Registre probleme ,virer piratrax...
Résolu
ginga2
Messages postés
177
Date d'inscription
Statut
Membre
Dernière intervention
-
Lyonnais92 Messages postés 25159 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Lyonnais92 Messages postés 25159 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,j ai beau avoir d installer piratrax....il essayer selon spybot de modifier le registre, je crois ..
voila , j ai essayer en le reinstallant et le desinstallant mais spy bot me dit toujours qu il bloque>>
30/05/2008 21:48:08 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
31/05/2008 14:44:58 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
31/05/2008 14:45:00 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
31/05/2008 14:45:08 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
et voici mon hidjack de demarrage si ca peux t aider..?
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\Grisoft\AVG ANTI-SPYWARE 7.5\guard.exe
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 7.0\avp.exe
C:\WINDOWS\explorer.exe
C:\PROGRAM FILES\Java\JRE1.6.0_03\bin\jusched.exe
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\Grisoft\AVG ANTI-SPYWARE 7.5\avgas.exe
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
C:\PROGRAM FILES\CCleaner\ccleaner.exe
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SpybotSD.exe
C:\PROGRAM FILES\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [AVP]C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware]C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer]C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: CCleaner (2).lnk=C:\Program Files\CCleaner\ccleaner.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program Files\Java\jre1.6.0_05\bin
O11 - Options group: [] -
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} (https://www.microsoft.com/en-us/download - https://www.microsoft.com/en-us/download
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (https://www.eset.com/ - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (http://www.zebulon.fr/scan8/oscan8) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O21 - WPDShServiceObj - WPDShServiceObj Class - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gestion d'applications - - C:\WINDOWS\System32\appmgmts.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 7.0 - - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -r
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine - - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TuneUp Extension de thème - TuneUp Software GmbH - C:\WINDOWS\system32\uxtuneup.dll
O24 - Desktop Component 0: Ma page d'accueil - About:Home
--- Additional WinPatrol Info ---
Default Browser: TuneUp Utilities - TuneUp Theme Extension version 6.0
MSIE: Internet Explorer (7.00.6000.16640)
Firefox 2.0.0.14 installed in C:\Program Files\Mozilla Firefox.
0 IE Cookies in Folder: C:\Documents and Settings\benoit\Cookies\
0 Mozilla Cookies in Folder: C:\Documents and Settings\benoit\Application Data\Mozilla\FireFox\Profiles\894dul1a.default
WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP00 - HKLM\CS3: BootExecute = autocheck autochk *
WP01 - HKLM\CCS: PendingFileRenameOperations = \??\C:\DOCUME~1\benoit\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
WP01 - HKLM\CS3: PendingFileRenameOperations = \??\C:\DOCUME~1\benoit\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe
WP03 - Windows Automatic Update = 4:Automatically download recommended updates for my computer and install them.
merci si tu peux m aider
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www
voila , j ai essayer en le reinstallant et le desinstallant mais spy bot me dit toujours qu il bloque>>
30/05/2008 21:48:08 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
31/05/2008 14:44:58 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
31/05/2008 14:45:00 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
31/05/2008 14:45:08 Refusé(e) (based on user blacklist) value "Piratrax" (new data: "") supprimé(e) in System Startup user entry!
et voici mon hidjack de demarrage si ca peux t aider..?
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\Grisoft\AVG ANTI-SPYWARE 7.5\guard.exe
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 7.0\avp.exe
C:\WINDOWS\explorer.exe
C:\PROGRAM FILES\Java\JRE1.6.0_03\bin\jusched.exe
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\Grisoft\AVG ANTI-SPYWARE 7.5\avgas.exe
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
C:\PROGRAM FILES\CCleaner\ccleaner.exe
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SpybotSD.exe
C:\PROGRAM FILES\Opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched]C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [WinPatrol]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [AVP]C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware]C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer]C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: CCleaner (2).lnk=C:\Program Files\CCleaner\ccleaner.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [Java (Sun)] Java (Sun) - C:\Program Files\Java\jre1.6.0_05\bin
O11 - Options group: [] -
O14 - IERESET.INF: START_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O14 - IERESET.INF: SEARCH_PAGE_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O14 - IERESET.INF:HKCU, Start Page = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Page_URL = %START_PAGE_URL%
O14 - IERESET.INF:HKLM, Default_Search_URL = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKLM, Search Page = %SEARCH_PAGE_URL%
O14 - IERESET.INF:HKCU, Search Page = %SEARCH_PAGE_URL%
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} (https://www.microsoft.com/en-us/download - https://www.microsoft.com/en-us/download
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (https://www.eset.com/ - https://www.eset.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (http://www.zebulon.fr/scan8/oscan8) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O21 - WPDShServiceObj - WPDShServiceObj Class - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Gestion d'applications - - C:\WINDOWS\System32\appmgmts.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 7.0 - - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe -r
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine - - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TuneUp Extension de thème - TuneUp Software GmbH - C:\WINDOWS\system32\uxtuneup.dll
O24 - Desktop Component 0: Ma page d'accueil - About:Home
--- Additional WinPatrol Info ---
Default Browser: TuneUp Utilities - TuneUp Theme Extension version 6.0
MSIE: Internet Explorer (7.00.6000.16640)
Firefox 2.0.0.14 installed in C:\Program Files\Mozilla Firefox.
0 IE Cookies in Folder: C:\Documents and Settings\benoit\Cookies\
0 Mozilla Cookies in Folder: C:\Documents and Settings\benoit\Application Data\Mozilla\FireFox\Profiles\894dul1a.default
WP00 - HKLM\CS1: BootExecute = autocheck autochk *
WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP00 - HKLM\CS3: BootExecute = autocheck autochk *
WP01 - HKLM\CCS: PendingFileRenameOperations = \??\C:\DOCUME~1\benoit\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
WP01 - HKLM\CS3: PendingFileRenameOperations = \??\C:\DOCUME~1\benoit\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
WP02 - HKLM\CCS: Command = C:\WINDOWS\system32\cmd.exe
WP03 - Windows Automatic Update = 4:Automatically download recommended updates for my computer and install them.
merci si tu peux m aider
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www
A voir également:
- Registre probleme ,virer piratrax...
- Piratrax - Forum Virus
- PIRATAX efface toutes traces sur disque dur. - Forum Disque dur / SSD
2 réponses
Salut alors désinstalle tous tes logiciel de sécurité sauf Spybot. Et installe AntiVir,Malwarebytes Anti-Malware,Ccleaner et active le pare-feu XP.
AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)
PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE ET A SPYBOT.
AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)
PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE ET A SPYBOT.
c'est grave?
merci de ton aide...
comment je pourrait virer ces 2 truc du dossier prefect?
Mode sans Echec:
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
j en ai marre!!
peux tu m aider?