Aller au contenu

nowar23

Membres
  • Compteur de contenus

    2
  • Inscription

  • Dernière visite

nowar23's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Merci bcp pour l'aide que tu m'as apporté ! Voici le rapport : Logfile of HijackThis v1.99.1 Scan saved at 23:58:14, on 17/05/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: D:\WINNT\System32\smss.exe D:\WINNT\system32\winlogon.exe D:\WINNT\system32\services.exe D:\WINNT\system32\lsass.exe D:\WINNT\system32\svchost.exe D:\WINNT\system32\spoolsv.exe D:\WINNT\system32\drivers\CDAC11BA.EXE D:\WINNT\System32\svchost.exe D:\WINNT\system32\nvsvc32.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv50.exe D:\WINNT\system32\regsvc.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE D:\WINNT\system32\MSTask.exe D:\WINNT\system32\stisvc.exe D:\WINNT\System32\WBEM\WinMgmt.exe D:\WINNT\system32\svchost.exe D:\WINNT\Explorer.EXE D:\WINNT\SOUNDMAN.EXE C:\PROGRA~1\Wanadoo\CnxMon.exe D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE D:\WINNT\system32\dslagent.exe D:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe D:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE D:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe D:\WINNT\system32\CleanMgr.exe D:\Program Files\Skype\Phone\Skype.exe D:\Program Files\MSN Messenger\msnmsgr.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE E:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [EM_EXEC] D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "D:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Register MediaRing Talk] D:\Program Files\MediaRing Talk\register.exe O4 - HKLM\..\Run: [msnappau] "D:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sCANINICIO] "D:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe" O4 - HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s O4 - HKCU\..\Run: [neufbox_reminder] "D:\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe" -r O4 - HKCU\..\Run: [steam] E:\Jeux\Cs2\Steam.exe -silent O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.tf1.fr/activex/zylomgamesplayer.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BEBFF974-3236-4A50-9842-FAAD708F6ADB}: NameServer = 80.118.192.100 80.118.196.36 O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINNT\system32\drivers\CDAC11BA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - D:\WINNT\System32\dmadmin.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINNT\system32\nvsvc32.exe O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - D:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv50.exe
  2. Bonjour, je rencontre un pb avec le virus "click me". Avec le peu de connaisance que j'ai en ce domaine mon pc sera capable de voler avant que j'ai pu regler le problème. J'ai téléchargé "hijackthis" et fait "Do a system scan" comme j'ai pu le voir sur d'autre post et qui donne ceci : Logfile of HijackThis v1.99.1 Scan saved at 15:50:26, on 17/05/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: D:\WINNT\System32\smss.exe D:\WINNT\system32\winlogon.exe D:\WINNT\system32\services.exe D:\WINNT\system32\lsass.exe D:\WINNT\system32\svchost.exe D:\WINNT\system32\spoolsv.exe D:\WINNT\system32\drivers\CDAC11BA.EXE D:\WINNT\System32\svchost.exe D:\WINNT\system32\nvsvc32.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv50.exe D:\WINNT\system32\regsvc.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE D:\WINNT\system32\MSTask.exe D:\WINNT\system32\stisvc.exe D:\WINNT\System32\WBEM\WinMgmt.exe D:\WINNT\system32\svchost.exe D:\WINNT\Explorer.EXE D:\WINNT\SOUNDMAN.EXE C:\PROGRA~1\Wanadoo\CnxMon.exe D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE D:\WINNT\system32\dslagent.exe D:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe D:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE D:\WINNT\system32\msnxmsgrsc.exe D:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe D:\WINNT\System32\svchost.exe D:\Program Files\MSN Messenger\msnmsgr.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE E:\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing) O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - D:\WINNT\EliteToolBar\EliteToolBar version 60.dll O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - D:\WINNT\EliteSideBar\EliteSideBar 08.dll O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - D:\WINNT\EliteToolBar\EliteToolBar version 60.dll O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe O4 - HKLM\..\Run: [EM_EXEC] D:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [w0ndz] D:\WINNT\system32\f4k3\kolder.exe D:\WINNT\system32\f4k3\dirote.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "D:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe" O4 - HKLM\..\Run: [Register MediaRing Talk] D:\Program Files\MediaRing Talk\register.exe O4 - HKLM\..\Run: [msnappau] "D:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [checkrun] D:\winnt\system32\eliterzz32.exe O4 - HKLM\..\Run: [HELPER] D:\WINNT\system32\france.exe -N O4 - HKLM\..\Run: [sCANINICIO] "D:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe" O4 - HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s O4 - HKLM\..\RunServices: [strmsnmgrs] msnxmsgrsc.exe O4 - HKCU\..\Run: [neufbox_reminder] "D:\Program Files\Kit ADSL\Wizard\PostInstall_Checker.exe" -r O4 - HKCU\..\Run: [steam] E:\Jeux\Cs2\Steam.exe -silent O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [strmsnmgrs] msnxmsgrsc.exe O4 - Startup: Enregistrement d'un produit Joint Operations Typhoon Rising.lnk = D:\Documents and Settings\No w@r\Local Settings\Temp\{DEC3C4CD-D99F-4BF5-8B2F-E8021590E521}\{0325F1C1-883A-41AB-8981-B27359ABDFAF}\NOVG.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure...teleir_cert.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game14.zylom.tf1.fr/activex/zylomgamesplayer.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BEBFF974-3236-4A50-9842-FAAD708F6ADB}: NameServer = 80.118.192.100 80.118.196.36 O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINNT\system32\drivers\CDAC11BA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - D:\WINNT\System32\dmadmin.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINNT\system32\nvsvc32.exe O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - D:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv50.exe Svp, j'aimerai une aide pour degager ce virus de mon pc. Merci d'avance ! :oD
×
×
  • Créer...