mn pc redémarr tt seul meme si il es pa connecté a internet

[le patron]

salut,

 

j'arrive pas a fair d'analyse avec panda antivirus...

 

g fais une nouvelle analyse HijackThis

 

voila le rapport:

 

Logfile of HijackThis v1.99.1

Scan saved at 21:30:11, on 18/01/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\ALCMTR.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\PHILIP~1\VProperty.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\wuauclt.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Documents and Settings\MaDiNiNa_972\Bureau\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\system32\nweipeg.dll (file missing)

O2 - BHO: (no name) - {3C4E691E-50E0-4163-8E94-37F72E994272} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Download With SpeedNet - C:\PROGRA~1\SPEEDN~1.1TR\download.htm

O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FCC6FBB-F7E2-48D8-8A84-428AA0A140A1}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{59109CAE-9139-4E00-A1F9-6546F986E828}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{6662F33C-6C5E-4E25-B770-2ED1CABEF77B}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{8E98EB39-06E7-405E-8C45-605C054958B8}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{F42967C2-21F9-4493-AC16-281481782BD6}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.43 85.255.112.145

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FCC6FBB-F7E2-48D8-8A84-428AA0A140A1}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.43 85.255.112.145

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

[narco4]

Salut,

 

Télécharge FixWareout LonnyRJones de d'un de ces deux sites sur le bureau:

http://downloads.subratam.org/Fixwareout.exe

http://swandog46.geekstogo.com/Fixwareout.exe

 

Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.

Le fix va commencer, suis les messages à l'écran. Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.

Au final, poste le contenu de C:\fixwareout\report.txt avec un nouveau rapport HiJackThis.

[le patron]

voila le rapport de fixwareout:

Fixwareout

Last edited 1/1/2006

Post this report in the forums please

...

Prerun check

»»»»» HKLM run and Winlogon System values

»»»»» System restarted

...

Reg Entries that were deleted

...

Random Runs removed from HKLM

...

 

PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

 

»»»»» Searching by size/names...

 

»»»»»

Search five digit cs, dm kd and jb files.

This WILL/CAN also list Legit Files, Submit them at Virustotal

 

Other suspects.

 

»»»»» Misc files.

 

»»»»» Checking for older varients covered by the Rem3 tool.

 

»»»»» Postrun check

»»»»» HKLM run

»»»»» Winlogon System value

"system"=""

»»»»»

[le patron]

et un le rapport HijackThis:Logfile of HijackThis v1.99.1

Scan saved at 09:46:30, on 19/01/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\ALCMTR.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\PHILIP~1\VProperty.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\MaDiNiNa_972\Bureau\HijackThis.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\system32\nweipeg.dll (file missing)

O2 - BHO: (no name) - {3C4E691E-50E0-4163-8E94-37F72E994272} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Download With SpeedNet - C:\PROGRA~1\SPEEDN~1.1TR\download.htm

O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FCC6FBB-F7E2-48D8-8A84-428AA0A140A1}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{59109CAE-9139-4E00-A1F9-6546F986E828}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{6662F33C-6C5E-4E25-B770-2ED1CABEF77B}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{8E98EB39-06E7-405E-8C45-605C054958B8}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{F42967C2-21F9-4493-AC16-281481782BD6}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.43 85.255.112.145

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FCC6FBB-F7E2-48D8-8A84-428AA0A140A1}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.43 85.255.112.145

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

[narco4]

Re,

 

Déconnecte toi d'internet!

 

Lance hijackthis do a system scan only

coche ces lignes uniquement

 

 

O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\system32\nweipeg.dll (file missing)

O2 - BHO: (no name) - {3C4E691E-50E0-4163-8E94-37F72E994272} - (no file)

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FCC6FBB-F7E2-48D8-8A84-428AA0A140A1}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{59109CAE-9139-4E00-A1F9-6546F986E828}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{6662F33C-6C5E-4E25-B770-2ED1CABEF77B}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{8E98EB39-06E7-405E-8C45-605C054958B8}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\..\{F42967C2-21F9-4493-AC16-281481782BD6}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.43 85.255.112.145

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FCC6FBB-F7E2-48D8-8A84-428AA0A140A1}: NameServer = 85.255.116.43,85.255.112.145

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.43 85.255.112.145

 

Clique sur fix checked

 

Poste un nouveau rapport hijackthis!

[le patron]

Voila le nouveau rapport HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 16:25:53, on 21/01/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\ALCMTR.EXE

C:\HP\KBD\KBD.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\PHILIP~1\VProperty.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\BTTray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\ALCMTR.EXE

C:\WINDOWS\system32\rundll32.exe

C:\HP\KBD\KBD.EXE

C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

C:\WINDOWS\system32\rundll32.exe

C:\PROGRA~1\PHILIP~1\VProperty.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSI\BToes Logiciel Bluetooth\BTTray.exe

C:\Program Files\Microsoft Office\Office10\WINWORD.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\MaDiNiNa_972\Bureau\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ToUcamVProperty] C:\PROGRA~1\PHILIP~1\VProperty.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Download With SpeedNet - C:\PROGRA~1\SPEEDN~1.1TR\download.htm

O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm

O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

[narco4]

Salut,

 

 

- Télécharge et installe AVG Anti-Spyware - Tutorial : http://www.malekal.com/tutorial_AVG_AntiSpyware.html

- Mets le à jour à partir du menu Mise à jour en haut

 

 

Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.

Démarres l'ordinateur.

Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.

En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.

 

 

- Ouvre AVG Anti-Spyware et clic sur l'onglet Analyse, puis le sous-onglet Paramètres

- Sélectionne dans Comment Réagir ? Quarantine. (voir l'aide l'aide AVG Anti-Spyware)

- Reviens au sous-onglet Analyser puis clique sur Analyse complète du système.

---> Le scan démarre.

 

A la fin clique sur Appliquer toutes les actions, les éléments doivent alors être déplacés en quarantaine.

Puis clique sur Enregistrer le rapport d'analyse et enregistre le rapport sur le Bureau.

 

 

Aide : N'hésite pas à consulter l'Aide AVG Anti-Spyware pour tout problème.

 

-- Redémarre en mode normal : Menu Démarrer / Arreter / Redémarre l'ordinateur

 

 

Copier/coller le rapport AVG Anti-Spyware

Modifié le 21 janvier 2007 par narco4

[le patron]

voici le rapport d'AVG anti-spyware:

 

 

---------------------------------------------------------

AVG Anti-Spyware - Rapport d'analyse

---------------------------------------------------------

 

+ Créé à: 19:43:56 21/01/2007

 

+ Résultat de l'analyse:

 

 

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP281\A0140304.exe -> Adware.Altnet : Nettoyé et sauvegardé (mise en quarantaine).

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP281\A0140303.dll -> Downloader.Busky.az : Nettoyé et sauvegardé (mise en quarantaine).

C:\Documents and Settings\MaDiNiNa_972\Cookies\madinina_972@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.

:mozilla.27:C:\Documents and Settings\MaDiNiNa_972\Application Data\Mozilla\Firefox\Profiles\477kvj0k.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

:mozilla.28:C:\Documents and Settings\MaDiNiNa_972\Application Data\Mozilla\Firefox\Profiles\477kvj0k.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.

C:\Documents and Settings\MaDiNiNa_972\Cookies\madinina_972@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.

:mozilla.26:C:\Documents and Settings\MaDiNiNa_972\Application Data\Mozilla\Firefox\Profiles\477kvj0k.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.

C:\Documents and Settings\MaDiNiNa_972\Cookies\madinina_972@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.

C:\Documents and Settings\MaDiNiNa_972\Cookies\madinina_972@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.

:mozilla.34:C:\Documents and Settings\MaDiNiNa_972\Application Data\Mozilla\Firefox\Profiles\477kvj0k.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.

:mozilla.39:C:\Documents and Settings\MaDiNiNa_972\Application Data\Mozilla\Firefox\Profiles\477kvj0k.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

C:\Documents and Settings\MaDiNiNa_972\Cookies\madinina_972@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.

 

 

Fin du rapport

[narco4]

Salut,

 

 

Fais ce scan en ligne avec Internet Explorer: http://www.bitdefender.fr/bd/site/page.php?tab=0#

Clique, en bas à gauche, sur "scan on line (nouveau)"

Accepte ensuite la licence puis laisse-lui installer l'ActiveX

Laisse-toi guider,poste le rapport.

 

 

@+

[le patron]

voila g fais l'analyse com tu me la demandé.

 

 

 

BitDefender Online Scanner

 

 

 

 

 

 

 

Rapport d'analyse généré à: Mon, Jan 22, 2007 - 18:42:34

 

 

 

 

 

 

 

 

 

Voie d'analyse: C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Statistiques

 

Temps

 

 

02:12:01

 

Fichiers

 

 

488056

 

Directoires

 

 

7550

 

Secteurs de boot

 

 

3

 

Archives

 

 

15744

 

Paquets programmes

 

 

53781

 

 

 

 

 

 

 

Résultats

 

Virus identifiés

 

 

4

 

Fichiers infectés

 

 

7

 

Fichiers suspects

 

 

0

 

Avertissements

 

 

0

 

Désinfectés

 

 

0

 

Fichiers effacés

 

 

2

 

 

 

 

 

 

 

Info sur les moteurs

 

Définition virus

 

 

390341

 

Version des moteurs

 

 

AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

 

Analyse des plugins

 

 

14

 

Archive des plugins

 

 

38

 

Unpack des plugins

 

 

6

 

E-mail plugins

 

 

6

 

Système plugins

 

 

1

 

 

 

 

 

 

 

Paramètres d'analyse

 

Première action

 

 

Désinfecté

 

Seconde Action

 

 

Supprimé

 

Heuristique

 

 

Oui

 

Acceptez les avertissements

 

 

Oui

 

Extensions analysées

 

 

*;

 

Excludez les extensions

 

 

 

 

Analyse d'emails

 

 

Oui

 

Analyse des Archives

 

 

Oui

 

Analyser paquets programmes

 

 

Oui

 

Analyse des fichiers

 

 

Oui

 

Analyse de boot

 

 

Oui

 

 

 

 

 

 

 

 

Fichier analysé

 

 

Statut

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\312fd023b0cda9e2.klq

 

 

Infecté par: Trojan.Rootkit.Foop.A

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\312fd023b0cda9e2.klq

 

 

Echec de la désinfection

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\312fd023b0cda9e2.klq

 

 

Echec de la suppression

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3bd3d9d3c3b119dd.klq

 

 

Infecté par: Trojan.SpySheriff.C

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3bd3d9d3c3b119dd.klq

 

 

Echec de la désinfection

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3bd3d9d3c3b119dd.klq

 

 

Echec de la suppression

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\5aba5ee2611968a1.klq

 

 

Infecté par: Trojan.Rootkit.Foop.A

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\5aba5ee2611968a1.klq

 

 

Echec de la désinfection

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\5aba5ee2611968a1.klq

 

 

Echec de la suppression

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a0562f6be151d480.klq

 

 

Infecté par: Trojan.SpySheriff.C

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a0562f6be151d480.klq

 

 

Echec de la désinfection

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\a0562f6be151d480.klq

 

 

Echec de la suppression

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b52f4c8eb37de0f5.klq

 

 

Infecté par: Trojan.SpySheriff.C

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b52f4c8eb37de0f5.klq

 

 

Echec de la désinfection

 

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\b52f4c8eb37de0f5.klq

 

 

Echec de la suppression

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)=>bzip2_nsis0001

 

 

Infecté par: MemScan:Trojan.Dnschanger.V

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)=>bzip2_nsis0001

 

 

Echec de la désinfection

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)=>bzip2_nsis0001

 

 

Supprimé

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)

 

 

Echec de la mise à jour

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)=>bzip2_nsis0002

 

 

Infecté par: MemScan:Trojan.Downloader.Agent.NC

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)=>bzip2_nsis0002

 

 

Echec de la désinfection

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)=>bzip2_nsis0002

 

 

Supprimé

 

C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP279\A0132241.exe=>(NSIS o)

 

 

Echec de la mise à jour