Besoin d'un nettoyage complet du pc
patxiro
Messages postés
58
Statut
Membre
-
shinobi80 Messages postés 918 Statut Membre -
shinobi80 Messages postés 918 Statut Membre -
Bonjour,
J'ai besoin de votre aide afin de guerrir une machine hautement virusé...
Je viens d'installer AVG est d'en faire un scan:
infection found: 580
infected objects removed or healed: 580
Not removed or healed: 0
spyware found:20
spyware removed: 18
Not removed: 2
warning count: 180
J'ai des messages d'alerte qui s'affichent ... je peux pas vous faire un copier coller...
Apparement le systeme d'exploitation est atteint, la machine fonctione au ralenti....
J'attends vos reponses....
Merkiiiiiiiiiiiiiiiiiiiiiiiiiii
J'ai besoin de votre aide afin de guerrir une machine hautement virusé...
Je viens d'installer AVG est d'en faire un scan:
infection found: 580
infected objects removed or healed: 580
Not removed or healed: 0
spyware found:20
spyware removed: 18
Not removed: 2
warning count: 180
J'ai des messages d'alerte qui s'affichent ... je peux pas vous faire un copier coller...
Apparement le systeme d'exploitation est atteint, la machine fonctione au ralenti....
J'attends vos reponses....
Merkiiiiiiiiiiiiiiiiiiiiiiiiiii
A voir également:
- Besoin d'un nettoyage complet du pc
- Nettoyage pc lent - Guide
- Réinitialiser un pc - Guide
- Telecharger fl studio 20 pour pc gratuit complet - Télécharger - Édition & Montage
- Nettoyage mac - Guide
- Nettoyage de disque - Guide
6 réponses
Bonsoir,
Le top, c'est bien sûr de formater...
Prends ton CD d'XP, tu boot dessus, et hop tu formates !
Le top, c'est bien sûr de formater...
Prends ton CD d'XP, tu boot dessus, et hop tu formates !
pour protéger gratos ton ordi
https://www.commentcamarche.net/telecharger/ 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux ZONE ALARM (mettre que le parefeu gratuit)
https://www.commentcamarche.net/telecharger/ 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
https://www.commentcamarche.net/telecharger/ 4 securite
mettre un antivirus
AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
Rq : spybot et ad-aware ont sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux ZONE ALARM (mettre que le parefeu gratuit)
https://www.commentcamarche.net/telecharger/ 157 zonealarm
-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
Re... merci de votre aide....
j'ai effectué le CCleaner....
voici le rapport de AVG:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:08:54 05/05/2008
+ Résultat de l'analyse:
C:\Program Files\OCINS\config.exe -> Adware.Small : Aucune action entreprise.
C:\Program Files\OCINS\uninstall.exe -> Downloader.Agent.bkw : Aucune action entreprise.
C:\Program Files\OCINS\austr.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\cndsv.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\convs.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\idnsvr.exe -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\ieaux.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP432\A0262925.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP432\A0262927.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP435\A0265977.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP435\A0265979.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP437\A0266010.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266018.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266020.sys -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266021.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
[2956] C:\PROGRA~1\OCINS\ieaux.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
[820] C:\Program Files\OCINS\idnsvr.exe -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266016.exe -> Not-A-Virus.Monitor.Win32.PCRecord.c : Aucune action entreprise.
C:\Program Files\OCINS\cnprovh.dll -> Trojan.Small : Aucune action entreprise.
Fin du rapport
maintenant j'ai un message d'alerte de avg sans cesse:
C:\ProgramFiles\OCINS\indsvr.exe
j'ai deja nettoyé et mis sous quarantaine mais ca reviens a chaque fois et je dois rebooter le pc ....
je viens de l'ignorer et j'en ai un 2em qui vient d'apparaitre....
C:\Program~1\OCINS\ieaux.dll
Arrffffff aidez moi .... snif snif snif....
j'ai effectué le CCleaner....
voici le rapport de AVG:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:08:54 05/05/2008
+ Résultat de l'analyse:
C:\Program Files\OCINS\config.exe -> Adware.Small : Aucune action entreprise.
C:\Program Files\OCINS\uninstall.exe -> Downloader.Agent.bkw : Aucune action entreprise.
C:\Program Files\OCINS\austr.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\cndsv.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\convs.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\idnsvr.exe -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\Program Files\OCINS\ieaux.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP432\A0262925.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP432\A0262927.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP435\A0265977.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP435\A0265979.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP437\A0266010.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266018.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266020.sys -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266021.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
[2956] C:\PROGRA~1\OCINS\ieaux.dll -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
[820] C:\Program Files\OCINS\idnsvr.exe -> Not-A-Virus.Adware.BDSearch : Aucune action entreprise.
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266016.exe -> Not-A-Virus.Monitor.Win32.PCRecord.c : Aucune action entreprise.
C:\Program Files\OCINS\cnprovh.dll -> Trojan.Small : Aucune action entreprise.
Fin du rapport
maintenant j'ai un message d'alerte de avg sans cesse:
C:\ProgramFiles\OCINS\indsvr.exe
j'ai deja nettoyé et mis sous quarantaine mais ca reviens a chaque fois et je dois rebooter le pc ....
je viens de l'ignorer et j'en ai un 2em qui vient d'apparaitre....
C:\Program~1\OCINS\ieaux.dll
Arrffffff aidez moi .... snif snif snif....
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici le rapport de bitdefender:
BitDefender Online Scanner
Scan report generated at: Tue, May 06, 2008 - 00:27:47
Scan path: C:\;D:\;
Statistics
Time
00:40:14
Files
100820
Folders
3071
Boot Sectors
5
Archives
1507
Packed Files
3698
Results
Identified Viruses
8
Infected Files
11
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
10
Engines Info
Virus Definitions
1189746
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
42
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\la crevette\Bureau\AUTORUN.INF
Infected with: Win32.Worm.RJump.B
C:\Documents and Settings\la crevette\Bureau\AUTORUN.INF
Deleted
C:\Documents and Settings\la crevette\Mes documents\Mes images\AUTORUN.INF
Infected with: Win32.Worm.RJump.B
C:\Documents and Settings\la crevette\Mes documents\Mes images\AUTORUN.INF
Deleted
C:\Program Files\OCINS\convf.dll
Detected with: Adware.Cdn.AU
C:\Program Files\OCINS\convf.dll
Disinfection failed
C:\Program Files\OCINS\convf.dll
Delete failed
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266014.exe
Infected with: BehavesLike:Win32.ExplorerHijack
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266014.exe
Disinfection failed
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266014.exe
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266015.exe
Infected with: Win32.Worm.RJump.F
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266015.exe
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266017.dll
Detected with: Dialer.Win32dial.A
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266017.dll
Disinfection failed
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266017.dll
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266020.sys
Detected with: Adware.Bdsearch.CX
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266020.sys
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266021.dll
Detected with: Adware.Generic.15284
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266021.dll
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP440\A0267554.INF
Infected with: Win32.Worm.RJump.B
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP440\A0267554.INF
Deleted
C:\WINDOWS\RavMonE.exe
Infected with: Win32.Worm.RJump.F
C:\WINDOWS\RavMonE.exe
Deleted
C:\WINDOWS\svde.exe
Infected with: Trojan.Generic.79501
C:\WINDOWS\svde.exe
Deleted
BitDefender Online Scanner
Scan report generated at: Tue, May 06, 2008 - 00:27:47
Scan path: C:\;D:\;
Statistics
Time
00:40:14
Files
100820
Folders
3071
Boot Sectors
5
Archives
1507
Packed Files
3698
Results
Identified Viruses
8
Infected Files
11
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
10
Engines Info
Virus Definitions
1189746
Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins
16
Archive plugins
42
Unpack plugins
7
E-mail plugins
6
System plugins
5
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\la crevette\Bureau\AUTORUN.INF
Infected with: Win32.Worm.RJump.B
C:\Documents and Settings\la crevette\Bureau\AUTORUN.INF
Deleted
C:\Documents and Settings\la crevette\Mes documents\Mes images\AUTORUN.INF
Infected with: Win32.Worm.RJump.B
C:\Documents and Settings\la crevette\Mes documents\Mes images\AUTORUN.INF
Deleted
C:\Program Files\OCINS\convf.dll
Detected with: Adware.Cdn.AU
C:\Program Files\OCINS\convf.dll
Disinfection failed
C:\Program Files\OCINS\convf.dll
Delete failed
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266014.exe
Infected with: BehavesLike:Win32.ExplorerHijack
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266014.exe
Disinfection failed
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266014.exe
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266015.exe
Infected with: Win32.Worm.RJump.F
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266015.exe
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266017.dll
Detected with: Dialer.Win32dial.A
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266017.dll
Disinfection failed
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266017.dll
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266020.sys
Detected with: Adware.Bdsearch.CX
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266020.sys
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266021.dll
Detected with: Adware.Generic.15284
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP438\A0266021.dll
Deleted
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP440\A0267554.INF
Infected with: Win32.Worm.RJump.B
C:\System Volume Information\_restore{15A5D7B0-B2A4-46CC-ABF1-579362BC3215}\RP440\A0267554.INF
Deleted
C:\WINDOWS\RavMonE.exe
Infected with: Win32.Worm.RJump.F
C:\WINDOWS\RavMonE.exe
Deleted
C:\WINDOWS\svde.exe
Infected with: Trojan.Generic.79501
C:\WINDOWS\svde.exe
Deleted
je viens de faire le Hijackthis, voici le rapport .... et c'est pas du gateau.....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:35:06, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\OCINS\idnsvr.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customsearch-en.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [smss] C:\WINDOWS\System\SMSS.EXE
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [.nvsvc] C:\Documents and Settings\la crevette\Application Data\smss.exe /w
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [IdnSvr] C:\Program Files\OCINS\idnsvr.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\pcsync2.exe /NoDialog
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Access Internet Keyword - C:\Program Files\OCINS\cnrbtn.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra 'Tools' menuitem: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{73FB20C8-4CA5-4B1E-BA29-2AFA0C94DAB0}: NameServer = 81.253.149.9 80.10.246.132
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:35:06, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\PROGRA~1\MESSAG~1\StartMessager.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\OCINS\idnsvr.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customsearch-en.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: IEAux Class - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [smss] C:\WINDOWS\System\SMSS.EXE
O4 - HKLM\..\Run: [MessagerStarter Wanadoo] C:\PROGRA~1\MESSAG~1\StartMessager.exe Messager Wanadoo
O4 - HKLM\..\Run: [.nvsvc] C:\Documents and Settings\la crevette\Application Data\smss.exe /w
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [IdnSvr] C:\Program Files\OCINS\idnsvr.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\pcsync2.exe /NoDialog
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Access Internet Keyword - C:\Program Files\OCINS\cnrbtn.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra 'Tools' menuitem: Chinese Navigation - {B012491E-8FA4-4851-AA9B-22E33784FBAD} - C:\Program Files\OCINS\config.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSAG~1\Messager Wanadoo.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{73FB20C8-4CA5-4B1E-BA29-2AFA0C94DAB0}: NameServer = 81.253.149.9 80.10.246.132
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
