Virus indécrotable
Résolu/Fermé
hack_net
Messages postés
783
Date d'inscription
lundi 5 mars 2007
Statut
Membre
Dernière intervention
5 juin 2014
-
17 juil. 2008 à 18:12
lrd - 6 juil. 2015 à 16:35
lrd - 6 juil. 2015 à 16:35
A voir également:
- Virus indécrotable
- Svchost.exe virus - Guide
- Youtu.be virus - Guide
- Faux message virus ordinateur - Guide
- Faux message virus iphone - Forum iPhone
- Tinyurl.com virus - Forum Virus
70 réponses
hack_net
Messages postés
783
Date d'inscription
lundi 5 mars 2007
Statut
Membre
Dernière intervention
5 juin 2014
51
23 juil. 2008 à 13:38
23 juil. 2008 à 13:38
Nouveau scan de maintenant :
J'ai refait un scan Hijackthis maintenant :
Avira AntiVir Personal
Report file date: mercredi 23 juillet 2008 12:06
Scanning for 1491462 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC-ROM1
Version information:
BUILD.DAT : 8.1.0.326 16933 Bytes 11/07/2008 12:57:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15
ANTIVIR2.VDF : 7.0.5.144 1690624 Bytes 21/07/2008 21:40:04
ANTIVIR3.VDF : 7.0.5.153 96256 Bytes 22/07/2008 21:39:38
Engineversion : 8.1.1.11
AEVDF.DLL : 8.1.0.5 102772 Bytes 09/07/2008 08:46:50
AESCRIPT.DLL : 8.1.0.59 307579 Bytes 18/07/2008 21:39:56
AESCN.DLL : 8.1.0.23 119156 Bytes 17/07/2008 21:51:38
AERDL.DLL : 8.1.0.20 418165 Bytes 09/07/2008 08:46:50
AEPACK.DLL : 8.1.2.1 364917 Bytes 17/07/2008 21:51:36
AEOFFICE.DLL : 8.1.0.21 192891 Bytes 18/07/2008 21:39:53
AEHEUR.DLL : 8.1.0.43 1339767 Bytes 18/07/2008 21:39:51
AEHELP.DLL : 8.1.0.15 115063 Bytes 09/07/2008 08:46:50
AEGEN.DLL : 8.1.0.29 307573 Bytes 09/07/2008 08:46:50
AEEMU.DLL : 8.1.0.6 430451 Bytes 09/07/2008 08:46:50
AECORE.DLL : 8.1.1.6 172405 Bytes 17/07/2008 21:51:21
AEBB.DLL : 8.1.0.1 53617 Bytes 24/04/2008 08:50:42
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 7.0.0.1 155688 Bytes 30/06/2008 14:35:20
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: high
Primary action...................: delete
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, H:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Expanded search settings.........: 0x00001000
Start of the scan: mercredi 23 juillet 2008 12:06
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe'
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Mozilla Firefox\firefox.exe'
Scan process 'CCC.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe'
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Messenger\msmsgs.exe'
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\wuauclt.exe'
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe'
C:\Program Files\MSN Pictures Displayer\
MSN Pictures Displayer.exe
[0] Archive type: RSRC
--> Object
--> Object
--> Object
Scan process 'MSN Pictures Displayer.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe'
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\ctfmon.exe'
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe'
Scan process 'alg.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\System32\alg.exe'
Scan process 'RocketDock.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\RocketDock\RocketDock.exe'
Scan process 'SuperCopier2.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\SuperCopier2\SuperCopier2.exe'
Scan process 'MOM.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE'
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe'
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe'
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\RunDll32.exe'
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe'
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe'
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe'
Scan process 'SBCSTray.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe'
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\RTHDCPL.EXE'
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\wbem\wmiprvse.exe'
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\Explorer.EXE'
Scan process 'winvnc4.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\RealVNC\VNC4\WinVNC4.exe'
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\wdfmgr.exe'
Scan process 'SBCSSvc.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe'
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Bonjour\mDNSResponder.exe'
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe'
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\Ati2evxx.exe'
Scan process 'sched.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe'
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\spoolsv.exe'
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\svchost.exe'
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\svchost.exe'
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\System32\svchost.exe'
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\svchost.exe'
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\svchost.exe'
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\Ati2evxx.exe'
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\lsass.exe'
Scan process 'services.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\services.exe'
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\winlogon.exe'
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\system32\csrss.exe'
Scan process 'smss.exe' - '1' Module(s) have been scanned
Module is OK -> 'C:\WINDOWS\System32\smss.exe'
42 processes with 42 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\
ati2evxx.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\DLLName
C:\WINDOWS\system32\
crypt32.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\DllName
C:\WINDOWS\system32\
cryptnet.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\DllName
C:\WINDOWS\system32\
cscdll.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\DLLName
C:\WINDOWS\system32\
wlnotify.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\DLLName
C:\WINDOWS\system32\
wlnotify.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\DllName
C:\WINDOWS\system32\
sclgntfy.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\DllName
C:\WINDOWS\system32\
ntsd.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path\Debugger
C:\WINDOWS\
RTHDCPL.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RTHDCPL
C:\WINDOWS\
Alcmtr.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alcmtr
C:\Program Files\Sunbelt Software\CounterSpy\
SBCSTray.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SBCSTray
C:\WINDOWS\system32\
RunDll32.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CmUsbAudio
C:\WINDOWS\system32\
Java.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\MenuText
C:\WINDOWS\system32\
Java.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\MenuText
C:\Program Files\WinHTTrack\
WinHTTrackIEBar.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{36ECAF82-3300-8F84-092E-AFF36D6C7040}\Icon
C:\Program Files\WinHTTrack\
WinHTTrackIEBar.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{36ECAF82-3300-8F84-092E-AFF36D6C7040}\HotIcon
C:\WINDOWS\
bdoscandel.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66}\Exec
C:\Program Files\Microsoft Office\Office12\
REFBAR.ICO
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\Icon
C:\Program Files\Microsoft Office\Office12\
REFBARH.ICO
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}\HotIcon
C:\Program Files\Messenger\
msmsgs.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\Exec
C:\Program Files\Messenger\
msmsgs.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\HotIcon
C:\WINDOWS\inf\
unregmp2.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\Stubpath
C:\WINDOWS\
Explorer.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}
C:\WINDOWS\
Explorer.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}
C:\WINDOWS\system32\
shmgrate.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\StubPath
C:\WINDOWS\system32\
shmgrate.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\StubPath
C:\WINDOWS\system32\
msiexec.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ccc-core-static\StubPath
C:\Program Files\Java\jre1.6.0_07\bin\
regutils.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}\KeyFileName
C:\WINDOWS\system32\
Graphics.COM
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
C:\WINDOWS\system32\
Graphics.COM
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}
C:\WINDOWS\system32\
Setup.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
C:\WINDOWS\system32\
themeui.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath
C:\WINDOWS\system32\
themeui.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\StubPath
C:\WINDOWS\system32\
user.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath
C:\WINDOWS\system32\
user.EXE
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\StubPath
C:\WINDOWS\inf\
msnetmtg.inf
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath
C:\WINDOWS\inf\
msnetmtg.inf
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\StubPath
C:\WINDOWS\inf\
msmsgs.inf
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath
C:\WINDOWS\inf\
msmsgs.inf
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\StubPath
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\
Wizard.BAT
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}\(Default)
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\
Wizard.BAT
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}\(Default)
C:\WINDOWS\system32\
msieftp.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}\KeyFileName
C:\WINDOWS\inf\
wmp.inf
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath
C:\WINDOWS\inf\
wmp.inf
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\StubPath
C:\WINDOWS\system32\
regsvr32.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath
C:\WINDOWS\system32\
shell32.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath
C:\WINDOWS\system32\
shell32.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\StubPath
C:\WINDOWS\system32\
ie4uinit.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\StubPath
C:\WINDOWS\system32\
mscories.dll
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\StubPath
C:\WINDOWS\system32\
ctfmon.exe
[INFO] HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE
C:\WINDOWS\system32\
logon.scr
[INFO] HKEY_CURRENT_USER\Control Panel\Desktop\Scrnsave.exe
C:\WINDOWS\system32\
logonuiX.exe
[INFO] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
desktop.ini
[INFO] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Startup
C:\WINDOWS\system32\
desktop.ini
[INFO] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Startup
C:\WINDOWS\system32\
desktop.ini
[INFO] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Startup
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
Ralink Wireless Utility.lnk
[INFO] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Startup
C:\Program Files\RALINK\Common\
RaUI.exe
[INFO] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Common Startup
The registry was scanned ( '57' files ).
Starting the file scan:
Begin scan in 'C:\' <Systéme>
[...]
**Plus le lecteur H:\ a nouveau***
End of the scan: mercredi 23 juillet 2008 13:01
Used time: 55:10 Minute(s)
The scan has been done completely.
11784 Scanning directories
440480 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
55 Files cannot be scanned
440425 Files not concerned
3196 Archives were scanned
67 Warnings
690 Notes
J'ai refait un scan Hijackthis maintenant :
Logfile of HijackThis v1.99.1 Scan saved at 13:36:55, on 23/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\RocketDock\RocketDock.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Winamp\winamp.exe C:\Documents and Settings\h4ck.n3t\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.latestgadget.co/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CmUsbAudio] RunDll32 cmcnfg2.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Sys81.exe] C:\Windows\Sys81.exe O4 - HKLM\..\Run: [Sys82.exe] C:\Windows\Sys82.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Sys83.exe] C:\Windows\Sys83.exe O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.801.1629 (GoogleDesktopManager-010108-205858) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files\Tor\tor.exe" --nt-service -f "C:\Documents and Settings\h4ck.n3t\Application Data\Vidalia\torrc" ControlPort 9051 (file missing) O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
Utilisateur anonyme
23 juil. 2008 à 14:20
23 juil. 2008 à 14:20
° Relance "HijackThis"
° choisis "Do a scan only"
° Coche la(les) case(s) devant les lignes ci-dessous:
° O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
° O4 - HKLM\..\Run: [Sys81.exe] C:\Windows\Sys81.exe
° O4 - HKLM\..\Run: [Sys82.exe] C:\Windows\Sys82.exe
° O4 - HKCU\..\Run: [Sys83.exe] C:\Windows\Sys83.exe
° Puis clique en bas sur "fix checked"
° Puis reposte un nouveau rapport HijackThis stp.
° choisis "Do a scan only"
° Coche la(les) case(s) devant les lignes ci-dessous:
° O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
° O4 - HKLM\..\Run: [Sys81.exe] C:\Windows\Sys81.exe
° O4 - HKLM\..\Run: [Sys82.exe] C:\Windows\Sys82.exe
° O4 - HKCU\..\Run: [Sys83.exe] C:\Windows\Sys83.exe
° Puis clique en bas sur "fix checked"
° Puis reposte un nouveau rapport HijackThis stp.
hack_net
Messages postés
783
Date d'inscription
lundi 5 mars 2007
Statut
Membre
Dernière intervention
5 juin 2014
51
23 juil. 2008 à 16:23
23 juil. 2008 à 16:23
C'est fait... Voici le résultat :
Logfile of HijackThis v1.99.1 Scan saved at 16:22:34, on 23/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\RocketDock\RocketDock.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\h4ck.n3t\Bureau\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.latestgadget.co/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [CmUsbAudio] RunDll32 cmcnfg2.cpl,CMICtrlWnd O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.801.1629 (GoogleDesktopManager-010108-205858) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files\Tor\tor.exe" --nt-service -f "C:\Documents and Settings\h4ck.n3t\Application Data\Vidalia\torrc" ControlPort 9051 (file missing) O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
Utilisateur anonyme
23 juil. 2008 à 18:26
23 juil. 2008 à 18:26
Ok parfait fais ceci stp:
° Télécharge ToolsCleaner sur ton bureau
° Une fois téléchargé, installez-le et lancez-le.
° Cliquez sur Recherche et laissez le scan se terminer.
° Cliquez sur Suppression pour finaliser.
° Vous pouvez, si vous le souhaitez, vous servir des options suivantes :
o Point de Restauration.
o Corbeille.
o Nettoyage des fichiers Temporaires.
o Sauvegarde du registre.
° Cliquez sur Quitter, pour que le rapport puisse se créer.
° Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\). ouvre le et poste le moi.
° Télécharge ToolsCleaner sur ton bureau
° Une fois téléchargé, installez-le et lancez-le.
° Cliquez sur Recherche et laissez le scan se terminer.
° Cliquez sur Suppression pour finaliser.
° Vous pouvez, si vous le souhaitez, vous servir des options suivantes :
o Point de Restauration.
o Corbeille.
o Nettoyage des fichiers Temporaires.
o Sauvegarde du registre.
° Cliquez sur Quitter, pour que le rapport puisse se créer.
° Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\). ouvre le et poste le moi.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
hack_net
Messages postés
783
Date d'inscription
lundi 5 mars 2007
Statut
Membre
Dernière intervention
5 juin 2014
51
23 juil. 2008 à 20:47
23 juil. 2008 à 20:47
Voici le rapport :
C'est moi ou le logiciel s'est trompé ?
-->- Recherche: C:\Documents and Settings\h4ck.n3t\Bureau\HijackThis.exe: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\h4ck.n3t\Bureau\HijackThis.exe: supprimé !
C'est moi ou le logiciel s'est trompé ?
Utilisateur anonyme
23 juil. 2008 à 21:51
23 juil. 2008 à 21:51
Re, non c'est ca lol. Désinstalle ToolsCleaner et fais ceci:
Télécharge Ccleaner sur ton bureau Lors de l'installation il te proposerons d'installer Yahoo!Toolbar tu décoche la case.
° Une fois, l'installation, fermes toutes tes applications.
°°°Réglage°°°:
° Ouvre "Ccleaner" vas dans l'onglet "Option" puis "Avancé" puis décoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" puis décoche la case "Demander pour sauvegarder les modifications du registre"
°°°Nettoyage°°°:
° Vas dans l'onglet "Nettoyeur" coche la case toute les case du sous-onglet "Avancé" puis fais "Analyse" puis "Lancer le nettoyage".
°°°Registre°°°:
° Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée". Tu refais tous ça 4-5 fois (le nettoyage et le registre).
°°°Désinstaller des programmes°°°
° Si tu souhaite supprimer des logiciel inutile, Ouvre "Ccleaner" va dans "Outils" et clique sur le logiciel que tu souhaite supprimer puis clique sur "Lancer la désinstallation". Puis repasse un coup de "Nettoyage" et de "Registre".
°°°Puis pour finir fais ceci°°°:
° Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
Télécharge Ccleaner sur ton bureau Lors de l'installation il te proposerons d'installer Yahoo!Toolbar tu décoche la case.
° Une fois, l'installation, fermes toutes tes applications.
°°°Réglage°°°:
° Ouvre "Ccleaner" vas dans l'onglet "Option" puis "Avancé" puis décoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" puis décoche la case "Demander pour sauvegarder les modifications du registre"
°°°Nettoyage°°°:
° Vas dans l'onglet "Nettoyeur" coche la case toute les case du sous-onglet "Avancé" puis fais "Analyse" puis "Lancer le nettoyage".
°°°Registre°°°:
° Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée". Tu refais tous ça 4-5 fois (le nettoyage et le registre).
°°°Désinstaller des programmes°°°
° Si tu souhaite supprimer des logiciel inutile, Ouvre "Ccleaner" va dans "Outils" et clique sur le logiciel que tu souhaite supprimer puis clique sur "Lancer la désinstallation". Puis repasse un coup de "Nettoyage" et de "Registre".
°°°Puis pour finir fais ceci°°°:
° Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
hack_net
Messages postés
783
Date d'inscription
lundi 5 mars 2007
Statut
Membre
Dernière intervention
5 juin 2014
51
24 juil. 2008 à 15:14
24 juil. 2008 à 15:14
C'est fait...
C'est enfin terminé (parceque je commence a en avoir marre de ce p*tin de virus...) ?
C'est enfin terminé (parceque je commence a en avoir marre de ce p*tin de virus...) ?
hack_net
Messages postés
783
Date d'inscription
lundi 5 mars 2007
Statut
Membre
Dernière intervention
5 juin 2014
51
24 juil. 2008 à 15:31
24 juil. 2008 à 15:31
Merci boy94450...
Vraiment sans toi je n'y serais jamais arrivé...
A+, et bonne continuation
Vraiment sans toi je n'y serais jamais arrivé...
A+, et bonne continuation
