sid70

Salut, cela veut veux dire que je dois recommencer le prcedure? tu vois ce que j'ai fait jusqu'a present. je pense que c'est le meme que le tien. merci bien

Salut , j'ai besoin de votre aide, car j'ai ce Antivirus gold sur mon pc, j'ai suivi des conseils de collegues allmands: cd\ cd %windir%\system32 dir /a:-d /o:-d > %systemdrive%\system32.txt start %systemdrive%\system32.txt cls exit cd\ cd %temp%\ dir /a:-d /o:-d > %systemdrive%\systemtemp.txt start %systemdrive%\systemtemp.txt cls exit cd\ cd %windir% dir /a:-d /o:-d > %systemdrive%\system.txt start %systemdrive%\system.txt cls exit cd\ dir /a:-d /o:-d > %systemdrive%\sys.txt start %systemdrive%\sys.txt cls exit Pfind http://www.bleepingcomputer.com/files/pfind.php C:\Pfind -- klicker pfind.bat apres le Scan -- C:\pfind.txt -- kopier/coller Silentrunners http://nikita.eddys-domain.de/silentrunner.html klicke: output file is in text format. -- Double klick Editor. HijackThis http://nikita.eddys-domain.de/hjtkurz.html telecharger -->None of the above, just start the program --> Save--> Savelog -->es öffnet sich der Editor --> oder: Do a system scan and save a logfile --> Save--> Savelog puis telecharger le Killbox, et rebooter le system. ::::::::::::::::::::::::::::::::::::::::::::::::::::::::: maintenat l'ecran est devenu blanc, mais je ne peux restaurer mon background. un nouveau problem c'est que je n'arrive plus a demarer en safe mode. et voila le Logfile: Logfile of HijackThis v1.99.1 Scan saved at 11:30:54, on 09.07.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\Programme\Messenger\msmsgs.exe C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programme\ArcorOnline\Arcor.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\system32\cidaemon.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\MakroMarkt\Lokale Einstellungen\Temp\Temporäres Verzeichnis 7 für hijackthis.zip\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Class - {8F847879-40F7-B232-AEC5-D3214B36C965} - C:\WINDOWS\adddy32.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [invalidDelete] C:\DOKUME~1\MAKROM~1\LOKALE~1\Temp\KYE\Setup.exe /Delete C:\Programme\Genius NetScroll+ Mini Traveler Mouse O4 - HKLM\..\Run: [iexplore.exe] C:\Programme\Internet Explorer\iexplore.exe O4 - HKLM\..\Run: [NAVNet] "C:\DOKUME~1\MAKROM~1\LOKALE~1\Temp\170.tmp" /m O4 - HKLM\..\Run: [Windows Monitor] winmon.exe O4 - HKLM\..\Run: [Window Monitor] winmon32.exe O4 - HKLM\..\Run: [update run dos] logon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\RunServices: [Windows Nets] NETbnc.exe O4 - HKLM\..\RunServices: [CRC Value Verifier] svchost32.exe O4 - HKLM\..\RunServices: [system manager] system.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe O4 - HKLM\..\RunServices: [update run dos] logon.exe O4 - HKLM\..\RunServices: [NDIS Adapter] lsass2.exe O4 - HKLM\..\RunServices: [Windows Monitor] winmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe O4 - HKCU\..\Run: [Window Monitor] winmon32.exe O4 - HKCU\..\Run: [update run dos] logon.exe O4 - HKCU\..\Run: [NDIS Adapter] lsass2.exe O4 - HKCU\..\Run: [Windows Monitor] winmon.exe O4 - HKCU\..\Run: [system manager] system.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [intel system tool] C:\WINDOWS\System32\hookdump.exe O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe O4 - HKCU\..\RunServices: [Windows Monitor] winmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Programme\B\ReminderIE.exe (file missing) O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: eBay Homepage - {D4951B60-8FF9-4813-B716-FF3E75386E74} - http://www.preispiraten.de/cgi-bin/e/track...p://www.ebay.de (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.LionElectronics.de O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0377b1a8fca7d6...RdxIE601_de.cab O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FDC07012-1CB1-4279-B330-2A6132A1DCA9}: NameServer = 195.50.140.252 145.253.2.81 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\d3lk32.exe (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Srv32 - Unknown owner - C:\WINDOWS\system32\srv32.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe :::::::::::::::::::::::::::::::::::::::::::::::::::: merci bien sid