Fenetre de pub intempestive

tonydu59 -
jlpjlp Messages postés 52399 Statut Contributeur sécurité - 15 juil. 2008 à 22:38

Bonjour,
depuis quelques jours je suis assailli de fenetres publicitaires particulierement lorsque je fait des recherches su google au point qu'il m'est impossible de faire autre chose tant les fenetres sont nombreuses.Aprés avoir faitun petit netoyage avec Ccleaner les fenetre sont moin nombreuses ms persistent tout de meme. De plus, un message s'affiche et me coupe explorer
pouvez vous m'aider a m'en debarasser s'il vous plait
merci
Voici mon rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:53:54, on 27/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\OFFICE ONE6.5\program\soffice.exe
C:\WINDOWS\system32\INTERNAT.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [oouserv6.exe] C:\Program Files\OFFICE ONE6.5\program\oouserv6.exe
O4 - HKLM\..\Run: [0cd9a3de] rundll32.exe "C:\WINDOWS\system32\nhqantys.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE ONE6.5\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} - https://www.msn.com/fr-fr/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4377/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Afficher la suite

A voir également:

Fenetre de pub intempestive
Bloqueur de pub youtube - Accueil - Streaming
Mcafee fenetre intempestive - Accueil - Piratage
Fenetre windows - Guide
Stop pub gratuit - Télécharger - Divers Utilitaires
Fenêtre hors écran windows 11 - Guide

9 réponses

Réponse 1 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

slt,

télécharge OTMoveIt
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\system32\nhqantys.dll

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

___________________

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

tonydu59

re,
voici le rapport combo fix:

ComboFix 08-06-20.4 - ANTHONY PIRES 2008-06-27 22:05:20.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.41 [GMT 2:00]
Endroit: C:\Documents and Settings\ANTHONY PIRES\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM0fea9042.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\aoulmneg.ini
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\dghgvkca.dll
C:\WINDOWS\system32\fowlchdv.ini
C:\WINDOWS\system32\gsahjnup.dll
C:\WINDOWS\system32\mljkhff.dll
C:\WINDOWS\system32\mpktyqpf.dll
C:\WINDOWS\system32\sytnaqhn.ini
C:\WINDOWS\system32\ugcuyj.dll
C:\WINDOWS\system32\vdhclwof.dll
C:\WINDOWS\system32\wcavhttu.dll
C:\WINDOWS\system32\xycdd.ini
C:\WINDOWS\system32\xycdd.ini2

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_poof

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-27 to 2008-06-27 ))))))))))))))))))))))))))))))))))))
.

2009-04-22 21:24 . 2009-04-22 21:24 140,488 --a------ C:\WINDOWS\system32\ComDlg32.ocx
2009-04-22 21:24 . 2009-04-22 21:24 256 --a--c--- C:\WINDOWS\system32\imail40.rtl
2008-06-27 21:57 . 2008-06-27 21:57 <REP> d-------- C:\_OTMoveIt
2008-06-24 21:55 . 2008-06-24 21:55 <REP> d-------- C:\Program Files\Pcsx2_0.9.4
2008-06-21 01:04 . 2008-06-21 01:04 61 --a------ C:\WINDOWS\yesmessenger.ini
2008-06-21 00:58 . 2008-06-21 01:18 <REP> d-------- C:\Program Files\YesMessenger
2008-06-17 23:59 . 2008-06-18 00:00 <REP> d-------- C:\Program Files\aMSN
2008-06-14 23:32 . 2008-06-17 21:27 <REP> d-------- C:\Program Files\Freeplayer
2008-06-02 13:02 . 2008-06-02 13:02 <REP> d-------- C:\Program Files\Free
2008-06-02 13:01 . 2008-06-02 13:01 <REP> d--hs---- C:\WINDOWS\ftpcache

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-27 20:21 --------- d-----w C:\Program Files\AVPersonal
2008-06-26 13:55 --------- d-----w C:\Program Files\eMule
2008-06-26 10:57 --------- d-----w C:\Program Files\Java
2008-06-14 21:55 --------- d-----w C:\Program Files\BitComet
2008-06-14 21:36 --------- d-----w C:\Documents and Settings\ANTHONY PIRES\Application Data\vlc
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-05 00:02 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-06-02 14:20 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-06-02 14:12 --------- d-----w C:\Documents and Settings\ANTHONY PIRES\Application Data\AdobeUM
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2005-03-24 14:24 976,020 -c--a-w C:\Program Files\BDAXP.cab
2005-03-24 14:24 911,188 -c--a-w C:\Program Files\Apr2005_MDX_x86.cab
2005-03-24 14:24 72,400 -c--a-w C:\Program Files\DSETUP.dll
2005-03-24 14:24 703,080 -c--a-w C:\Program Files\BDA.cab
2005-03-24 14:24 66,520 -c--a-w C:\Program Files\dxupdate.cab
2005-03-24 14:24 480,976 ----a-w C:\Program Files\DXSETUP.exe
2005-03-24 14:24 2,245,328 -c--a-w C:\Program Files\dsetup32.dll
2005-03-24 14:24 15,493,481 -c--a-w C:\Program Files\DirectX.cab
2005-03-24 14:24 13,265,040 -c--a-w C:\Program Files\dxnt.cab
2005-03-24 14:24 1,348,242 -c--a-w C:\Program Files\Apr2005_d3dx9_25_x64.cab
2005-03-24 14:24 1,156,363 -c--a-w C:\Program Files\BDANT.cab
2005-03-24 14:24 1,079,850 -c--a-w C:\Program Files\Apr2005_d3dx9_25_x86.cab
2004-05-09 19:36 15,900,672 ----a-w C:\Documents and Settings\ANTHONY PIRES\Photoshop.exe
2002-04-23 18:09 5,181,440 ----a-w C:\Documents and Settings\ANTHONY PIRES\ExtRsrc.dll
2002-04-16 12:04 4,059,242 ------w C:\Documents and Settings\ANTHONY PIRES\ImageReadyRes.dll
2002-04-15 17:54 13,336,651 ------w C:\Documents and Settings\ANTHONY PIRES\ImageReady.exe
2002-04-15 17:32 331,776 ------w C:\Documents and Settings\ANTHONY PIRES\JS32.dll
2002-04-06 15:37 897,024 ------w C:\Documents and Settings\ANTHONY PIRES\Photoshop.dll
2002-04-06 15:37 2,445,312 ------w C:\Documents and Settings\ANTHONY PIRES\PSViews.dll
2002-04-05 14:18 462,848 ------w C:\Documents and Settings\ANTHONY PIRES\ACE.dll
2002-04-01 01:29 53,248 ------w C:\Documents and Settings\ANTHONY PIRES\Plugin.dll
2002-03-26 16:42 1,458,176 ------w C:\Documents and Settings\ANTHONY PIRES\CoolType.dll
2002-03-13 03:24 94,208 ------w C:\Documents and Settings\ANTHONY PIRES\OPP.dll
2002-03-13 03:24 929,792 ------w C:\Documents and Settings\ANTHONY PIRES\AGM.dll
2002-03-13 03:24 3,485,696 ------w C:\Documents and Settings\ANTHONY PIRES\MPS.dll
2002-03-13 03:24 2,920,448 ------w C:\Documents and Settings\ANTHONY PIRES\PDFL50.dll
2002-03-05 14:10 4,265 ------w C:\Documents and Settings\ANTHONY PIRES\Photoshop.reg
2002-02-27 03:24 167,936 ------w C:\Documents and Settings\ANTHONY PIRES\Bib.dll
2001-12-06 14:24 61,440 ------w C:\Documents and Settings\ANTHONY PIRES\Uninst.dll
2001-06-29 16:38 712,751 ----a-w C:\Documents and Settings\ANTHONY PIRES\Asn.er.dll
2001-02-16 11:40 19,456 ------w C:\Documents and Settings\ANTHONY PIRES\PSUT9516.DLL
2000-10-10 13:49 23,024 ------w C:\Documents and Settings\ANTHONY PIRES\Shfolder.dll
2000-10-10 13:49 20,480 ------w C:\Documents and Settings\ANTHONY PIRES\Psut9532.dll
1993-07-22 23:00 210,944 ------w C:\Documents and Settings\ANTHONY PIRES\Msvcrt10.dll
2005-05-29 13:15 8,192 -csha-w C:\WINDOWS\o2cLicStore.bin
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"Gestionnaire Antidote.exe"="C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe" [2005-06-22 18:12 386752]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-04-01 18:35 3587120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [2000-07-12 12:59 24576]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-09-01 15:56 180269]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-20 01:09 144384]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 15:34 57344 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [2003-07-28 16:19 323584 C:\WINDOWS\system32\nwiz.exe]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-07-28 16:19 4841472]
"MMTray"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 14:12 135168]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [2000-07-12 14:14 311350]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 18:05 81920]
"BluetoothAuthenticationAgent"="irprops.cpl,,BluetoothAuthenticationAgent" []
"AVGCtrl"="C:\Program Files\AVPersonal\AVGNT.EXE" [2005-10-14 13:32 180327]
"AGRSMMSG"="AGRSMMSG.exe" [2003-05-23 11:43 88363 C:\WINDOWS\AGRSMMSG.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 11:05 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-01-19 11:45 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-01-19 11:39 217088]
"%FP%Friendly fts.exe"="C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" [2003-05-06 10:28 72192]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-05 15:53 98304]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 14:12 53248]
"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE" [2005-02-08 06:00 98304]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"BOOT"="C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe" [2002-08-16 16:14 476160]
"MsgCenterExe"="C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2004-09-01 15:56 69688]
"0cd9a3de"="C:\WINDOWS\system32\nhqantys.dll" [ ]
"oouserv6.exe"="C:\Program Files\OFFICE ONE6.5\program\oouserv6.exe" [2003-06-30 07:00 256000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]
"NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-07-28 16:19 49152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli scecli scecli

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\amsn\\bin\\wish.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Shareaza\\Shareaza.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21437:TCP"= 21437:TCP:BitComet 21437 TCP
"21437:UDP"= 21437:UDP:BitComet 21437 UDP

R2 AVWUpSrv;AntiVir Update;"C:\Program Files\AVPersonal\AVWUPSRV.EXE" [2005-10-13 17:32]
R3 avgntdw;avgntdw;C:\PROGRAM FILES\AVPERSONAL\AVGNTDW.SYS [2005-04-29 09:07]
R3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 16:52]
S2 muvpozfe;SAMSUNG Mobile USB Modem II 1.0 sMonitor;C:\WINDOWS\System32\svchost.exe [2004-08-20 01:10]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
muvpozfe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-06-27 20:00:01 C:\WINDOWS\Tasks\{F47B0D2A-716E-40AE-B7BD-592D858EFBE5}_PCTEK_ANTHONY PIRES.job"
- C:\WINDOWS\system32\mobsync.exeH /Schedule=
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-27 22:22:36
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\OFFICE ONE6.5\program\soffice.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\internat.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-06-27 22:31:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-27 20:31:30

Pre-Run: 16,606,498,816 octets libres
Post-Run: 17,230,696,448 octets libres

185 --- E O F --- 2008-06-20 00:21:45

merci pour ton aide

Réponse 2 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

encore des pubs???

recolle un rapport hijackthis

a plus

tonydu59

plus de pub pour le moment tout a l'air normal merci pour ton aide voici quand meme le rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:32:20, on 29/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\OFFICE ONE6.5\program\soffice.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\INTERNAT.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [0cd9a3de] rundll32.exe "C:\WINDOWS\system32\nhqantys.dll",b
O4 - HKLM\..\Run: [oouserv6.exe] C:\Program Files\OFFICE ONE6.5\program\oouserv6.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE ONE6.5\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} - https://www.msn.com/fr-fr/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4377/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Réponse 3 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

fix cette ligne avec hijackhtis (fix cheked)

O4 - HKLM\..\Run: [0cd9a3de] rundll32.exe "C:\WINDOWS\system32\nhqantys.dll",b

__________

Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

File::
C:\WINDOWS\system32\nhqantys.dll

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"0cd9a3de"=-

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Remets aussi un rapport Hijackthis

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Réponse 4 / 9

tony du 59

bonjour,
je n'arrive plus a utiliser combofix meme si je le retelecharge comment faire

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

alors fais ceci

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\system32\nhqantys.dll

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

_______________________
recolle un hijackthis et dis tes soucis actuels

tonydu59

bonjour
voici le rapport move it
File/Folder C:\WINDOWS\system32\nhqantys.dll not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07102008_221132

voici le rapport hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:15:02, on 10/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\OFFICE ONE6.5\program\soffice.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\INTERNAT.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [0cd9a3de] rundll32.exe "C:\WINDOWS\system32\nhqantys.dll",b
O4 - HKLM\..\Run: [oouserv6.exe] C:\Program Files\OFFICE ONE6.5\program\oouserv6.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE ONE6.5\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\oonotesv65.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} - https://www.msn.com/fr-fr/
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4377/mcfscan.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Réponse 6 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

analyse ce fichiers sur virus total et colle nous le rapport: https://www.virustotal.com/gui/

C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe

_____________

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [0cd9a3de] rundll32.exe "C:\WINDOWS\system32\nhqantys.dll",b
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} - http://mm.tf1.fr/superdistribution/installer2.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} - https://www.msn.com/fr-fr/

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - http://a840.g.akamai.net/

__________________

colle un rapport avec antivir que tu as

_____________________

installe la dernière version d'adobe reader : la 9

https://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/14537.html
____________________

encore des problèmes???

tonydu59

bonjour, voici le resultat avec total virus

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.11.0 2008.07.11 -
AntiVir 7.8.0.64 2008.07.14 -
Authentium 5.1.0.4 2008.07.13 -
Avast 4.8.1195.0 2008.07.14 -
AVG 7.5.0.516 2008.07.14 -
BitDefender 7.2 2008.07.14 -
CAT-QuickHeal 9.50 2008.07.11 -
ClamAV 0.93.1 2008.07.14 -
DrWeb 4.44.0.09170 2008.07.14 -
eSafe 7.0.17.0 2008.07.13 -
eTrust-Vet 31.6.5954 2008.07.14 -
Ewido 4.0 2008.07.14 -
F-Prot 4.4.4.56 2008.07.13 -
F-Secure 7.60.13501.0 2008.07.14 -
Fortinet 3.14.0.0 2008.07.14 -
GData 2.0.7306.1023 2008.07.14 -
Ikarus T3.1.1.26.0 2008.07.14 -
Kaspersky 7.0.0.125 2008.07.14 -
McAfee 5337 2008.07.11 -
Microsoft 1.3704 2008.07.14 -
NOD32v2 3265 2008.07.14 -
Norman 5.80.02 2008.07.11 -
Panda 9.0.0.4 2008.07.13 -
Prevx1 V2 2008.07.14 -
Rising 20.53.02.00 2008.07.14 -
Sophos 4.31.0 2008.07.14 -
Sunbelt 3.1.1536.1 2008.07.12 -
Symantec 10 2008.07.14 -
TheHacker 6.2.96.378 2008.07.13 -
TrendMicro 8.700.0.1004 2008.07.14 -
VBA32 3.12.6.9 2008.07.13 -
VirusBuster 4.5.11.0 2008.07.13 -
Webwasher-Gateway 6.6.2 2008.07.14 -
Information additionnelle
File size: 476160 bytes
MD5...: 2643c21cc50bd54253c67bb208439100
SHA1..: b166dd5571c037b52f21cd00187c4c876122f023
SHA256: 27a48b7860d2409a9a47f49efecc6a1d2d6881af07b2a9a9718002259572704e
SHA512: 96d3544597451a45269ef05a83292f0f0d044fc69100475a1007684aa0b9f85e
f7879c92fc090aa6388209e2da40488755c0fd687bf3121aed42502ce8663750
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x577001
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0xfa000 0x5d600 8.00 681dfa30a6eaa309c17b98be0d22aaad
DATA 0xfb000 0x3000 0x1400 7.62 7afc7d1cdb279d48ee50e7550d9273b1
BSS 0xfe000 0x2000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x100000 0x4000 0x1200 7.87 8239c70d645f9657bef871086a87f293
.tls 0x104000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x105000 0x1000 0x200 0.20 ca1549e83d4b568fa0ad41bc9493647b
.reloc 0x106000 0x10000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x116000 0x61000 0x11a00 7.87 bf39739857b690a34f6b5d63dd3eb33f
.aspack 0x177000 0x3000 0x2800 5.44 11ac23ad420c3b455bf146f25e7c50c3
.adata 0x17a000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

( 22 imports )
> kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: SysFreeString
> advapi32.dll: RegSetValueExA
> version.dll: VerQueryValueA
> gdi32.dll: UnrealizeObject
> user32.dll: WindowFromPoint
> oleaut32.dll: SafeArrayPtrOfIndex
> ole32.dll: CreateStreamOnHGlobal
> oleaut32.dll: GetErrorInfo
> olepro32.dll: OleLoadPicture
> comctl32.dll: ImageList_SetIconSize
> shell32.dll: Shell_NotifyIconA
> wininet.dll: InternetReadFile
> shell32.dll: SHGetSpecialFolderLocation
> winmm.dll: sndPlaySoundA
> ole32.dll: CoUninitialize
> shell32.dll: SHGetMalloc
> ole32.dll: CoCreateInstance
> ole32.dll: DoDragDrop
> shell32.dll: SHGetInstanceExplorer

( 0 exports )

packers (Kaspersky): ASPack
packers (F-Prot): Aspack

voici le rapport antivir

Creation date of the report file: lundi 14 juillet 2008 14:13

AntiVir®/XP (2000 + NT) PersonalEdition Classic
Build 1114 of 04.11.2005
Mainprogram 6.32.00.51 of 03.11.2005
VDF file 6.33.0.103 (0) of 06.01.2006

This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.

Scanning for 277901 virus strains and unwanted programs.

Licensed for: AntiVir Personal Edition
Serial number: 0000149991-WURGE-0001

Please enter the workstation and
contact name with phone number in this form:

Name ___________________________________________

Street ___________________________________________

Town ___________________________________________

Phone/Fax ___________________________________________

Email ___________________________________________

Platform: Windows NT Workstation
Windows version: 5.1 Build 2600 (Service Pack 2)
Username: ANTHONY PIRES
Computername: PCTEK
Processor: Pentium
Working memory: 261616 KB free

Version information:
AVWIN.DLL : 6.32.00.51 561192 04.11.2005 13:58:52
AVEWIN32.DLL : 6.33.0.75 1008128 06.01.2006 15:44:54
AVGNT.EXE : 6.32.00.02 180327 14.10.2005 13:32:02
AVGUARD.EXE : 6.32.00.12 208424 17.10.2005 09:35:12
GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 12:24:10
AVGCMSG.DLL : 6.32.00.01 295029 13.10.2005 17:32:14
AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 09:07:16
AVPACK32.DLL : 6.32.00.02 319528 18.10.2005 12:57:30
AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 19:10:20
AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 19:10:22
AVSched32.EXE : 6.32.00.01 110632 20.09.2005 15:16:24
AVSched32.DLL : 6.30.00.00 122880 01.02.2005 12:24:10
AVREG.DLL : 6.31.00.05 41000 07.09.2005 17:34:50
AVRep.DLL : 6.33.00.100 1617960 06.01.2006 15:45:00
INETUPD.EXE : 6.32.00.53 262203 04.11.2005 13:58:52
INETUPD.DLL : 6.32.00.53 143360 04.11.2005 13:58:52
CTL3D32.DLL : 2.31.000 27136 30.08.2002 14:00:00
MFC42.DLL : 6.02.4131.0 1028096 20.08.2004 01:09:30
MSVCRT.DLL : 7.0.2600.2180 (xpsp_sp2_rtm.0408
MSVCRT.DLL : 7.0.2600.2180 343040 20.08.2004 01:09:34
CTL3DV2.DLL : No information

Configuration file:

Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI
Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG
Start path: C:\Program Files\AVPersonal
Command line:
Start mode: unknown

Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report

Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information

Abridge report file:
[ ] Abridge report file

Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged

Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100

Where to search:
[X] Memory
[X] Boot record of selected drives
[ ] Report unknown boot sectors
[ ] All files
[X] Program files
Extensions: .386 .?HT* .ACM .ADE .ADP .ANI .APP .ASD .ASF .ASP .ASX .AWX .AX .BAS .BAT .BIN .BOO .CDF .CHM .CLASS .CMD .CNV .COM .CPL .CRT .CSH .DLL .DLO .DO? .DRV .EMF .EML .EXE* .FLT .FOT .HLP .HT* .INF .INI .INS .ISP .J2K .JAR .JFF .JFI .JFIF .JIF .JMH .JNG .JP2 .JPE .JPEG .JPG .JS* .JSE .LNK .MD? .MDB .MOD .MS? .NWS .OBJ .OCX .OLB .OSD .OV? .PCD .PDR .PGM .PHP .PIF .PKG .PL* .PNG .POT .PPS .PPT .PRG .RAR .REG .RPL .RTF .SBF .SCR .SCRIPT .SCT .SH .SHA .SHB .SHS .SHTM* .SPL .SWF .SYS .TLB .TMP .TSP .TTF .URL .VB? .VCS .VLM .VXD .VXO .WIZ .WLL .WMD .WMF .WMS .WMZ .WPC .WSC .WSF .WSH .WWK .XL? .XML .ZIP

Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm

Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore

Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date

Drag&drop settings:
[X] Scan subdirectories

Profile settings:
[X] Scan subdirectories

Archive options
[X] Search archive
[X] All archive types

Miscellaneous options:
Temporary path: %TEMP% -> C:\DOCUME~1\ANTHON~1\LOCALS~1\Temp
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[X] Load AVWin®/NT Guard on System start

General settings:
[X] Save options on exiting AntiVir
Priority: medium

Drives:
A: Floppy drive
C: Hard disk
D: CD-ROM
E: CD-ROM
F: CD-ROM
G: Floppy drive
H: Floppy drive
I: Floppy drive
J: Floppy drive
K: CD-ROM

Start of scan: lundi 14 juillet 2008 14:13

Memory test OK
Master boot record of hard disk HD0 OK
Master boot record of hard disk HD1
The record could not be read!
Error code: 0x0015
Master boot record of hard disk HD2
The record could not be read!
Error code: 0x0015
Master boot record of hard disk HD3
The record could not be read!
Error code: 0x0015
Master boot record of hard disk HD4
The record could not be read!
Error code: 0x0015
Boot record of drive C: OK

Access denied! Error during file opening!
Error code: 0x0002
C:\

WARNING! Access error/file locked!
Access denied! Error during file opening!
Error code: 0x0002

WARNING! Access error/file locked!
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery
Advertisingcom.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom10.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom11.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom12.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom13.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom14.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom6.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom7.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom8.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Advertisingcom9.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Adviva.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AlexaRelated.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
AvenueAInc6.zip
ArchiveType: ZIP
BFast.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
BFast1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
BFast2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
CommissionJunction.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
CommissionJunction1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
CommonName.zip
ArchiveType: ZIP
Cydoor.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Cydoor1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Cydoor2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Cydoor3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DoubleClick.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DoubleClick1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DoubleClick2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DoubleClick3.zip
ArchiveType: ZIP
DoubleClick4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DoubleClick5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DoubleClick6.zip
ArchiveType: ZIP
DSOExploit.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DSOExploit1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DSOExploit2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DSOExploit3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
DSOExploit4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
FastClick.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
FastClick1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
FastClick2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
FastClick3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator10.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator11.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator12.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator13.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator5.zip
ArchiveType: ZIP
Gator6.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator7.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator8.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
Gator9.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox6.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox7.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitBox8.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
HitsLink.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
LinkSynergy.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MediaPlex.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MediaPlex1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MediaPlex2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MediaPlex3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MediaPlex4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MSWorks.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MSWorks1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MySearch.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
MySearch1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SCData.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SCData1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SCData2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SCData3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexList.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexList1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker10.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker11.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker12.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker13.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker6.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker7.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker8.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
SexTracker9.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
TargetNet.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
TargetNet1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
TargetNet2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
TargetNet3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
ValueClick6.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WebTrendslive.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WindowsMediaPlayer.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WindowsMediaPlayer1.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WindowsMediaPlayer2.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WindowsMediaPlayer3.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WindowsMediaPlayer4.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
WindowsMediaPlayer5.zip
ArchiveType: ZIP
NOTE! The whole archive is password protected
C:\Documents and Settings\ANTHONY PIRES\Application Data\Nikon\Message Center\DOWNLOAD_CACHE
11375.zip
ArchiveType: ZIP
C:\Documents and Settings\ANTHONY PIRES\Local Settings\Temp
fla2.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
~DF3A.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
~DF3FBF.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
~DF3FDA.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
~DF9D.tmp
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
C:\Downloads
SEX.AND.THE.CITY.LE.FILM.FRENCH.CAM.ASSEZ.BONNE.QUALITE.rar
ArchiveType: RAR
--> SEX.AND.THE.CITY.LE.FILM.FRENCH.CAM.ASSEZ.BONNE.QUALITE\Sex.and.the.City.FRENCH.avi
WARNING! Not enough memory
C:\Program Files\eMule\Incoming\musique\centre
La.Récré.-.Les.jolies.chansons.de.nos.Enfants--_--.livret.ace
ArchiveType: ACE
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Ainsi font les petites marionnettes - Karaok‚.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Au jardin de mom pŠre.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Dodo, l'enfant Do - Karaok‚.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\J'ai des pommes … vendre - Karaok‚.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\J'ai des pommes … vendre.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Le fermier dans son pr‚ - Karaok‚.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Le fermier dans son pr‚.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Sur le pont d'avignon - Karaok‚.mp3
WARNING! Error open file
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Une souris verte - Karaok‚.mp3
WARNING! Error open file
C:\Program Files\eMule\Temp
Cirqu-rec.rar
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
Les C-rec.rar
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
Lost -rec.zip
ArchiveType: ZIP
C:\Program Files\WinRAR
rarnew.dat
ArchiveType: RAR
NOTE! The archive is created by multiple volumes
Error! Could not change directory: System Volume Information
C:\WINDOWS\Driver Cache\i386
Q323183.cab
ArchiveType: CAB (Microsoft)
--> bogus
The archive type was excluded from search
C:\WINDOWS\system32\config
default
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SAM
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
SECURITY
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
software
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!
system
Access denied! Error during file opening!
Error code: 0x000D
WARNING! Access error/file locked!

End of scan: lundi 14 juillet 2008 19:03
Time taken: 289:43 min

7677 directories were scanned
258607 files were scanned
22 warning messages were issued
0 files were deleted
0 files were repaired
0 detections

Réponse 7 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

encore des problemes???

Réponse 8 / 9

tonydu59

tout a l'air de fonctionné je né plu de message derreur lorsque j'allume mon ordi
encore merci pour ton aide

Réponse 9 / 9

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

vire ce qui est dans la sauvegarde de spybot

_________

si ce sont des cracks vire les fichiers suivant: car suspects:

SEX.AND.THE.CITY.LE.FILM.FRENCH.CAM.ASSEZ.BONNE.QUALITE.rar

--> SEX.AND.THE.CITY.LE.FILM.FRENCH.CAM.ASSEZ.BONNE.QUALITE\Sex.and.the.City.FRENCH.avi

C:\Program Files\eMule\Incoming\musique\centre
La.Récré.-.Les.jolies.chansons.de.nos.Enfants--_--.livret.ace

--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Ainsi font les petites marionnettes - Karaok‚.mp3

--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Au jardin de mom pŠre.mp3

> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Dodo, l'enfant Do - Karaok‚.mp3

--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\J'ai des pommes … vendre - Karaok‚.mp3

--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\J'ai des pommes … vendre.mp3

--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Le fermier dans son pr‚ - Karaok‚.mp3
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Le fermier dans son pr‚.mp3

--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Sur le pont d'avignon - Karaok‚.mp3
--> La R‚cr‚ - Une Souris Verte et les jolies chansons de nos Enfants\Une souris verte

______________________

si tout c'est bien passé désactive la restauration système pour purger les virus qui seraient dedans puis réactive là : https://www.informatruc.com

________________________

voilà c'est bon!!!

Discussions similaires

Ouvrir un fichier .pub sans Publisher

Ouvrir document Publisher sans Publisher

lire un fichier .pub

Fenetre de pub intempestive

9 réponses

Votre réponse

Discussions similaires

Newsletters