Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Mardi 18 novembre 2008 - 19:17:27
- inscrits : 1065022
- connectés : 72720
- questions/jour : 5073
- Taux de réponse : 74.58%
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Bonjour,
depuis 2 jours, l'affichage des fentres internet est tres lent, ainsi que lorsque je click sur des dossiers pour ouvrir ou fermer c'est tres lent et au lorsque j'utilse la barre d'assenceure aussi parfois ca bloque est je suis oublige' de redemarrer
je pense que c'est un pb de virus mais je ne sais pas lequel
si quelq'un peut m'aider ?
merci d'avance
voici le rapport de
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:07, on 23/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Micro Focus\Net Express\Base\bin\mfds.exe
C:\Program Files\Micro Focus\Net Express\Base\mfsql\bin\xsrvnx.exe
C:\Program Files\Microsoft Analysis Services\Bin\msmdsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Atheros\acu.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe.
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [ACU] C:\Program Files\Atheros\acu.exe
O4 - HKLM\..\Run: [Look 'n' Stop] C:\Program Files\Soft4Ever\looknstop\looknstop.exe -auto
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files\Toshiba\ConfigFree\NDSTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm
O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://fr.systemdoctor.com/download/2006/cab/SystemDoctor2006FreeInstall_fr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: Domain = free.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{811EFAAD-5131-4508-8809-F0BCFBB3C273}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: Domain = free.fr
O17 - HKLM\System\CS1\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: Domain = free.fr
O17 - HKLM\System\CS2\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: NameServer = 212.27.53.252,212.27.54.252
O20 - Winlogon Notify: LogonLauncher - C:\WINDOWS\SYSTEM32\LogLaun.dll
O23 - Service: AEServ - Unknown owner - C:\WINDOWS\system32\AEServEx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Micro Focus Directory Server (mf_CCITCP2) - Unknown owner - C:\Program Files\Micro Focus\Net Express\Base\bin\mfds.exe
O23 - Service: Micro Focus XDB Server for NX 4.0 - Unknown owner - C:\Program Files\Micro Focus\Net Express\Base\mfsql\bin\xsrvnx.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
End of file - 10584 bytes
depuis 2 jours, l'affichage des fentres internet est tres lent, ainsi que lorsque je click sur des dossiers pour ouvrir ou fermer c'est tres lent et au lorsque j'utilse la barre d'assenceure aussi parfois ca bloque est je suis oublige' de redemarrer
je pense que c'est un pb de virus mais je ne sais pas lequel
si quelq'un peut m'aider ?
merci d'avance
voici le rapport de
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:07, on 23/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Micro Focus\Net Express\Base\bin\mfds.exe
C:\Program Files\Micro Focus\Net Express\Base\mfsql\bin\xsrvnx.exe
C:\Program Files\Microsoft Analysis Services\Bin\msmdsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Program Files\Atheros\acu.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe.
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [ACU] C:\Program Files\Atheros\acu.exe
O4 - HKLM\..\Run: [Look 'n' Stop] C:\Program Files\Soft4Ever\looknstop\looknstop.exe -auto
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files\Toshiba\ConfigFree\NDSTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm
O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://fr.systemdoctor.com/download/2006/cab/SystemDoctor2006FreeInstall_fr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: Domain = free.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{811EFAAD-5131-4508-8809-F0BCFBB3C273}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS1\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: Domain = free.fr
O17 - HKLM\System\CS1\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CS2\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: Domain = free.fr
O17 - HKLM\System\CS2\Services\Tcpip\..\{292FC988-C6B3-4C9E-9B21-F8CEF6378B8A}: NameServer = 212.27.53.252,212.27.54.252
O20 - Winlogon Notify: LogonLauncher - C:\WINDOWS\SYSTEM32\LogLaun.dll
O23 - Service: AEServ - Unknown owner - C:\WINDOWS\system32\AEServEx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Micro Focus Directory Server (mf_CCITCP2) - Unknown owner - C:\Program Files\Micro Focus\Net Express\Base\bin\mfds.exe
O23 - Service: Micro Focus XDB Server for NX 4.0 - Unknown owner - C:\Program Files\Micro Focus\Net Express\Base\mfsql\bin\xsrvnx.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
End of file - 10584 bytes
Configuration: Windows XP Internet Explorer 7.0
Salut,
ficx : F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://fr.systemdoctor.com/download/2006/cab/SystemDoctor2006FreeInstall_fr.cab O23 - Service: AEServ - Unknown owner - C:\WINDOWS\system32\AEServEx.exe (file missing) --------------------------------PUIS Télécharge http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe sur ton Bureau et lance le. Assure toi que la case "Unregister Dll's and Ocx's" soit bien cochée. Copie et colle les ligne ci-dessous dans l'encadré bleue de OTMoveIt nommé Paste Standard List of Files/Folders to move. C:\WINDOWS\system32\userinit.exe Clique sur MoveIt! pour lancer la suppression. Si OTMoveIt propose de redémarrer ton PC, accepte ! Lorsque un résultat apparaît dans le cadre Results, clique sur Exit. Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles. -----------------------------PUIS fait un scan en ligne avec internet explore, si tu as firefox fait: démarrer -> executer -> tape : iexplore (puis valide) (coche toutes les cases à chaque fois) : http://www.eset-nod32.fr/scanner.html à la fin colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt si ta besoin d'aide tu as un tutoriel ici : http://bibou0007.com/tutos-et-lexique-f45/tutorial-nod32-online-scanner-t128.htm |
|
Suis bien les ses conseils ! |
|
merci pour votre aide c'etait tres lang a faire mais il falait le faire:
le rapport Item C:\WINDOWS\system32\userinit.exe is whitelisted and cannot be moved. OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03232008_145849 le rapport du scan on line # version=4 # OnlineScanner.ocx=1.0.0.635 # OnlineScannerDLLA.dll=1, 0, 0, 79 # OnlineScannerDLLW.dll=1, 0, 0, 78 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=2967 (20080321) # vers_arch_module=1.064 (20080214) # vers_adv_heur_module=1.064 (20070717) # EOSSerial=22f882a3601a174591ec1adf62bc3bc0 # end=finished # remove_checked=true # unwanted_checked=false # utc_time=2008-03-23 08:44:57 # local_time=2008-03-23 09:44:57 (+0100, Romance Standard Time) # country="France" # osver=5.1.2600 NT Service Pack 2 # scanned=645308 # found=27 # scan_time=23991 C:\Documents and Settings\AUTRE\Desktop\SpywareSecure_trial_setup.exe Win32/Adware.SpywareSecure application (deleted) 00000000000000000000000000000000 C:\Documents and Settings\AUTRE\Desktop\SpywareSecure_trial_setup.exe »NSIS »Spyware-Secure_trial.exe Win32/Adware.SpywareSecure application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\AUTRE\Desktop\SpywareSecure_trial_setup.exe »NSIS »NSISSpywareSecure.dll Win32/Adware.SpywareSecure application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\03FVC5O4\SpywareSecure_trial_setup[1].exe Win32/Adware.SpywareSecure application (deleted) 00000000000000000000000000000000 C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\03FVC5O4\SpywareSecure_trial_setup[1].exe »NSIS »Spyware-Secure_trial.exe Win32/Adware.SpywareSecure application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\03FVC5O4\SpywareSecure_trial_setup[1].exe »NSIS »NSISSpywareSecure.dll Win32/Adware.SpywareSecure application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\Desktop\SecuredeMule0.47c_0601.EXE Win32/Adware.Toolbar.Shopper application (deleted) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\Desktop\SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\Desktop\SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe »NSIS »Installer.exe Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\Desktop\SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe »NSIS »Installer.exe »NSIS »ShoppingReport.dll Win32/Adware.Toolbar.Shopper application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\My Documents\SecuredeMule0.47c_0601.EXE Win32/Adware.Toolbar.Shopper application (deleted) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\My Documents\SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\My Documents\SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe »NSIS »Installer.exe Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\eMule_Secure\My Documents\SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe »NSIS »Installer.exe »NSIS »ShoppingReport.dll Win32/Adware.Toolbar.Shopper application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Documents and Settings\KHARACHI\Local Settings\Temporary Internet Files\Content.IE5\ZIDG6N1S\SystemDoctor2006FreeSetup_fr[1].exe Win32/Adware.WinFixer application (unable to clean - deleted) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\crack Altova XMLSpy Enterprise Edition 2007 Web hottest videos personal player.exe multiple infiltrations (deleted) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\crack Altova XMLSpy Enterprise Edition 2007 Web hottest videos personal player.exe »WISE »Outerinfo-1789.exe multiple infiltrations (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\crack Altova XMLSpy Enterprise Edition 2007 Web hottest videos personal player.exe »WISE »Outerinfo-1789.exe »NSIS »OiUninstaller.exe probably a variant of Win32/Adware.MediaTickets application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\crack Altova XMLSpy Enterprise Edition 2007 Web hottest videos personal player.exe »WISE »Outerinfo-1789.exe »NSIS »OiUninstaller.exe »NSIS »UE.exe probably a variant of Win32/Adware.MediaTickets application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\crack Altova XMLSpy Enterprise Edition 2007 Web hottest videos personal player.exe »WISE »Outerinfo-1789.exe »NSIS »OuterinfoUpdate.exe probably a variant of Win32/TrojanDownloader.PurityScan trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\Secured Downloading of crack Altova XMLSpy Enterprise Edition 2007 with New Secured eMule0.47c.zip Win32/Adware.Toolbar.Shopper application (deleted) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\Secured Downloading of crack Altova XMLSpy Enterprise Edition 2007 with New Secured eMule0.47c.zip »ZIP »SecuredeMule0.47c_0601.EXE Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\Secured Downloading of crack Altova XMLSpy Enterprise Edition 2007 with New Secured eMule0.47c.zip »ZIP »SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\Secured Downloading of crack Altova XMLSpy Enterprise Edition 2007 with New Secured eMule0.47c.zip »ZIP »SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe »NSIS »Installer.exe Win32/Adware.Toolbar.Shopper application (error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\Program Files\eMule\Incoming\Secured Downloading of crack Altova XMLSpy Enterprise Edition 2007 with New Secured eMule0.47c.zip »ZIP »SecuredeMule0.47c_0601.EXE »WISE »Zapu-SecuredEMule-Installer.exe »NSIS »Installer.exe »NSIS »ShoppingReport.dll Win32/Adware.Toolbar.Shopper application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 C:\RECYCLER\S-1-5-21-768265716-1339660417-4177505076-1005\Dc17.cab a variant of Win32/Adware.WinFixer application (deleted) 00000000000000000000000000000000 C:\RECYCLER\S-1-5-21-768265716-1339660417-4177505076-1005\Dc17.cab »CAB »USDR6V_0001_D18M3107NetInstaller.exe a variant of Win32/Adware.WinFixer application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000 |
|
ok ok...
fait gaffe a ce que tu télécharge sur emule, vu le rapport y avait plein de virus refait un hijackthis. |
|
voici mon etat apres les scan (ca fonctionne un peu mieux mais je ne sias pas s'il reste autre chose)
merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:10:42, on 24/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Micro Focus\Net Express\Base\bin\mfds.exe C:\Program Files\Micro Focus\Net Express\Base\mfsql\bin\xsrvnx.exe C:\Program Files\Microsoft Analysis Services\Bin\msmdsrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe C:\Program Files\Atheros\acu.exe C:\Program Files\Soft4Ever\looknstop\looknstop.exe C:\WINDOWS\system32\TPWRTRAY.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\RAMASST.exe C:\Program Files\Ela-Salaty\Salaty.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" O4 - HKLM\..\Run: [ACU] C:\Program Files\Atheros\acu.exe O4 - HKLM\..\Run: [Look 'n' Stop] C:\Program Files\Soft4Ever\looknstop\looknstop.exe -auto O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user') O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Edit with Altova X&MLSpy - C:\Program Files\Altova\XMLSpy2007\spy.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm O9 - Extra 'Tools' menuitem: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2007\spy.htm O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O20 - Winlogon Notify: LogonLauncher - C:\WINDOWS\SYSTEM32\LogLaun.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Micro Focus Directory Server (mf_CCITCP2) - Unknown owner - C:\Program Files\Micro Focus\Net Express\Base\bin\mfds.exe O23 - Service: Micro Focus XDB Server for NX 4.0 - Unknown owner - C:\Program Files\Micro Focus\Net Express\Base\mfsql\bin\xsrvnx.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe End of file - 10505 bytes le rapport de hijack le rapport de bit-defender BitDefender Online Scanner Rapport d'analyse généré à: Sun, Mar 23, 2008 - 19:20:02 Voie d'analyse: C:\;D:\; Statistiques Temps 03:58:18 Fichiers 98614 Directoires 10072 Secteurs de boot 2 Archives 1836 Paquets programmes 8907 Résultats Virus identifiés 5 Fichiers infectés 7 Fichiers suspects 0 Avertissements 0 Désinfectés 0 Fichiers effacés 7 Info sur les moteurs Définition virus 1021817 Version des moteurs AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36) Analyse des plugins 15 Archive des plugins 33 Unpack des plugins 6 E-mail plugins 6 Système plugins 4 Paramètres d'analyse Première action Désinfecté Seconde Action Supprimé Heuristique Oui Acceptez les avertissements Oui Extensions analysées exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas; Excludez les extensions Analyse d'emails Oui Analyse des Archives Oui Analyser paquets programmes Oui Analyse des fichiers Oui Analyse de boot Oui Fichier analysé Statut C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\03FVC5O4\021[1].htm Détecté avec: Adware.SpywareSecure.E C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\03FVC5O4\021[1].htm Echec de la désinfection C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\03FVC5O4\021[1].htm Supprimé C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\MCD19C09\017[1].htm Détecté avec: Adware.SpywareSecure.E C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\MCD19C09\017[1].htm Echec de la désinfection C:\Documents and Settings\AUTRE\Local Settings\Temporary Internet Files\Content.IE5\MCD19C09\017[1].htm Supprimé C:\RECYCLER\S-1-5-21-768265716-1339660417-4177505076-1005\Dc16.exe Détecté avec: Application.Winfixer.AQ C:\RECYCLER\S-1-5-21-768265716-1339660417-4177505076-1005\Dc16.exe Echec de la désinfection C:\RECYCLER\S-1-5-21-768265716-1339660417-4177505076-1005\Dc16.exe Supprimé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP202\A0056227.scr Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP202\A0056228.exe Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP202\snapshot\ Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP202\snapshot\ComDb.Dat Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP202\snapshot\Repository\ Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP202\snapshot\Repository\FS\ Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\ Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056231.dll Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056232.exe Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056233.ini Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056234.dll Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056235.ocx Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056285.EXE Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056286.SYS Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056287.SYS Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0056288.SYS Nettoyé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0057198.exe Détecté avec: Adware.Navipromo.BYZ C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0057198.exe Echec de la désinfection C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP203\A0057198.exe Supprimé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP206\A0058276.exe=>(NSIS o)=>lzma_solid_nsis0002 Détecté avec: Adware.Navipromo.BYS C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP206\A0058276.exe=>(NSIS o)=>lzma_solid_nsis0002 Supprimé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP206\A0058276.exe=>(NSIS o) Echec de la mise à jour C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP229\A0067299.exe=>(NSIS o) Détecté avec: Adware.SpywareSecure.B C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP229\A0067299.exe=>(NSIS o) Supprimé C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP229\A0067299.exe Echec de la mise à jour C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP230\A0067311.exe Détecté avec: Application.Winfixer.AQ C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP230\A0067311.exe Echec de la désinfection C:\System Volume Information\_restore{CB8232F6-6F86-4FF8-9639-133A519A027C}\RP230\A0067311.exe Supprimé |
|
merci a tous c'est ok |
Résultats pour affichage/reponse machine tres lent ()
PC anormalement lent (Résolu) Bonjour, malgres le passe de Antivir, AVG, Malwarebyte et ccleaner, mon PC est tres lent par moment surtout des l'explorations des dossiers et affichage tres tres lent du menu bouton droit dans l'explorateur. d'avance merci pour votre...
www.commentcamarche.net/forum/affich-7839985-pc-anormalement-lent
INTERNET EXPLORER TRES LENT (Résolu) Bonjour, depuis qqs jours, une semaine maximum Internet est beaucoup plus lent qu'à l'accoutumée : lenteur excessive pour afficher une page lenteur qd télécharge un fichier de 30 Mo max et j'essaye de télécharger des petits programmes...
www.commentcamarche.net/forum/affich-8141783-internet-explorer-tres-lent
Lenteur et infection à règler svp (Résolu) Bonjour, J'aimerais bien que quelqu'un me donne un coup de pouce pour faire un ménage sur mon ordi. J'ai déjà débuté la tâche moi-même. Je vous explique d'abord le problème: Machine lente, avertissements fréquents de Bitdefender...
www.commentcamarche.net/forum/affich-4068144-lenteur-et-infection-a-regler-svp
Résultats pour affichage/reponse machine tres lent ()
Machine i686-pc-linux not recognizedLors de l'installation d'un logiciel sous Debian, après avoir tapé './configure', le système affiche l'erreur suivante :
checking build system type... Invalid configuration `i686-pc-linux-oldld': machine `i686-pc-linux' not recognized
configure:...
www.commentcamarche.net/faq/sujet-9228-machine-i686-pc-linux-not-recognized
Linux est plus lent à démarrer que WindowsMythe
Linux est plus lent à démarrer que Windows.
Réalité
FAUX (enfin... pas tout à fait)
Explications
Note de sebsauvage: Je suis sous Ubuntu 7.04 (Linux). Entre le moment où je presse le bouton "Power" (machine à froid) et le moment où j'ai...
www.commentcamarche.net/faq/sujet-6631-linux-est-plus-lent-a-demarrer-que-windows
Résultats pour affichage/reponse machine tres lent ()
Problème de rafraichissement avec mon moniteu (Résolu)Bonjour, je depuis deux jours un problème avec mon moniteur LCD 7005L, il affiche les images lentement et en flou, mais lorsque je le laisse brancher longtemps la qualité de l'affichage s'améliore mais pas totalement. ma souris se deplace...
www.commentcamarche.net/forum/affich-4622128-probleme-de-rafraichissement-avec-mon-moniteu
Non reconnaissance de mon iPod au branchement (Résolu)Bonjour à tous, Alors voilà en parrallele du problème résolu ici: http://www.commentcamarche.net/forum/affich 6280277 pc lent un autre problème qui y est cité persiste, iTune ne réagi pas au branchement de mon iPod, pourtant il n'y a pas de...
www.commentcamarche.net/forum/affich-6328629-non-reconnaissance-de-mon-ipod-au-branchement
Affichage page inernet lente (Résolu)Hello, Z'ai un peti problème de lenteur d'affichage de page intenet, que j'utilise Explorer ou Firefox. C'est seulement avec l'affichage des pages internet,pour les téléchargements de fichiers, prgrammes j'ai le maximum...
www.commentcamarche.net/forum/affich-3508339-affichage-page-inernet-lente