Aller au contenu

freeed

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    5

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par freeed

  1. freeed
    pour l'instant et depuis les manips RAS merci beaucoup pour ton aide!
  2. freeed
    ok merci. j'ai effectué la dernière opération demandée mais je n'ai pu effacer chxvvkys.dll ne l'ayant pas trouvé en ce qui concerne le rapport AVG Anti-Spyware, le voici: --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:05:45 8/01/2007 + Résultat de l'analyse: C:\Program Files\Fichiers communs\{38A58AD6-09FD-2060-0105-051126020020}\Bar888.dll -> Adware.MaxSearch : Ignoré. :mozilla.169:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.170:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.171:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.172:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.181:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\Fred\Cookies\fred@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.26:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.27:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.22:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.23:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.24:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.25:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.213:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé. :mozilla.43:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Fred\Cookies\fred@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\Fred\Cookies\fred@bfast[1].txt -> TrackingCookie.Bfast : Nettoyé. :mozilla.132:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.188:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.189:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.190:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.75:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.66:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.74:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.76:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.77:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.78:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. C:\Documents and Settings\Fred\Cookies\fred@linksynergy[2].txt -> TrackingCookie.Linksynergy : Nettoyé. :mozilla.50:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\Fred\Cookies\fred@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé. :mozilla.51:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.52:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.53:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.83:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.85:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.116:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.117:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.168:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.162:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé. :mozilla.124:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.125:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.126:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.127:C:\Documents and Settings\Fred\Application Data\Mozilla\Firefox\Profiles\pf7bsu6o.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. Fin du rapport ______________________________________________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 20:17:59, on 8/01/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\RssReader\RssReader.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Fred\Bureau\scanner.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
  3. freeed
    voici les 2 rapports: Logfile of HijackThis v1.99.1 Scan saved at 19:11:46, on 8/01/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\RssReader\RssReader.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Fred\Bureau\scanner.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\chxvvkys.dll",setvm O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe ______________________________________________________________________________________
  4. freeed
    Bonjour bibi26 et merci pour ta réponse. Ci-dessous les 2 rapports: VundoFix V6.2.13 Checking Java version... Sun Java not detected Scan started at 17:19:08 8/01/2007 Listing files found while scanning.... C:\WINDOWS\System32\jkhfg.dll C:\WINDOWS\System32\gfhkj.ini C:\WINDOWS\System32\gfhkj.bak1 C:\WINDOWS\System32\gfhkj.bak2 Beginning removal... Attempting to delete C:\WINDOWS\System32\jkhfg.dll C:\WINDOWS\System32\jkhfg.dll Has been deleted! Attempting to delete C:\WINDOWS\System32\gfhkj.ini C:\WINDOWS\System32\gfhkj.ini Has been deleted! Attempting to delete C:\WINDOWS\System32\gfhkj.bak1 C:\WINDOWS\System32\gfhkj.bak1 Has been deleted! Attempting to delete C:\WINDOWS\System32\gfhkj.bak2 C:\WINDOWS\System32\gfhkj.bak2 Has been deleted! Performing Repairs to the registry. Done! ____________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 17:26:09, on 8/01/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\RssReader\RssReader.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Fred\Bureau\scanner.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {647972B3-CD67-4CB2-A4DA-FFF5DD20DED3} - C:\WINDOWS\System32\jkhfg.dll (file missing) O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\System32\wtggphfw.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\chxvvkys.dll",setvm O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: winhdn32 - winhdn32.dll (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
  5. freeed
    Bonjour à vous et meilleurs voeux. Depuis quelques jours Antivir me signale constamment la présence de HEUR/Malware. C:\WINDOWS\System32\jkhfg.dll La mise en quarantaine ne résout rien. J'ai configuré et effectué un scan antivir en mode sans echec sans résultat positif malheureusement. Ci-dessous le rapport Hijackthis. Merci de votre aide. ---------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 16:27:00, on 8/01/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\RssReader\RssReader.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Documents and Settings\Fred\Bureau\scanner.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {41FB9277-0C1E-4BBC-9049-33ECE27277AF} - C:\WINDOWS\System32\jkhfg.dll O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\System32\wtggphfw.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\System32\chxvvkys.dll",setvm O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1168118779\ee\AOLSoftware.exe O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Fichiers communs\AOL\IPHSend\IPHSend.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA497} - https://activation.club-internet.fr/wizlet/...ntrols/root.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: jkhfg - C:\WINDOWS\System32\jkhfg.dll O20 - Winlogon Notify: winhdn32 - winhdn32.dll (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
×
×
  • Créer...