 21 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 12:07
T'es sur qu'il sont complet tes rapports ???

Encore des soucis essaye un antivirus (antivir)
0
Réponse 22 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 12:23
je viens de télécharger antivir et je fais l'analyse et t'envoie le rapport
a tout à l'heure
0
Réponse 23 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 12:31
Ok

donc ta résussi a installer un antivirus ?
0
Réponse 24 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 12:55
ouais celui là tourne
j'attends la fin et je reviens avec le rapport
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 12:57
ok je pense que bagle a était détruit.
0
Réponse 26 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 13:03
le scan est en route, il a déjà trouvé deux virus dont le dernier est bagle.gen.b
je l'ai delete
ai je bien fait ou faut il le mettre en quarantaine ???

(pour info j'en suis à 90% de vérifié)
0
Réponse 27 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 13:10
T'as bien fait ;);)
0
Réponse 28 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 13:35
voici le rapport de antivir



AntiVir PersonalEdition Classic
Report file date: samedi 5 avril 2008 12:24

Scanning for 1181183 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: DE-CLERCK

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 10:23:02
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 10:23:02
ANTIVIR3.VDF : 7.0.3.121 189952 Bytes 04/04/2008 10:23:02
AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 05/04/2008 10:23:03
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 05/04/2008 10:23:03
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: samedi 5 avril 2008 12:24

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CLSched.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'lanceur.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'CLMLService.exe' - '1' Module(s) have been scanned
Scan process 'CLMLServer.exe' - '1' Module(s) have been scanned
Scan process 'CLCapSvc.exe' - '1' Module(s) have been scanned
Scan process 'mpbtn.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'VeohClient.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'CFD.exe' - '1' Module(s) have been scanned
Scan process 'Corel Photo Downloader.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'qttask.exe' - '1' Module(s) have been scanned
Scan process 'RemoteControlAppl.exe' - '1' Module(s) have been scanned
Scan process 'PCMService.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
48 processes with 48 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '36' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\de clerck\Mes documents\drivers\jeux\HL2\Steam.dll.bak
[DETECTION] Contains detection pattern of a probably damaged sample CC/Agent.EU
[INFO] The file was deleted!
C:\Muestras\FLEC006.EXE.Muestra EliBagle v11.21
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\Program Files\Panda Security\ActiveScan 2.0\pskavs.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was deleted!
C:\Program Files\Panda Security\NanoScan\Engine\psnflg.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was deleted!
C:\Program Files\Satsuki Decoder Pack\wmv\WMVPostpross.exe
[DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP743\A0110041.exe
[DETECTION] Contains detection pattern of the dropper DR/MartShop.2
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP776\A0139009.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP777\A0139050.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP777\A0139194.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP777\A0139209.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP777\A0139223.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139329.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139382.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139387.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139551.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139553.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139592.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139614.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139615.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139617.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139623.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139624.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139626.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139631.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139632.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139633.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139635.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139636.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139638.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139640.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139646.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139743.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139745.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139746.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP779\A0139752.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP780\A0139887.dll
[DETECTION] Contains detection pattern of the Windows virus W95/Blumblebee.1738
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP780\A0139888.dll
[DETECTION] Is the Trojan horse TR/Agent.bux.1
[INFO] The file was deleted!
C:\System Volume Information\_restore{DCE914EB-FDF3-4F50-80C4-34B2125F4B59}\RP780\A0139889.exe
[DETECTION] Is the Trojan horse TR/Crypt.CFI.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!


End of the scan: samedi 5 avril 2008 13:32
Used time: 1:08:34 min

The scan has been done completely.

6520 Scanning directories
336307 Files were scanned
38 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
38 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
336269 Files not concerned
1920 Archives were scanned
3 Warnings
58 Notes

ainsi que le non des virus trouvés
No. Name Type Danger Added on
1. TR/Agent.249856.B Trojan 01 Apr 2008
2. SPR/AutoIt.Gen Security Privacy Risk 28 Mar 2008
3. TR/BHO.Gen Trojan 28 Mar 2008
4. TR/Dldr.Small.hzj Trojan 28 Mar 2008
5. JS/Dldr.Remora.WB Malware 28 Mar 2008
6. JS/Dldr.Remora.WA Malware 28 Mar 2008
7. Hamburger Sparkasse 1 Phishing 25 Mar 2008
8. Worm/Agent.ax Worm 19 Mar 2008
9. EXP/Office.Dropper.Gen Exploit 19 Mar 2008
10. EXP/Excel.CVE-2008-0081 Exploit 19 Mar 2008
11. TR/Killav.OE Trojan 18 Mar 2008
12. TR/Dldr.Delf.OKR Trojan 14 Mar 2008
13. DR/Delf.HME Dropper 14 Mar 2008
14. TR/Spy.Delf.BEW Trojan 14 Mar 2008
15. Worm/Hakaglan.B Worm 14 Mar 2008
16. TR/Dldr.Delphi.Gen Trojan 14 Mar 2008
17. Halifax 24 Phishing 08 Mar 2008
18. TR/Spy.ZBot.nm Trojan 04 Mar 2008
19. GAME/Dldr.Fenomen.Gen Malware 03 Mar 2008
20. TR/Crypt.TPM.Gen Trojan 03 Mar 2008
21. DR/Agent.HA Dropper 03 Mar 2008
22. Ebay 90 Phishing 02 Mar 2008
23. BDS/TOn.A Backdoor Server 29 Feb 2008
24. TR/Click.HTML.IFrame.FP Trojan 26 Feb 2008
25. DR/OneStep.A Dropper 25 Feb 2008
26. SPR/Serv-U.Gen Security Privacy Risk 15 Feb 2008
27. APPL/Serv-U.Gen Malware 15 Feb 2008
28. TR/Agent.90112.G Trojan 12 Feb 2008
29. Chase Bank 64 Phishing 05 Feb 2008
30. Chase Bank 63 Phishing 05 Feb 2008
31. TR/Dldr.Zlob.KA Trojan 05 Feb 2008
32. TR/Vundo.DWK Trojan 31 Jan 2008
33. TR/VB.AQT Trojan 29 Jan 2008
34. TR/Dldr.Small.JS.1 Trojan 29 Jan 2008
35. DR/QuickBatch.Gen Dropper 25 Jan 2008
36. TR/Crypt.MWPM.Gen Trojan 25 Jan 2008
37. Commerce Bank 1 Phishing 24 Jan 2008
38. TR/Dldr.Zlob.AATN Trojan 24 Jan 2008
39. TR/Agent.TT Trojan 24 Jan 2008
40. The Royal Bank of Scotland 2 Phishing 09 Jan 2008
0
Réponse 29 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 13:58
Télécharge sur le bureau hijackthis


Fait un clic droit sur l'icone hijackthis.


/!\Renome hijackthis en skim.exe ( a le place de hijacktihs.exe) c'est important!!/!\

*Après avoir fais ca double-clic dessus.

*Clic sur Do a system scan and save the log

*A la fin de l'analyse un rapport va etre générer colle le ici.

Une démo d'hijackthis
0
Réponse 30 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 14:05
le voici (c'est rapide)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:20, on 05/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\winmine.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll (file missing)
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O2 - BHO: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O3 - Toolbar: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [One readme] C:\DOCUME~1\DECLER~1\APPLIC~1\HOLEPH~1\JUNKTONSDASH.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll,,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
0
Réponse 31 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 14:11
dou-l,

je dois aller faire une course je suis de retour dans 1 heure

a tout
0
Réponse 32 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 14:12
Mets a jour JAVA : https://www.malekal.com/maintenir-java-adobe-reader-et-le-player-flash-a-jour/

Mets a jout IE: https://support.microsoft.com/fr-fr/allproducts



Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

O4 - HKCU\..\Run: [One readme] C:\DOCUME~1\DECLER~1\APPLIC~1\HOLEPH~1\JUNKTONSDASH.exe
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll (file missing)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h30155.www3.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab


Installe un pare feu : zone alarm https://www.malekal.com/tutoriel-zonealarm-firewall/

Reposte un hijackthis et dit tes soucis .
0
Réponse 33 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 16:08
re salut,

tu trouveras ci-dessous le rapport demandé
pour me connecter sur internet, j'ai du arreter zonealarm. est ce normal ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:04:39, on 05/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O3 - Toolbar: torrent_search toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtorr.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.google.fr/?gws_rd=ssl
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - https://sdlc-esd.oracle.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?GroupName=JSC&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&BHost=javadl.sun.com&File=jinstall-6u5-windows-i586-jc.cab&AuthParam=1580944752_ad714b48b0d186f5adbe4ba05260ecbd&ext=.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll,,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 34 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 16:12
Tu as autorisé l'acces a internet pour zone alarm t'avais un tuto !

Fais analyser ce fichier sur visrus total et colle le rapportr.

C:\WINDOWS\system32\PnkBstrB.exe

https://www.virustotal.com/gui/
0
Réponse 35 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 16:15
désolé mais c'est quoi un tuto ?
0
Réponse 36 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 16:17
un tutoriel pour t'aider : https://www.malekal.com/tutoriel-zonealarm-firewall/
0
Réponse 37 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 16:18
c'est çà que tu veux ?

Fichier PnkBstrB.exe reçu le 2008.04.03 00:17:33 (CET)
Situation actuelle: terminé

Résultat: 0/32 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.1.2 2008.04.02 -
AntiVir 7.6.0.80 2008.04.02 -
Authentium 4.93.8 2008.04.02 -
Avast 4.7.1098.0 2008.04.02 -
AVG 7.5.0.516 2008.04.02 -
BitDefender 7.2 2008.04.03 -
CAT-QuickHeal 9.50 2008.04.02 -
ClamAV 0.92.1 2008.04.02 -
DrWeb 4.44.0.09170 2008.04.02 -
eSafe 7.0.15.0 2008.04.01 -
eTrust-Vet 31.3.5666 2008.04.02 -
Ewido 4.0 2008.04.02 -
F-Prot 4.4.2.54 2008.04.02 -
F-Secure 6.70.13260.0 2008.04.02 -
FileAdvisor 1 2008.04.03 -
Fortinet 3.14.0.0 2008.04.02 -
Ikarus T3.1.1.20 2008.04.02 -
Kaspersky 7.0.0.125 2008.04.03 -
McAfee 5265 2008.04.02 -
Microsoft 1.3301 2008.04.01 -
NOD32v2 2995 2008.04.02 -
Norman 5.80.02 2008.04.02 -
Panda 9.0.0.4 2008.04.02 -
Prevx1 V2 2008.04.03 -
Rising 20.38.22.00 2008.04.02 -
Sophos 4.28.0 2008.04.02 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.04.03 -
TheHacker 6.2.92.262 2008.04.02 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.04.02 -
Webwasher-Gateway 6.6.2 2008.04.02 -
Information additionnelle
File size: 103736 bytes
MD5: 1428e6cc1458a36cbfc1f2e304c7c42d
SHA1: 93a5faaf2dafa3d03e80c54cf72891f30e89a997
PEiD: -
0
Réponse 38 / 42
dou-l Messages postés 2860 Date d'inscription vendredi 29 février 2008 Statut Membre Dernière intervention 29 décembre 2012 61
5 avril 2008 à 16:26
Oui c'est ca encore des problemes?. A l'avenir ne télécharge plus des crack !

COCHE RESOLUE STP C'EST IMPORTANT.
0
Réponse 39 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 16:32
ca y est c'est réglé ????
0
Réponse 40 / 42
olivier75016 Messages postés 29 Date d'inscription samedi 29 mars 2008 Statut Membre Dernière intervention 5 avril 2008
5 avril 2008 à 16:33
genial çà marche

UN GRAND MERCI POUR TON AIDE
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Voxbone ? qui est-ce ?
fanfan54 -
djakool4 -

158 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses