stimolol

bien le bonjour ... voila comme precise ds le titre des amis font afce a ce probleme sans pouvoir joindre 9 telecom... auriez-vous la solution ? merci d avance

Logfile of HijackThis v1.99.1 Scan saved at 15:08:58, on 08/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe E:\WINDOWS\Mixer.exe E:\Program Files\Java\jre1.5.0_07\bin\jusched.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Messenger\msmsgs.exe E:\Program Files\MSN Messenger\MsnMsgr.Exe E:\Program Files\Zilla Popup Killer\ZillaPop.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe E:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe E:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE E:\Program Files\AntiVir PersonalEdition Classic\sched.exe E:\Program Files\AntiVir PersonalEdition Classic\avguard.exe E:\WINDOWS\System32\nvsvc32.exe E:\WINDOWS\system32\ZoneLabs\vsmon.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\hijackthis\hijackthis_hijackthis_1.99.1_anglais_17891.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: CookieHlprObj Class - {4DF1DB24-A57C-11d3-A180-00A0C90AE44B} - E:\Program Files\Zilla Popup Killer\ZillaBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avgnt] "E:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Zilla Popup Killer] E:\Program Files\Zilla Popup Killer\ZillaPop.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: SATARaid.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://E:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1148053771940 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - E:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe voila mon dernier rapport et ke dire sinon encore merci tornado ps je suis encore infecte vu ke antivir detect plusieur virus antivir et mon antivirus "principal" et jespere ke le fire de windows suffit en attente d une reponse merci encore

SmitFraudFix v2.54 Rapport fait à 17:52:47,40, 05/06/2006 Executé à partir de E:\Program Files\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{5bc82bdb-bc03-4671-9a78-3ef2b68449de}"="advisability" [HKEY_CLASSES_ROOT\CLSID\{5bc82bdb-bc03-4671-9a78-3ef2b68449de}\InProcServer32] @="E:\WINDOWS\System32\oqipt.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{5bc82bdb-bc03-4671-9a78-3ef2b68449de}\InProcServer32] @="E:\WINDOWS\System32\oqipt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{a0c51615-738a-4542-801a-5af61614e182}"="bedimples" [HKEY_CLASSES_ROOT\CLSID\{a0c51615-738a-4542-801a-5af61614e182}\InProcServer32] @="E:\WINDOWS\system32\higjxe.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{a0c51615-738a-4542-801a-5af61614e182}\InProcServer32] @="E:\WINDOWS\system32\higjxe.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{62eb0924-19d2-4226-b4b9-8ad1f70904c1}"="bronchovascular" [HKEY_CLASSES_ROOT\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1}\InProcServer32] @="E:\WINDOWS\system32\hvnwm.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1}\InProcServer32] @="E:\WINDOWS\system32\hvnwm.dll" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés E:\WINDOWS\system32\atmclk.exe supprimé E:\WINDOWS\system32\dcomcfg.exe supprimé E:\WINDOWS\system32\hp???.tmp supprimé E:\WINDOWS\system32\ot.ico supprimé E:\WINDOWS\system32\simpole.tlb supprimé E:\WINDOWS\system32\stdole3.tlb supprimé E:\WINDOWS\system32\ts.ico supprimé E:\WINDOWS\system32\1024\ supprimé E:\DOCUME~1\stimo\Favoris\Antivirus Test Online.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri E:\WINDOWS\System32\oqipt.dll -> Missing File E:\WINDOWS\system32\higjxe.dll -> Missing File re tornado voila je crois ke tt est fait je te laisses en juger et ui je n ai plus de fond d'ecran est ce ke c normale ? E:\WINDOWS\system32\hvnwm.dll -> Missing File »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin encore un chtit merci pour ton aide

merci tornado et voila le second rapport SmitFraudFix v2.54 Rapport fait à 16:37:06,23, 05/06/2006 Executé à partir de E:\x\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» E:\ »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32 E:\WINDOWS\system32\atmclk.exe PRESENT ! E:\WINDOWS\system32\dcomcfg.exe PRESENT ! E:\WINDOWS\system32\hp???.tmp PRESENT ! E:\WINDOWS\system32\hp????.tmp PRESENT ! E:\WINDOWS\system32\ot.ico PRESENT ! E:\WINDOWS\system32\simpole.tlb PRESENT ! E:\WINDOWS\system32\stdole3.tlb PRESENT ! E:\WINDOWS\system32\ts.ico PRESENT ! E:\WINDOWS\system32\1024\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\stimo\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» E:\DOCUME~1\stimo\Favoris E:\DOCUME~1\stimo\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» E:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{5bc82bdb-bc03-4671-9a78-3ef2b68449de}"="advisability" [HKEY_CLASSES_ROOT\CLSID\{5bc82bdb-bc03-4671-9a78-3ef2b68449de}\InProcServer32] @="E:\WINDOWS\System32\oqipt.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{5bc82bdb-bc03-4671-9a78-3ef2b68449de}\InProcServer32] @="E:\WINDOWS\System32\oqipt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{a0c51615-738a-4542-801a-5af61614e182}"="bedimples" [HKEY_CLASSES_ROOT\CLSID\{a0c51615-738a-4542-801a-5af61614e182}\InProcServer32] @="E:\WINDOWS\system32\higjxe.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{a0c51615-738a-4542-801a-5af61614e182}\InProcServer32] @="E:\WINDOWS\system32\higjxe.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{62eb0924-19d2-4226-b4b9-8ad1f70904c1}"="bronchovascular" [HKEY_CLASSES_ROOT\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1}\InProcServer32] @="E:\WINDOWS\system32\hvnwm.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{62eb0924-19d2-4226-b4b9-8ad1f70904c1}\InProcServer32] @="E:\WINDOWS\system32\hvnwm.dll" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

bonjour et merci d avance pour votre aide! Logfile of HijackThis v1.99.1 Scan saved at 13:49:19, on 05/06/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\system32\dcomcfg.exe E:\WINDOWS\system32\atmclk.exe E:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe E:\Program Files\Java\jre1.5.0_07\bin\jusched.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Messenger\msmsgs.exe E:\Program Files\AntiVir PersonalEdition Classic\sched.exe E:\Program Files\AntiVir PersonalEdition Classic\avguard.exe E:\WINDOWS\System32\nvsvc32.exe E:\WINDOWS\system32\ZoneLabs\vsmon.exe E:\WINDOWS\system32\wuauclt.exe E:\Program Files\Windows NT\Accessoires\WORDPAD.EXE E:\Documents and Settings\stimo\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F3 - REG:win.ini: run= O2 - BHO: CookieHlprObj Class - {4DF1DB24-A57C-11d3-A180-00A0C90AE44B} - E:\Program Files\Zilla Popup Killer\ZillaBHO.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - E:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - E:\WINDOWS\system32\hp100.tmp O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avgnt] "E:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Zone Labs Client] E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_07\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Zilla Popup Killer] E:\Program Files\Zilla Popup Killer\ZillaPop.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O4 - Global Startup: SATARaid.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://E:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1148053771940 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - E:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - E:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe