sid70
Membres-
Compteur de contenus
2 -
Inscription
-
Dernière visite
sid70's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Salut, cela veut veux dire que je dois recommencer le prcedure? tu vois ce que j'ai fait jusqu'a present. je pense que c'est le meme que le tien. merci bien
-
Salut , j'ai besoin de votre aide, car j'ai ce Antivirus gold sur mon pc, j'ai suivi des conseils de collegues allmands: cd\ cd %windir%\system32 dir /a:-d /o:-d > %systemdrive%\system32.txt start %systemdrive%\system32.txt cls exit cd\ cd %temp%\ dir /a:-d /o:-d > %systemdrive%\systemtemp.txt start %systemdrive%\systemtemp.txt cls exit cd\ cd %windir% dir /a:-d /o:-d > %systemdrive%\system.txt start %systemdrive%\system.txt cls exit cd\ dir /a:-d /o:-d > %systemdrive%\sys.txt start %systemdrive%\sys.txt cls exit Pfind http://www.bleepingcomputer.com/files/pfind.php C:\Pfind -- klicker pfind.bat apres le Scan -- C:\pfind.txt -- kopier/coller Silentrunners http://nikita.eddys-domain.de/silentrunner.html klicke: output file is in text format. -- Double klick Editor. HijackThis http://nikita.eddys-domain.de/hjtkurz.html telecharger -->None of the above, just start the program --> Save--> Savelog -->es öffnet sich der Editor --> oder: Do a system scan and save a logfile --> Save--> Savelog puis telecharger le Killbox, et rebooter le system. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::: maintenat l'ecran est devenu blanc, mais je ne peux restaurer mon background. un nouveau problem c'est que je n'arrive plus a demarer en safe mode. et voila le Logfile: Logfile of HijackThis v1.99.1 Scan saved at 11:30:54, on 09.07.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\Programme\Messenger\msmsgs.exe C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programme\ArcorOnline\Arcor.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\cidaemon.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\MakroMarkt\Lokale Einstellungen\Temp\Temporäres Verzeichnis 7 für hijackthis.zip\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\adddy32.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [invalidDelete] C:\DOKUME~1\MAKROM~1\LOKALE~1\Temp\KYE\Setup.exe /Delete C:\Programme\Genius NetScroll+ Mini Traveler Mouse O4 - HKLM\..\Run: [iexplore.exe] C:\Programme\Internet Explorer\iexplore.exe O4 - HKLM\..\Run: [NAVNet] "C:\DOKUME~1\MAKROM~1\LOKALE~1\Temp\170.tmp" /m O4 - HKLM\..\Run: [Windows Monitor] winmon.exe O4 - HKLM\..\Run: [Window Monitor] winmon32.exe O4 - HKLM\..\Run: [update run dos] logon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\RunServices: [Windows Nets] NETbnc.exe O4 - HKLM\..\RunServices: [CRC Value Verifier] svchost32.exe O4 - HKLM\..\RunServices: [system manager] system.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe O4 - HKLM\..\RunServices: [update run dos] logon.exe O4 - HKLM\..\RunServices: [NDIS Adapter] lsass2.exe O4 - HKLM\..\RunServices: [Windows Monitor] winmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe O4 - HKCU\..\Run: [Window Monitor] winmon32.exe O4 - HKCU\..\Run: [update run dos] logon.exe O4 - HKCU\..\Run: [NDIS Adapter] lsass2.exe O4 - HKCU\..\Run: [Windows Monitor] winmon.exe O4 - HKCU\..\Run: [system manager] system.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [intel system tool] C:\WINDOWS\System32\hookdump.exe O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe O4 - HKCU\..\RunServices: [Windows Monitor] winmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Programme\B\ReminderIE.exe (file missing) O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: eBay Homepage - {D4951B60-8FF9-4813-B716-FF3E75386E74} - http://www.preispiraten.de/cgi-bin/e/track...p://www.ebay.de (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.LionElectronics.de O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0377b1a8fca7d6...RdxIE601_de.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FDC07012-1CB1-4279-B330-2A6132A1DCA9}: NameServer = 195.50.140.252 145.253.2.81 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\d3lk32.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Srv32 - Unknown owner - C:\WINDOWS\system32\srv32.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe :::::::::::::::::::::::::::::::::::::::::::::::::::: merci bien sid