alkaone

merci bcp, il n'est plus la voila mon rapport SmitFraudFix v2.39 Rapport fait à 16:59:14,82, 04/05/2006 Executé à partir de C:\Documents and Settings\alka\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\system32\dcomcfg.exe supprimé C:\WINDOWS\system32\dxole32.exe supprimé C:\WINDOWS\system32\dvdcap.dll supprimé C:\WINDOWS\system32\hp????.tmp supprimé C:\WINDOWS\system32\simpole.tlb supprimé C:\WINDOWS\system32\stdole3.tlb supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Fin

voila il m'a donné ce rapport SmitFraudFix v2.39 Rapport fait à 15:41:36,64, 04/05/2006 Executé à partir de C:\Documents and Settings\alka\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\dcomcfg.exe PRESENT ! C:\WINDOWS\system32\dxole32.exe PRESENT ! C:\WINDOWS\system32\dvdcap.dll PRESENT ! C:\WINDOWS\system32\hp????.tmp PRESENT ! C:\WINDOWS\system32\simpole.tlb PRESENT ! C:\WINDOWS\system32\stdole3.tlb PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\alka\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{1C3B31AE-FD16-D2CE-43FF-DC4CD5C1BC5E}"="CD-DVD Device" [HKEY_CLASSES_ROOT\CLSID\{1C3B31AE-FD16-D2CE-43FF-DC4CD5C1BC5E}\InProcServer32] @="C:\WINDOWS\system32\dvdcap.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{1C3B31AE-FD16-D2CE-43FF-DC4CD5C1BC5E}\InProcServer32] @="C:\WINDOWS\system32\dvdcap.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin merci de m'aider

bonjours j'ai un probleme pour supprimer j'ai lu plusieur topic a ce sujet mais pas moyen d'aboutir a une solution. c'est pour cela que je me suis inscrit afin de trouver une aide aupres de vous... merci de m'aider voici un scan de hijackthis.... Logfile of HijackThis v1.99.1 Scan saved at 14:50:37, on 04/05/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\Ati2evxx.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\FIREWALL\PNMSRV.EXE C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\dcomcfg.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HJK\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe, O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hpF6A4.tmp O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [E2SnEmUE] C:\WINDOWS\sqksmywu.exe O4 - HKLM\..\Run: [Á³# L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\sqksmywu.exe O4 - HKLM\..\Run: [HydraVisionViewport] C:\Program Files\ATI Technologies\ATI HydraVision\HydraMD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe" O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\Winsos\WINSOS.EXE" MINI O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: MA111 Configuration Utility.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ? O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ? O4 - Global Startup: Wireless Client Manager.lnk = ? O4 - Global Startup: Wireless Gestionnaire client.lnk = C:\Program Files\Wireless\Client Manager\CmAGS.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab O16 - DPF: Yahoo! Dominoes - http://download.games.yahoo.com/games/clients/y/dot8_x.cab O16 - DPF: Yahoo! Fleet - http://download.games.yahoo.com/games/clients/y/fltt3_x.cab O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt3_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1109870793326 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: wineil32 - wineil32.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Fichiers communs\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - PANDA SOFTWARE - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\FIREWALL\PNMSRV.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe a plus