mo_mokha

bonsoir, j'ai procédé à la manip, voici le rapport: Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011 Fichier d'export Registre : Run by MOK at 20/02/2012 19:03:48 Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Logiciel(s) ========== ABSENT Software Key: {86D4B82A-ABED-442A-BE86-96357B70F4FE} ========== Clé(s) du Registre ========== ABSENT Key: CLSID BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT Key: HKCU\Software\APN ABSENT Key: HKLM\Software\APN ABSENT Key: HKLM\Software\AskToolbar ABSENT Key: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL ABSENT Key: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd ABSENT Key: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 ABSENT Key: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} ABSENT Key: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} ABSENT Key: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ABSENT Key: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} ABSENT Key: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} ABSENT Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} ABSENT Key: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT Key: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT Key: HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF ABSENT Key: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF ========== Valeur(s) du Registre ========== ABSENT Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:ApnUpdater ABSENT {A83E3BDA-CA51-4A1E-A917-EED9BE31BA79} ABSENT {733983C6-3AC9-4CF0-B7B0-C806DA2791B9} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : ========== Dossier(s) ========== ABSENT C:\Program Files\Ask.com SUPPRIME Flash Cookies: 4 SUPPRIME Temporaires Windows: : 10 ========== Fichier(s) ========== ABSENT File: c:\program files\ask.com ABSENT Folder/File: c:\program files\ask.com SUPPRIME Flash Cookies: 3 SUPPRIME Temporaires Windows: : 6 ========== Récapitulatif ========== 22 : Clé(s) du Registre 7 : Valeur(s) du Registre 3 : Dossier(s) 4 : Fichier(s) 1 : Logiciel(s) End of clean in 00mn 00s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 16/02/2012 20:04:45 [1084] C:\ZHP\ZHPFix[R2].txt - 19/02/2012 09:17:25 [627] C:\ZHP\ZHPFix[R3].txt - 19/02/2012 09:26:31 [3399] C:\ZHP\ZHPFix[R4].txt - 19/02/2012 09:34:04 [3481] C:\ZHP\ZHPFix[R5].txt - 19/02/2012 09:35:16 [3581] C:\ZHP\ZHPFix[R6].txt - 20/02/2012 19:00:35 [872] C:\ZHP\ZHPFix[R7].txt - 20/02/2012 19:01:24 [923] C:\ZHP\ZHPFix[R8].txt - 20/02/2012 19:03:48 [3636]

merci pour ta réponse rapide, Voici l'adresse du lien pour les rapports demandés.

Bonsoir à tous, Lorsque je lance "regedit" , j'ai une fenêtre qui me signale que Windows ne trouve pas regedit ! Alors , je me demande si c'est un virus qui bloque cette fonction ? Merci pour vos réponses.

Tout d'abord un grand merci Thanos. je poste le rapport: Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1483 Windows 5.1.2600 Service Pack 2 10/12/2008 19:59:36 mbam-log-2008-12-10 (19-59-36).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 80204 Temps écoulé: 17 minute(s), 50 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 8 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 8 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ccbao (Adware.Navipromo.H) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fb6894ce-2abc-4ea2-9cb7-94dc32bfd995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{fb6894ce-2abc-4ea2-9cb7-94dc32bfd995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{fb6894ce-2abc-4ea2-9cb7-94dc32bfd995}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{fb6894ce-2abc-4ea2-9cb7-94dc32bfd995}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.141;85.255.112.15 -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\GI\Local Settings\Application Data\ccbao_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\GI\Local Settings\Application Data\ccbao_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\GI\Local Settings\Application Data\ccbao.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\GI\Local Settings\Application Data\ccbao.exe (Adware.Navipromo.H) -> Delete on reboot. C:\WINDOWS\system32\msqpdxosvdnrsr.dll (Trojan.Agent) -> Delete on reboot. C:\WINDOWS\system32\drivers\msqpdxpaxtofxh.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\msqpdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Quarantined and deleted successfully. Apparemment le logiciel a supprimé ces troyans. dis-moi ce que tu en penses et encore merci.

je crois avoir chopé 1 virus. je poste rapport hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:21:24, on 08/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Mixer.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\documents and settings\gi\local settings\application data\ccbao.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\lxcrcoms.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\GI\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ccbao] "c:\documents and settings\gi\local settings\application data\ccbao.exe" ccbao O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1217960713064 O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FB6894CE-2ABC-4EA2-9CB7-94DC32BFD995}: NameServer = 85.255.116.141;85.255.112.15 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.141;85.255.112.15 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.141;85.255.112.15 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe (file missing) -- End of file - 5933 bytes merci de votre aide.