Sujet Précédent Sujet Suivant

Probleme récurrent SYSTEM32

Fermé
ToufLeOuf Messages postés 6 Date d'inscription lundi 9 juillet 2007 Statut Membre Dernière intervention 13 juillet 2007 - 9 juil. 2007 à 14:25
ToufLeOuf Messages postés 6 Date d'inscription lundi 9 juillet 2007 Statut Membre Dernière intervention 13 juillet 2007 - 9 juil. 2007 à 15:58
Bonjour,

J'ai un gros probleme recurrent sur mon pc.
a chaque allumage de mon pc j'ai le message suivant :
D/\WINDOWS\System32\efyvjagv\dll
le pc rame grave, il galere quand je suis sur internet (j'ai Bitdefender v10, j'utilise FIREFOX pour aller sur internet)
j'ai telecharge Hijackthis et le rapport est le suivant :

Logfile of HijackThis v1.99.1
Scan saved at 14:11:22, on 09/07/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Softwin\BitDefender10\bdmcon.exe
D:\Program Files\Softwin\BitDefender10\bdagent.exe
D:\Program Files\btbb_wcm\McciTrayApp.exe
D:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
D:\PROGRA~1\BTHOME~1\Help\SMARTB~1\BTHelpNotifier.exe
D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
D:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
D:\PROGRA~1\Yahoo!\browser\ycommon.exe
D:\WINDOWS\System32\algs.exe
G:\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\System32\fxbfnow.exe
D:\WINDOWS\System32\logon.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
G:\HP\Digital Imaging\bin\hpqtra08.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\Program Files\Google\Google Updater\GoogleUpdater.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\tcpsvcs.exe
D:\WINDOWS\System32\uuux.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
D:\Program Files\Softwin\BitDefender10\vsserv.exe
G:\HP\Digital Imaging\bin\hpqSTE08.exe
D:\WINDOWS\System32\wuauclt.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\SUPERT~1\LOCALS~1\Temp\Rar$EX01.171\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.lequipe.fr/Football/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - D:\WINDOWS\System32\tmp1C8.tmp.dll (file missing)
O2 - BHO: H - {2F1890C8-8727-4d35-9312-AFDB3A403E83} - mcacr.dll (file missing)
O2 - BHO: (no name) - {5ABFC025-B048-4A53-BAB4-5968973D3E25} - D:\WINDOWS\System32\ssqrs.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {60df2a0b-c878-4fe9-8343-0acf6a7ca672} - D:\WINDOWS\system32\atkmpr.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - D:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: (no name) - {674DDFA6-BB3D-427B-961F-E9EEEF293004} - D:\WINDOWS\System32\qomjijj.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BhoApp Class - {A817A945-ED4F-4e31-A874-2889FB7345E4} - D:\WINDOWS\System32\prxsmr.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - D:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [BDMCon] "D:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] D:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [YBrowser] D:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Motive SmartBridge] D:\PROGRA~1\BTHOME~1\Help\SMARTB~1\BTHelpNotifier.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVMixerTray] "D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Application Layer Gateway Service] D:\WINDOWS\System32\algs.exe
O4 - HKLM\..\Run: [HP Software Update] G:\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Spooler SubSystem App] D:\WINDOWS\System32\spoolsvc.exe
O4 - HKLM\..\Run: [Advanced DHTML Enable] D:\WINDOWS\System32\uuux.exe
O4 - HKLM\..\Run: [Windows Logon Application] D:\WINDOWS\System32\logon.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "D:\WINDOWS\System32\efyvjagv.dll",forkonce
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] D:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [updateMgr] "D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = D:\Program Files\BT Home Hub\Help\bin\matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = G:\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = D:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: d:\windows\system32\vturrsp.dll
O20 - Winlogon Notify: atkmpr - D:\WINDOWS\SYSTEM32\atkmpr.dll
O20 - Winlogon Notify: qomjijj - D:\WINDOWS\SYSTEM32\qomjijj.dll
O20 - Winlogon Notify: ssqrs - D:\WINDOWS\System32\ssqrs.dll
O21 - SSODL: LDpswSend - {71EC5123-28DF-324A-D76B-32549AB4C338} - D:\WINDOWS\System32\Hgipbphb.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: DomainService - Unknown owner - D:\Documents and Settings\supertouffian\Application Data\tmp1C5.tmp.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
O23 - Service: YPCService - Yahoo! Inc. - D:\WINDOWS\system32\YPCSER~1.EXE

Apres ils me donnent un resultat et me diesent que je peux delete certains fichiers, mais je ne voudrais pas faire une bourde....

HELP !

2 réponses

Réponse 1 / 2
lance_yien Messages postés 2751 Date d'inscription mercredi 6 septembre 2006 Statut Contributeur Dernière intervention 2 septembre 2007 257
9 juil. 2007 à 14:45
bonjour,
dans l'ordre:
>> clic ici http://komun.chez-alice.fr/Utilitaires.html , choisis vundofix, fais le 1°) de la procédure et postes le rapport généré
>> clic ici http://komun.chez-alice.fr/Desinfection-Nettoyage.html et fais la procédure complète
>> fais le "scan avec bitdefender" ici http://komun.chez-alice.fr/Utilitaires.html#scan_avec_bitdefender
a+
0
ToufLeOuf Messages postés 6 Date d'inscription lundi 9 juillet 2007 Statut Membre Dernière intervention 13 juillet 2007
9 juil. 2007 à 15:57
ok,
je viens de faire le vundo scan, voici le rapport :

VundoFix V6.5.4

Checking Java version...

Scan started at 15:17:34 09/07/2007

Listing files found while scanning....

D:\WINDOWS\System32\efyvjagv.dll
D:\WINDOWS\System32\qomjijj.dll
D:\WINDOWS\System32\srqss.bak1
D:\WINDOWS\System32\srqss.bak2
D:\WINDOWS\System32\srqss.ini
D:\WINDOWS\System32\srqss.ini2
D:\WINDOWS\System32\srqss.tmp
D:\WINDOWS\System32\ssqrs.dll
D:\WINDOWS\System32\tmp1C8.tmp.dll
D:\WINDOWS\System32\vgajvyfe.ini
D:\WINDOWS\System32\vgajvyfe.ini2
D:\WINDOWS\System32\vgajvyfe.tmp

Beginning removal...

Attempting to delete D:\WINDOWS\System32\qomjijj.dll
D:\WINDOWS\System32\qomjijj.dll Could not be deleted.

Attempting to delete D:\WINDOWS\System32\srqss.bak1
D:\WINDOWS\System32\srqss.bak1 Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.bak2
D:\WINDOWS\System32\srqss.bak2 Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.ini
D:\WINDOWS\System32\srqss.ini Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.ini2
D:\WINDOWS\System32\srqss.ini2 Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.tmp
D:\WINDOWS\System32\srqss.tmp Has been deleted!

Attempting to delete D:\WINDOWS\System32\ssqrs.dll
D:\WINDOWS\System32\ssqrs.dll Could not be deleted.

Attempting to delete D:\WINDOWS\System32\vgajvyfe.ini
D:\WINDOWS\System32\vgajvyfe.ini Has been deleted!

Attempting to delete D:\WINDOWS\System32\vgajvyfe.ini2
D:\WINDOWS\System32\vgajvyfe.ini2 Has been deleted!

Attempting to delete D:\WINDOWS\System32\vgajvyfe.tmp
D:\WINDOWS\System32\vgajvyfe.tmp Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete D:\WINDOWS\System32\qomjijj.dll
D:\WINDOWS\System32\qomjijj.dll Could not be deleted.

Attempting to delete D:\WINDOWS\System32\ssqrs.dll
D:\WINDOWS\System32\ssqrs.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

je vais maintenant faire le reste de la manipulatio,; est ce que ca se presente bien ???

De plus, lorsque j'ai redemarré le pc, j'ai eu un message sur ecran bleu disant "vidage de la memoire physique" avec un decompte....
apparemment, le fichier problematique est le suivant : smccs.sys

merci de ton aide
0
Réponse 2 / 2
ToufLeOuf Messages postés 6 Date d'inscription lundi 9 juillet 2007 Statut Membre Dernière intervention 13 juillet 2007
9 juil. 2007 à 15:58
VundoFix V6.5.4

Checking Java version...

Scan started at 15:17:34 09/07/2007

Listing files found while scanning....

D:\WINDOWS\System32\efyvjagv.dll
D:\WINDOWS\System32\qomjijj.dll
D:\WINDOWS\System32\srqss.bak1
D:\WINDOWS\System32\srqss.bak2
D:\WINDOWS\System32\srqss.ini
D:\WINDOWS\System32\srqss.ini2
D:\WINDOWS\System32\srqss.tmp
D:\WINDOWS\System32\ssqrs.dll
D:\WINDOWS\System32\tmp1C8.tmp.dll
D:\WINDOWS\System32\vgajvyfe.ini
D:\WINDOWS\System32\vgajvyfe.ini2
D:\WINDOWS\System32\vgajvyfe.tmp

Beginning removal...

Attempting to delete D:\WINDOWS\System32\qomjijj.dll
D:\WINDOWS\System32\qomjijj.dll Could not be deleted.

Attempting to delete D:\WINDOWS\System32\srqss.bak1
D:\WINDOWS\System32\srqss.bak1 Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.bak2
D:\WINDOWS\System32\srqss.bak2 Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.ini
D:\WINDOWS\System32\srqss.ini Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.ini2
D:\WINDOWS\System32\srqss.ini2 Has been deleted!

Attempting to delete D:\WINDOWS\System32\srqss.tmp
D:\WINDOWS\System32\srqss.tmp Has been deleted!

Attempting to delete D:\WINDOWS\System32\ssqrs.dll
D:\WINDOWS\System32\ssqrs.dll Could not be deleted.

Attempting to delete D:\WINDOWS\System32\vgajvyfe.ini
D:\WINDOWS\System32\vgajvyfe.ini Has been deleted!

Attempting to delete D:\WINDOWS\System32\vgajvyfe.ini2
D:\WINDOWS\System32\vgajvyfe.ini2 Has been deleted!

Attempting to delete D:\WINDOWS\System32\vgajvyfe.tmp
D:\WINDOWS\System32\vgajvyfe.tmp Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete D:\WINDOWS\System32\qomjijj.dll
D:\WINDOWS\System32\qomjijj.dll Could not be deleted.

Attempting to delete D:\WINDOWS\System32\ssqrs.dll
D:\WINDOWS\System32\ssqrs.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...
0

Discussions similaires

Gros problèmes avec Mail
Simbagheera -
quauhtliz3 -

41 réponses
system32\drivers\pci.sys
christophe -
Sandrine -

14 réponses
message au demarrage de windows
laborantine -
MacHenri -

29 réponses
x:/windows/system32
sono42 -
Jimjim62 -

7 réponses
Message d'erreur récurrent
ElisabethRz -
bazfile -

8 réponses