Troyens dans mon pc
Fermé
jul
-
20 févr. 2006 à 20:20
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 - 22 févr. 2006 à 16:01
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 - 22 févr. 2006 à 16:01
A voir également:
- Troyens dans mon pc
- Benchmark pc - Guide
- Mon pc rame que faire - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
5 réponses
Kristopher
Messages postés
3731
Date d'inscription
vendredi 18 novembre 2005
Statut
Contributeur
Dernière intervention
10 juillet 2009
105
20 févr. 2006 à 20:43
20 févr. 2006 à 20:43
Salut,
Pour commencer :
- Scanne ton PC avec cet antivirus en ligne :
http://www.bitdefender.com/scan8/ie.html
Clique sur "I Agree" et scanne tout le PC.
Copie/colle le rapport sur le forum.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Ensuite
- Télécharge HijackThis : http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/29061.html
- Installe le dans son propre dossier.
Par exemple, C:\HijackThis
Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
Regarde la démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Bonne chance.
Pour commencer :
- Scanne ton PC avec cet antivirus en ligne :
http://www.bitdefender.com/scan8/ie.html
Clique sur "I Agree" et scanne tout le PC.
Copie/colle le rapport sur le forum.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Ensuite
- Télécharge HijackThis : http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/29061.html
- Installe le dans son propre dossier.
Par exemple, C:\HijackThis
Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
Regarde la démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Bonne chance.
voila j'ai fait comme tu m'a dit j'ai fait un scan en ligne avec bitdefender je te met le rapport le voila:
C:\WINDOWS\system32\i
Infected with: Backdoor.BotGet.FtpB.Gen
C:\WINDOWS\system32\i
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1C7002FF.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\1C7002FF.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1C7002FF.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\7E5C245E.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\7E5C245E.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\7E5C245E.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1C742CFB.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Ieax.A
C:\Program Files\Norton AntiVirus\Quarantine\1C742CFB.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1C742CFB.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\36794058.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\36794058.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\36794058.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\57420CE5.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\57420CE5.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\57420CE5.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\36A1382D.exe=>(Quarantine-2)
Infected with: Dropped:BAT.AutoDelete.A
C:\Program Files\Norton AntiVirus\Quarantine\36A1382D.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\36A1382D.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>GetAccess.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Dummy.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Installer.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Installer.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip
Update failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.cla=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.cla=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\57861DBC.cla=>(Quarantine-2)
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Program Files\Norton AntiVirus\Quarantine\57861DBC.cla=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\57861DBC.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2D573042.cla=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\2D573042.cla=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2D573042.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1A450958.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\1A450958.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1A450958.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3DE27227.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\3DE27227.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3DE27227.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1A2904F5.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C
C:\Program Files\Norton AntiVirus\Quarantine\1A2904F5.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\16D75095.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D
C:\Program Files\Norton AntiVirus\Quarantine\16D75095.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1A2D2EF1.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\1A2D2EF1.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\014E03B9.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\014E03B9.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\014E03B9.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\40B51839.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\40B51839.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\40B51839.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\58810A0B.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\58810A0B.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\58810A0B.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\154E01CE.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\154E01CE.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\154E01CE.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\05440AC9.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C
C:\Program Files\Norton AntiVirus\Quarantine\05440AC9.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\160F6E66.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D
C:\Program Files\Norton AntiVirus\Quarantine\160F6E66.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\054734C6.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\054734C6.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2FE610E4.fr6=>(Quarantine-2)
Detected with: Adware.Iectr.A
C:\Program Files\Norton AntiVirus\Quarantine\2FE610E4.fr6=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2FE610E4.fr6=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\350810A3.wmf
Infected with: Exploit.Win32.WMF-PFV.D
C:\Program Files\Norton AntiVirus\Quarantine\350810A3.wmf
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\350810A3.wmf
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064625.dll
Detected with: Adware.Iectr.A
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064625.dll
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064625.dll
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064628.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064628.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064628.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0065625.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0065625.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0065625.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066625.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066625.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066625.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066641.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066641.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066641.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066685.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066685.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066685.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066690.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066690.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066690.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0067117.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0067117.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0067117.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068117.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068117.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068117.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068143.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068143.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068143.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069143.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069143.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069143.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069180.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069180.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069180.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP276\A0069238.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP276\A0069238.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP276\A0069238.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069254.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069254.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069254.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069279.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069279.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069279.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069298.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069298.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069298.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP282\A0069459.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP282\A0069459.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP282\A0069459.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069510.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069510.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069510.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069521.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069521.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069521.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069524.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069524.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069524.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069546.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069546.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069546.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069576.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069576.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069576.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0069588.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0069588.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0069588.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0070588.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0070588.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0070588.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071588.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071588.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071588.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071716.exe
Infected with: Trojan.Fakealert
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071716.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071716.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071721.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071721.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071721.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071753.exe=>(Quarantine-2)
Infected with: Dropped:BAT.AutoDelete.A
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071753.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071753.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071754.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071754.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071754.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071755.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071755.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071755.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071756.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071756.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071756.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071757.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071757.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071757.exe=>(Quarantine-2)
Deleted
maintenant je te met le log de hidjack this le voila:
Logfile of HijackThis v1.99.1
Scan saved at 16:48:34, on 21/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MegaSpoof\SuperMegaSpoof.exe
C:\Documents and Settings\Jul\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Jul\LOCALS~1\Temp\sp.dll/sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
j'espère tu arrivera à déchiffré
merci de ton aide
C:\WINDOWS\system32\i
Infected with: Backdoor.BotGet.FtpB.Gen
C:\WINDOWS\system32\i
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1C7002FF.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\1C7002FF.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1C7002FF.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\7E5C245E.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\7E5C245E.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\7E5C245E.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1C742CFB.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Ieax.A
C:\Program Files\Norton AntiVirus\Quarantine\1C742CFB.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1C742CFB.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\36794058.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\36794058.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\36794058.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\57420CE5.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\57420CE5.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\57420CE5.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\36A1382D.exe=>(Quarantine-2)
Infected with: Dropped:BAT.AutoDelete.A
C:\Program Files\Norton AntiVirus\Quarantine\36A1382D.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\36A1382D.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>GetAccess.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Dummy.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Installer.class
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)=>Installer.class
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip=>(Quarantine-2)
Updated
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.zip
Update failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.cla=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.cla=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47367F7D.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\57861DBC.cla=>(Quarantine-2)
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Program Files\Norton AntiVirus\Quarantine\57861DBC.cla=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\57861DBC.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2D573042.cla=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\2D573042.cla=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2D573042.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1A450958.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\1A450958.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1A450958.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3DE27227.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Binny.A
C:\Program Files\Norton AntiVirus\Quarantine\3DE27227.tmp=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3DE27227.tmp=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1A2904F5.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C
C:\Program Files\Norton AntiVirus\Quarantine\1A2904F5.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\16D75095.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D
C:\Program Files\Norton AntiVirus\Quarantine\16D75095.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1A2D2EF1.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\1A2D2EF1.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\014E03B9.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\014E03B9.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\014E03B9.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\40B51839.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\40B51839.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\40B51839.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\58810A0B.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\58810A0B.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\58810A0B.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\154E01CE.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\Program Files\Norton AntiVirus\Quarantine\154E01CE.exe=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\154E01CE.exe=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\05440AC9.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.C
C:\Program Files\Norton AntiVirus\Quarantine\05440AC9.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\160F6E66.cla=>(Quarantine-2)
Infected with: Trojan.Java.ClassLoader.D
C:\Program Files\Norton AntiVirus\Quarantine\160F6E66.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\054734C6.cla=>(Quarantine-2)
Infected with: Trojan.Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\054734C6.cla=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2FE610E4.fr6=>(Quarantine-2)
Detected with: Adware.Iectr.A
C:\Program Files\Norton AntiVirus\Quarantine\2FE610E4.fr6=>(Quarantine-2)
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2FE610E4.fr6=>(Quarantine-2)
Deleted
C:\Program Files\Norton AntiVirus\Quarantine\350810A3.wmf
Infected with: Exploit.Win32.WMF-PFV.D
C:\Program Files\Norton AntiVirus\Quarantine\350810A3.wmf
Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\350810A3.wmf
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064625.dll
Detected with: Adware.Iectr.A
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064625.dll
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064625.dll
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064628.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064628.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0064628.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0065625.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0065625.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0065625.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066625.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066625.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066625.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066641.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066641.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066641.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066685.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066685.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066685.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066690.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066690.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP274\A0066690.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0067117.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0067117.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0067117.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068117.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068117.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068117.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068143.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068143.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0068143.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069143.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069143.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069143.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069180.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069180.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP275\A0069180.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP276\A0069238.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP276\A0069238.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP276\A0069238.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069254.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069254.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069254.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069279.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069279.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069279.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069298.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069298.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP277\A0069298.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP282\A0069459.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP282\A0069459.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP282\A0069459.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069510.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069510.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069510.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069521.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069521.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069521.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069524.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069524.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069524.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069546.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069546.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069546.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069576.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069576.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP283\A0069576.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0069588.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0069588.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0069588.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0070588.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0070588.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0070588.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071588.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071588.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071588.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071716.exe
Infected with: Trojan.Fakealert
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071716.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071716.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071721.exe
Infected with: Trojan.Downloader.FFZ
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071721.exe
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP284\A0071721.exe
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071753.exe=>(Quarantine-2)
Infected with: Dropped:BAT.AutoDelete.A
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071753.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071753.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071754.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071754.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071754.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071755.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071755.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071755.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071756.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071756.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071756.exe=>(Quarantine-2)
Deleted
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071757.exe=>(Quarantine-2)
Infected with: Trojan.QDial.34
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071757.exe=>(Quarantine-2)
Disinfection failed
C:\System Volume Information\_restore{9C153807-097E-4C4D-A5E0-4C57C69569B6}\RP286\A0071757.exe=>(Quarantine-2)
Deleted
maintenant je te met le log de hidjack this le voila:
Logfile of HijackThis v1.99.1
Scan saved at 16:48:34, on 21/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MegaSpoof\SuperMegaSpoof.exe
C:\Documents and Settings\Jul\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Jul\LOCALS~1\Temp\sp.dll/sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
j'espère tu arrivera à déchiffré
merci de ton aide
Kristopher
Messages postés
3731
Date d'inscription
vendredi 18 novembre 2005
Statut
Contributeur
Dernière intervention
10 juillet 2009
105
21 févr. 2006 à 17:24
21 févr. 2006 à 17:24
Salut ;)
Ça te fait quelques infections en moins ;)
1/ Supprime les fichiers temporaires, en vidant tout le contenu des dossiers (en gras) suivant :
C:\Documents and Settings\ton compte\Local Settings\Temp
C:\Documents and Settings\tous les autres comptes\Local Settings\Temp
C:\Windows\Temp
+ Le contenu du dossier prefetch :
C:\WINDOWS\Prefetch <= sauf le fichier layout.ini
~~ N'oublie pas de vider la corbeille :D ~~
2/ Télécharge CCLEANER : http://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Installe le programme, nettoie ton PC et également le registre comme indiqué sur cette page :
Tutorial là : http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
3/ Quelques remarques :
- Connais tu ce programme :
C:\Program Files\MegaSpoof ?
- N'oublie pas de procéder aux mises à jour via Windows Update.
Good luck.
Ça te fait quelques infections en moins ;)
1/ Supprime les fichiers temporaires, en vidant tout le contenu des dossiers (en gras) suivant :
C:\Documents and Settings\ton compte\Local Settings\Temp
C:\Documents and Settings\tous les autres comptes\Local Settings\Temp
C:\Windows\Temp
+ Le contenu du dossier prefetch :
C:\WINDOWS\Prefetch <= sauf le fichier layout.ini
~~ N'oublie pas de vider la corbeille :D ~~
2/ Télécharge CCLEANER : http://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
Installe le programme, nettoie ton PC et également le registre comme indiqué sur cette page :
Tutorial là : http://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
3/ Quelques remarques :
- Connais tu ce programme :
C:\Program Files\MegaSpoof ?
- N'oublie pas de procéder aux mises à jour via Windows Update.
Good luck.
1/j'ai déja supprimer les fichiers temp + prefetch
2/J'ai déja aussi nettoyer avec ccleaner
3/je connais le logiciel megaspoof
Pour les maj windows update je crains qu'elle ne se fasse pas correctement j'ai l'icone en bas à droite de windows qunad je met ma souris dessus ca met telechargement des maj 15% met ca a l'air de bloquer c normal?
thanks
2/J'ai déja aussi nettoyer avec ccleaner
3/je connais le logiciel megaspoof
Pour les maj windows update je crains qu'elle ne se fasse pas correctement j'ai l'icone en bas à droite de windows qunad je met ma souris dessus ca met telechargement des maj 15% met ca a l'air de bloquer c normal?
thanks
Kristopher
Messages postés
3731
Date d'inscription
vendredi 18 novembre 2005
Statut
Contributeur
Dernière intervention
10 juillet 2009
105
21 févr. 2006 à 18:56
21 févr. 2006 à 18:56
Re,
Remets un nouveau log HijackThis.
Si non, pour les maj, je ne vois pas trop pourquoi elles se bloquent.
Ça s'est toujours passé comme ça ou c'est la première fois ?
++
Remets un nouveau log HijackThis.
Si non, pour les maj, je ne vois pas trop pourquoi elles se bloquent.
Ça s'est toujours passé comme ça ou c'est la première fois ?
++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salut
il me semble que ca se faisait tout de suite les maj de windows.
je te remet un log de hidjack this comme tu me l'as demandé le voici:
Logfile of HijackThis v1.99.1
Scan saved at 00:52:36, on 22/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Documents and Settings\Jul\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Jul\LOCALS~1\Temp\sp.dll/sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
et encore merci
il me semble que ca se faisait tout de suite les maj de windows.
je te remet un log de hidjack this comme tu me l'as demandé le voici:
Logfile of HijackThis v1.99.1
Scan saved at 00:52:36, on 22/02/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Documents and Settings\Jul\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com.tw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Jul\LOCALS~1\Temp\sp.dll/sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.free.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesfr.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
et encore merci
Kristopher
Messages postés
3731
Date d'inscription
vendredi 18 novembre 2005
Statut
Contributeur
Dernière intervention
10 juillet 2009
105
22 févr. 2006 à 13:41
22 févr. 2006 à 13:41
Salut,
Il y a toujours cette ligne qui me gêne :
On voit cela par rapport à R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Jul\LOCALS~1\Temp\sp.dll/sp.html
Essaie de nettoyer ton PC avec CleanUp! :
http://www.stevengould.org/software/cleanup/
++
Il y a toujours cette ligne qui me gêne :
On voit cela par rapport à R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Jul\LOCALS~1\Temp\sp.dll/sp.html
Essaie de nettoyer ton PC avec CleanUp! :
http://www.stevengould.org/software/cleanup/
++
Kristopher
Messages postés
3731
Date d'inscription
vendredi 18 novembre 2005
Statut
Contributeur
Dernière intervention
10 juillet 2009
105
22 févr. 2006 à 16:01
22 févr. 2006 à 16:01
Re,
Pour CleanUp40 :
Télécharge le à partir de ce lien :
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm
Nettoie ton PC conformément à la démo et remets un nouveau log HijackThis.
++
Pour CleanUp40 :
Télécharge le à partir de ce lien :
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm
Nettoie ton PC conformément à la démo et remets un nouveau log HijackThis.
++
