a l'aide mon micro ralentit de plus en plus

[Sew-Oszka]

Coucou!

 

Télécharge HijackThis 1.99 sur zébulon. ensuite tu te met en mode sans echec , tu fait un scanne, et tu poste ton log (résultat du scan) ici.

 

Pour ce qui est de ton programme récalcitrant, as-tu desactivé la restauration système avant de le supprimer?

[calimero50]

me suis trompe en postant je recommence

Modifié le 5 février 2005 par calimero50

[calimero50]

voici le log que j'ai tiré de hijackThis

 

Logfile of HijackThis v1.99.0

Scan saved at 09:18:49, on 05/02/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\cisvc.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Network Associates\VirusScan\Mcshield.exe

C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\wlancfg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE

C:\Compaq\EAKDRV\EAUSBKBD.EXE

C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe

C:\Program Files\Messenger Plus! 3\MsgPlus.exe

C:\documents jeff\ZoneAlarm\zlclient.exe

C:\documents jeff\winamp\winampa.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe

C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\PROGRA~1\WinZip\winzip32.exe

C:\documents jeff\hijackThis\HijackThis.exe

C:\WINDOWS\system32\cidaemon.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oiferwtaoohfaijzcrvyphs.net//WA...uqgVm9dnNC.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sqduawpvlaatt.info//WAdiotkLN5C...YVgEtDOOl8.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\DOCUME~2\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {8B44C6AD-18F3-AB50-0C25-3DA5DE669145} - C:\DOCUME~1\JEAN-P~1\APPLIC~1\FINDPO~1\HelpExtra.exe

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe

O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe

O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe

O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [Jugscreativerule1] C:\Documents and Settings\All Users\Application Data\Mode Proxy Jugs Creative\dentbrowse.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\documents jeff\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [WinampAgent] C:\documents jeff\winamp\winampa.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [instant Access] rundll32.exe EGDACCESS_1055.dll,InstantAccess

O4 - HKCU\..\Run: [CdromThat] C:\DOCUME~1\JEAN-P~1\APPLIC~1\DVDTON~1\date sixth support.exe

O4 - HKCU\..\Run: [NBJ] "C:\documents jeff\Nero BackItUp\NBJ.exe"

O4 - Startup: Moniteur & Configuration.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: officejet 6100.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/instal...hidden-test.cab

O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binaries/P2EC..._1022_FR_XP.cab

O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab

O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/062cfa4372d7fd...RdxIE601_fr.cab

O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Formation interactive Microsoft\o10c\mitm0026.cab

O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://acces-direct.net/15671/MereDeFamille40a.exe

O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab

O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab

O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylom.tf1.fr/activex/zylomloader.cab

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe

O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\system32\Imapi.exe

O23 - Service: McAfee Framework Service - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\System32\mnmsrvc.exe

O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Service de lancement de WlanCfg - Unknown - C:\WINDOWS\wlancfg.exe

O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe

 

merci d'avance pour vos conseil eclairés et merci aussi pour me dire ce que je doit faire et comment car je suis pas aussi doué que vous

457883[/snapback]

[Invité tesgaz]

bon,

 

tu redémarres en mode sans echec et tu fixes toutes ces lignes :

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oiferwtaoohfaijzcrvyphs.net//WA...uqgVm9dnNC.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sqduawpvlaatt.info//WAdiotkLN5C...YVgEtDOOl8.html

 

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)

O2 - BHO: (no name) - {8B44C6AD-18F3-AB50-0C25-3DA5DE669145} - C:\DOCUME~1\JEAN-P~1\APPLIC~1\FINDPO~1\HelpExtra.exe

 

O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe

O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe

O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe

 

O4 - HKLM\..\Run: [Jugscreativerule1] C:\Documents and Settings\All Users\Application Data\Mode Proxy Jugs Creative\dentbrowse.exe

 

 

O4 - HKCU\..\Run: [instant Access] rundll32.exe EGDACCESS_1055.dll,InstantAccess

O4 - HKCU\..\Run: [CdromThat] C:\DOCUME~1\JEAN-P~1\APPLIC~1\DVDTON~1\date sixth support.exe

O4 - HKCU\..\Run: [NBJ] "C:\documents jeff\Nero BackItUp\NBJ.exe"

O4 - Startup: Moniteur & Configuration.lnk = ?

 

O4 - Global Startup: officejet 6100.lnk = ?

 

 

 

O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/files/instal...hidden-test.cab

O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binaries/P2EC..._1022_FR_XP.cab

O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab

O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab

 

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/062cfa4372d7fd...RdxIE601_fr.cab

O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Formation interactive Microsoft\o10c\mitm0026.cab

O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://acces-direct.net/15671/MereDeFamille40a.exe

O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab

O16 - DPF: {ABB08127-7417-11D4-8566-00500448008D} (Chat Class) - http://downloads.winwise.fr/Common/npchatlax.cab

O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylom.tf1.fr/activex/zylomloader.cab

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/fr/SysWebTelecom.cab

 

 

ensuite, tu cherches ces fichiers que tu vas supprimer :

C:\DOCUME~1\JEAN-P~1\APPLIC~1\FINDPO~1\HelpExtra.exe

C:\Cpqs\Scom\srmclean.exe

C:\Documents and Settings\All Users\Application Data\Mode Proxy Jugs Creative\dentbrowse.exe

EGDACCESS_1055.dll

C:\DOCUME~1\JEAN-P~1\APPLIC~1\DVDTON~1\date sixth support.exe

 

 

voila,

 

tu redémarres et tu dis quoi

[calimero50]

POUR L'INSTANT CA MARCHE IMPEC :

 

 

ALORS UN GRAND MERCI A TS POUR VOTRE AIDE SI PRECIEUSE.

 

ENCORE MERCI

 

CALIMERO/////