Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

Salut,

J'espere que tu pourra faire ces mainpulation:

 

1- Copier la citation ci-dessous dans un fichier fix.txt (bloc notes) l’enregistrer sous c:\ puis changer l’extension en fix.reg

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults]

@=""

"http"=dword:00000003

"https"=dword:00000003

"ftp"=dword:00000003

"file"=dword:00000003

"@ivt"=dword:00000001

 

 

2-Démarrer le logiciel HijackThis hijackthis_big.gif et lancer un scan "Do a system scan only".

Puis cocher les lignes suivantes (dans HijackThis):

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=37794

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=37794

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=37794

O2 - BHO: HomepageBHO - {3bf1f86f-b1a8-489b-8d8b-43781d51411f} - C:\WINDOWS\system32\hp65FD.tmp (file missing)

O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)

O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM)

O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll

O20 - Winlogon Notify: st3i - C:\WINDOWS\q3422406.dll

 

 

Fermer toutes les fenêtres Windows, Internet explorer, Outlook,…sauf le logiciel Hijackthis et cliquer sur « Fix checked »

 

Redémarrer en mode sans echec (appuyer sur F8 ou F5 lors du démarrage)

 

3-Double cliquer sur fix.reg / OK / fusionner /

 

4-Ensuite aller dans l’ Explorateur Windows et afficher tous les fichiers cachés:

Dans une fenêtre de l'explorateur Windows, cliquez sur le menu "Outils" et choisissez "Options des dossiers...".

Affichez l'onglet "Affichage" et sélectionnez l'option "Afficher les fichiers et dossiers cachés"

caches.gif

Cliquer sur « Appliquer ». Fermer la fenêtre d'options en cliquant "OK".

En image ici

 

et supprimer les fichiers ci dessous si ils sont présent :

 

 

C:\WINDOWS\system32\hp65FD.tmp

C:\Program Files\Security Toolbar\

C:\WINDOWS\system32\st3.dll

C:\WINDOWS\q3422406.dll

C\temp\ <-- supprimer tout le contenu du dossier

C:\windows\temp\ <-- supprimer tout le contenu du dossier

C:\windows\Downloaded Program Files\ <-- supprimer tout le contenu du dossier

C:\Documents and settings\Tous les identifiants\application data\Sun\Java\Deployment\cache\javapi1.0\jar\ <-- supprimer tout le contenu du dossier

C:\Documents and Settings\Tous les identifiants\Local Settings\Temp\ <-- supprimer tout le contenu du dossier

C:\Documents and Settings\ Tous les identifiants\Local Settings\Temporary Internet Files\ <-- supprimer tout le contenu du dossier

Fichier temporaire internet:

Démarrer/panneau de configuration/options internet

--> button supprimer cookies

--> button supprimer fichier temporaire internet

Fichiers temporaries : Démarrer/exécuter " CleanMgr "

Cocher tout sauf :

Compression des fichiers non utilisés

Fichiers catalogue d’indexation du contenu

/ OK / OUI

 

Dans l'Explorateur Windows recacher les fichiers systeme afin de ne pas faire d'erreur a l'avenir:

Retournez à la fenêtre <Paramètres de dossier> et sélectionnez <Ne pas afficher les fichiers cachés ou les fichiers système>.

 

Redémarrer normalement,

 

5-Télécharge SmitfraudFix de S!Ri, moe31 et balltrap34 ( http://siri.urz.free.fr/Fix/SmitfraudFix.zip ) :

 

Décompresse le, double-clique et choisis l'option 1

Poste le rapport généré

 

Relance le programme et choisis cette fois l'option 2 et réponds oui à tout

Redemarre et donne le nouveau rapport

 

Complète par un scan HijackThis que tu posteras aussi

 

6- Télécharger et exécuter: http://www.silentrunners.org/Silent%20Runners.vbs

Puis copier ici le rapport.

 

7-Puis revenir mettre un rapport Hijackthis smiley_520.gif

Posté(e)

Salut,

j'ai bien appliqué les conseils de BipBip07.

Quelques problèmes : comme je n'ai accès qu'à l'invite de commande, je n'ai pas accès aux fichiers cachés et je n'ai donc pas pu toucher aux fichiers contenus dans documents and settings. De plus, je n'ai pu lancer silent runner depuis cette invite.

Tout le reste, je l'ai fait. Voici les rapports Smitfraudfix et Hijackthis :

 

SmitFraudFix v1.92

 

Rapport fait à 16:40:16,48 le 01/11/2005

Executé à partir de F:\

OS: Microsoft Windows XP [version 5.1.2600]

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32\LogFiles

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\J\Application Data

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\J\Bureau

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 16:58:35, on 01/11/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\cmd.exe

F:\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [Opware14] "C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe"

O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe"

O4 - HKLM\..\Run: [sSPrnAgent] C:\Program Files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O17 - HKLM\System\CCS\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168

O17 - HKLM\System\CS1\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168

O17 - HKLM\System\CS2\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAM FILES\AVPERSONAL\AVGUARD.EXE

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: eFilmProcessManagerNT - Unknown owner - C:\Program Files\Merge eFilm\eFilm\efPMNT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ScsiAcc - Unknown owner - C:\Program Files\Merge eFilm\eFilm\SCSIACC.EXE

 

 

Mon ordinateur n'est toujours pas accessible sous windows : la flèche bouge mais je ne peux double cliquer sur aucune icône. Le menu démarrer est inaccessible.

Merci de votre aide.

Posté(e)

J'ai maintenant accès au bureau de windows XP et je peux ouvrir les différents fichiers.

J'en ai profité pour réaliser toutes les opérations qui m'avaient été conseillées et de réalisation impossible sous l'invite de commande.

Le problème est mainteant le fon d'écran. Lorsque j'ai voulu modifier le fond d'écran bleu avec un papier peint internet explorer, il est devenu blanc et plus modifiable. J'en déduis que tout n'est pas réparé. Mais je dois avouer que je remercie tout le monde et particulièrement bipbip car j'ai maintenant accès à mes fichers dont la perte aurait été pénible.

J'ai fait une analyse antivir et un rapport hijackthis, que je vous soumet.

 

 

Creation date of the report file: mardi 1 novembre 2005 18:18

 

AntiVir®/XP (2000 + NT) PersonalEdition Classic

Build 1111 of 18.10.2005

Mainprogram 6.32.00.50 of 13.10.2005

VDF file 6.32.10.8 (0) of 24.10.2005

 

 

This program is for PERSONAL USE only.

Any other use is PROHIBITED.

Informations regarding commercial versions of AntiVir may be obtained from:

www.hbedv.com.

 

 

Scanning for 236506 virus strains and unwanted programs.

 

Licensed for: AntiVir Personal Edition

Serial number: 0000149991-WURGE-0001

 

Please enter the workstation and

contact name with phone number in this form:

 

Name ___________________________________________

 

Street ___________________________________________

 

Town ___________________________________________

 

Phone/Fax ___________________________________________

 

Email ___________________________________________

 

Platform: Windows NT Workstation

Windows version: 5.1 Build 2600 (Service Pack 2)

Username: J

Processor: Pentium

Working memory: 785412 KB free

 

Version information:

AVWIN.DLL : 6.32.00.50 561192 13.10.2005 16:32:14

AVEWIN32.DLL : 6.32.0.57 954880 14.10.2005 15:08:24

AVGNT.EXE : 6.32.00.02 180327 14.10.2005 12:32:02

AVGUARD.EXE : 6.32.00.12 208424 17.10.2005 08:35:12

GUARDMSG.DLL : 6.30.00.02 94248 01.02.2005 11:24:10

AVGCMSG.DLL : 6.32.00.01 295029 13.10.2005 16:32:14

AVGNTDW.SYS : 6.31.00.01 32896 29.04.2005 08:07:16

AVPACK32.DLL : 6.32.00.02 319528 18.10.2005 11:57:30

AVGETVER.DLL : 6.30.00.00 24576 28.01.2005 18:10:20

AVSHLEXT.DLL : 6.30.00.01 40960 28.01.2005 17:10:22

AVSched32.EXE : 6.32.00.01 110632 20.09.2005 14:16:24

AVSched32.DLL : 6.30.00.00 122880 01.02.2005 11:24:10

AVREG.DLL : 6.31.00.05 41000 07.09.2005 16:34:50

AVRep.DLL : 6.32.00.111 1441832 24.10.2005 16:36:46

INETUPD.EXE : 6.32.00.52 262203 17.10.2005 15:46:14

INETUPD.DLL : 6.32.00.52 143360 17.10.2005 15:46:14

CTL3D32.DLL : 2.31.000 27136 18.09.2002 16:22:38

MFC42.DLL : 6.02.4131.0 1028096 20.08.2004 00:09:30

MSVCRT.DLL : 7.0.2600.2180 (xpsp_sp2_rtm.0408

MSVCRT.DLL : 7.0.2600.2180 343040 20.08.2004 00:09:34

CTL3DV2.DLL : No information

 

Configuration file:

 

Name of configuration file: C:\Program Files\AVPersonal\AVWIN.INI

Name of report file: C:\Program Files\AVPersonal\LOGFILES\AVWIN.LOG

Start path: C:\Program Files\AVPersonal

Command line:

Start mode: unknown

 

Mode of report file:

[ ] Do not create report

[X] Overwrite report

[ ] Append new report

 

Data in report file:

[X] Infected files

[ ] Infected files with paths

[ ] All scanned files

[ ] Full information

 

Abridge report file:

[ ] Abridge report file

 

Warnings in report:

[X] Access denied/file locked

[X] Wrong file size in directory

[X] Wrong creation time in directory

[ ] COM file is too large

[X] Invalid start address

[X] Invalid EXE header

[X] Possibly damaged

 

Summary report:

[X] Create summary report

Output file: AVWIN.ACT

Maximum number of entries: 100

 

Where to search:

[X] Memory

[X] Boot record of selected drives

[ ] Report unknown boot sectors

[X] All files

[ ] Program files

 

Response in case of a detection:

[X] Repair with prompt

[ ] Repair without prompt

[ ] Delete with prompt

[ ] Delete without prompt

[ ] Write in report file only

[X] Acoustic alarm

 

Response in case of destroyed files:

[X] Delete with prompt

[ ] Delete without prompt

[ ] Ignore

 

Response in case of destroyed files:

[X] No change

[ ] Current system time

[ ] Correct date

 

Drag&drop settings:

[X] Scan subdirectories

 

Profile settings:

[X] Scan subdirectories

 

Archive options

[X] Search archive

[X] Archive types to leave out

1000 1001 1002

 

Miscellaneous options:

Temporary path: %TEMP% -> C:\DOCUME~1\J\LOCALS~1\Temp

[X] Overwrite infected files

[ ] Detect idle time

[X] Allow interruptions of scan

[ ] Load AVWin®/NT Guard on System start

 

General settings:

[X] Save options on exiting AntiVir

Priority: medium

 

Drives:

A: Floppy drive

C: Hard disk

D: CD-ROM

E: CD-ROM

 

Start of scan: mardi 1 novembre 2005 18:18

 

Memory test OK

Master boot record of hard disk HD0 OK

Boot record of drive C: OK

 

 

Access denied! Error during file opening!

Error code: 0x0002

C:\

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\DELL

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images

 

WARNING! Access error/file locked!

C:\Documents and Settings\J

NTUSER.DAT

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

ntuser.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Bureau

 

WARNING! Access error/file locked!

C:\Documents and Settings\J\Local Settings\Application Data\Microsoft\Windows

UsrClass.dat

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

UsrClass.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\J\Local Settings\Temp

~DF2EB6.tmp

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

~DF2FEF.tmp

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

~WRS0002.tmp

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Clips

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\48553

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\icones

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\rk-launcher_rk_launcher_0.4_francais_14854\docklets\RecycleBin\icons

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\rk-launcher_rk_launcher_0.4_francais_14854\icons

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\rk-launcher_rk_launcher_0.4_francais_14854\themes\Default

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Clipping

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Devices

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Dock

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Folders

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Locations

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Network

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Toolbar

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Toolbar\Toolbar _ Computer

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Applications

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Drives

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Folders

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Misc

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Divers\Snow E 2\Xtra\Online

 

WARNING! Access error/file locked!

C:\Documents and Settings\J\Mes documents\Incoming\Programs ppc\utilitaires\PPC UTILS\COMPAQ PATCHES_MANUALS

SP19258upgrade guide.exe

ArchiveType: CAB SFX (self extracting)

--> \Pocket PC 2002 Reference Guide.pdf

NOTE! Invalid compressed data

SP20130 2002 EUU1.exe

ArchiveType: CAB SFX (self extracting)

--> \SP20130\USA\PPCEUU1.cab

ArchiveType: CAB (Microsoft)

--> coreapps.003

NOTE! Invalid compressed data

--> 0000sync.002

NOTE! Invalid compressed data

--> browsing.001

NOTE! Invalid compressed data

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\ADMINISTRATION

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\Mutuelle

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\anatomie\cerebral

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\anatomie\cou larynx

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Articles\KMD\Vésale

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Articles\KMD\Vésale\Images

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Articles\KMD\Vésale\KMD\Vésale\Images USB

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Cours HEGP

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\DEA

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Diffusion

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Dig

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Gynéco\Sein

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\DCIS

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Lymphome osseux primitif

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\thèse hypophyse

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Work in Progress

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Work in Progress\Nouveau dossier

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\Présentations\Work in Progress\Nouveau dossier\Nouveau dossier

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\RADIO\RADIOPROTECTION

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\Sécu

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Jérôme\Sécu\Sécu

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Loulou

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Loulou\BackUp Louisa\Axa cession\30.09.02\technique\note pool_fichiers

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Babylone by bus

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Burnin'

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Catch a fire

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Confrontation

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Exodus

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Kaya

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Live

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Rastaman Vibration

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Survival

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Bob\Uprising

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\christina_aguilera_stripped

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Massive Attack - 100th Window

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\Norah.Jones.Come.Away.With.Me

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\oriental

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\STING

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\The Beatles - 1697-1970

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\The Beatles - 1962-1966

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Ma musique\Albums\The Lord of the Rings- The Return of the King

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mariage\faire part

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mariage\faire part\2004-02 (févr.)

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mariage\Plans de tables

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mariage\robes

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Disney 12-04

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Divers

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Divers\Nouvelle Orléans

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné\grande photos mum

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné\henne bis

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné\Nouveau dossier

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné\petites photos henné

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné\photos moyennes mum

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Henné\photos petites mum

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Londres 2005

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\19-06-04

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\mariagej&l-1

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\Mariagej&l-2

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\mémé photos

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\mémé photos\henne bis

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photo jeanette

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos marseille

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos mouss

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos nadia

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\phtos famille\photos rachid

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Mariage 19-06-04\PY\FormatNumerique

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Norvège\au travail

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Norvège\plage et fjord

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\PHOTOS

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\PHOTOS\Hernigou

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Photos à trier

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Seychelles 2005

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\J\Mes documents\Mes images\Vienne 2005

 

WARNING! Access error/file locked!

C:\Documents and Settings\NetworkService

NTUSER.DAT

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

ntuser.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows

UsrClass.dat

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

UsrClass.dat.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\My Shared Folder

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Program Files\Ahead\Nero ShowTime\Skins

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Program Files\eChanblard\Incoming\Mano.Negra.-.Patchanka.-.[Mpc.HQ].by.Beto\Patchanka\Extra

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Program Files\eChanblard\skins

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Program Files\eChanblard\webserver

 

WARNING! Access error/file locked!

C:\Program Files\Free.fr\Dialer

Dialer.exe

[DETECTION] Contains signature of the dial-up program DIAL/Generic

WAS DELETED!

Access denied! Error during file opening!

Error code: 0x0002

C:\Program Files\Winamp\Skins\Winamp Modern\shade

 

WARNING! Access error/file locked!

Access denied! Error during file opening!

Error code: 0x0002

C:\Program Files\Winamp\Skins\Winamp Modern\window

 

WARNING! Access error/file locked!

C:\Program Files\WinRAR

rarnew.dat

ArchiveType: RAR

NOTE! The archive is created by multiple volumes

Error! Could not change directory: System Volume Information

C:\WINDOWS\system32

Process.exe

[DETECTION] Contains signature of the SPR/Processor.20 program

WAS DELETED!

C:\WINDOWS\system32\config

default

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

default.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SAM

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SAM.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SECURITY

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

SECURITY.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

software

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

software.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

system

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

system.LOG

Access denied! Error during file opening!

Error code: 0x000D

WARNING! Access error/file locked!

 

 

Access denied! Error during file opening!

Error code: 0x0002

C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images

 

WARNING! Access error/file locked!

 

End of scan: mardi 1 novembre 2005 19:39

Time taken: 80:52 min

 

 

6409 directories were scanned

123472 files were scanned

136 warning messages were issued

2 files were deleted

0 files were repaired

2 detections

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 19:47:44, on 01/11/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\HighJackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [Opware14] "C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe"

O4 - HKLM\..\Run: [PDF Converter Registry Controller] "C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\RegistryController.exe"

O4 - HKLM\..\Run: [sSPrnAgent] C:\Program Files\ScanSoft\OmniPagePro14.0\PdfPrn\SPrnAgent.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Ouvrir le fichier PDF dans Word - res://C:\Program Files\ScanSoft\OmniPagePro14.0\PdfCnv\IEShellExt.dll /300

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/

O17 - HKLM\System\CCS\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168

O17 - HKLM\System\CS1\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168

O17 - HKLM\System\CS2\Services\Tcpip\..\{4FE34D5A-7C4B-4CE0-A72C-1569C73207E6}: NameServer = 217.27.32.5,213.228.0.168

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: eFilmProcessManagerNT - Unknown owner - C:\Program Files\Merge eFilm\eFilm\efPMNT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ScsiAcc - Unknown owner - C:\Program Files\Merge eFilm\eFilm\SCSIACC.EXE

 

 

Merci d'avance.

Posté(e)

Bonsoir,

Maintenant que tu as acces au PC fait ceci:

 

vas dans ma signature consignes de sécurité et installer Adaware, Spybot,Easycleaner(registre uniquement), et Ccleaner

Ensuite en mode sans echec de préférence passe tout ces utilitaires,

 

Puis,

Demarrer > panneau de configuration > affichage > bureau >

ensuite remet un fond d'écran

 

> personnalisation du bureau

onglet web

supprime tout ce qui se touve là, sauf ma page d'acceuil que tu laissera décochée.

 

Redémarrer normalement,

 

Faire un scan en ligne chez Ravantivirus(mettre un fausse adresse email ou une adresse hotmail):

http://www.ravantivirus.com/scan/

jusqu'à ce que "ready to scan" apparaisse

cela doit se présenter comme ceci http://img272.echo.cx/img272/7830/rav0gh.jpg

Tu cliques ensuite sur "scan my pc" (étape 3 de l'image)

A la fin du scan, qui peut prendre un certain temps, tu copies et colles le rapport ici

 

Ou celui la

PANDA si tu n'y arrive pas : tutorial

Posté(e)

Hello

J'ai fait tout ce que tu m'avais conseillé.

Tout semble fonctionner correctement.

A noter, à la fin de l'application de spybot, j'ai remarqué une bande grisée en haut du bureau (qui était alors en blanc eet ce depuis que j'avais à nouveau accès au bureau). En approchant la souris, une croix est apparue en haut à droite du genre "fermer". J'ai appuyé dessus et le fond d'écran par défaut de windows (collines verdoyantes) est alors apparu.

Je peux dorénavant changer de fond d'écran.

J'ai appliqué Panda qui retrouve un spyware et c'est tout. Par contre, il ne me le supprime pas. Je l'ai fait manuellement mais je le laisse dans ma poubelle graignant de faire une bêtise.

Ci-joint le rapport.

Encore merci de votre aide à tous.

Merci de me dire si je dois considérer que mon ordinateur est enfin "guéri". Quels sont vos conseils pour la suite ?

Posté(e)

Il est dommage que tu ne nous ai pas mis le resultat du scan de PAda pour que nous voyons par nous meme ce malware ! Trop tard :P

 

Sinon apparament tu n'as pas de firewall. Tu en trouvera un gratuit dans ma signature "consignes de sécurité"

@+

Posté(e)

Désolé

j'ai oublié de vous coller le rapport panda dans mon dernier post, et bien sûr je l'ai effacé.

Quoi qu'il en soit,il ne s'agissait que d'un spyware, niveau de menace "low" d'après Panda. Il correspondait à un raccourci dans le menu démarrer avec un nom du genre "windows security...".

En ce qui concerne mon firewall, j'utilise celui d'XP. Si il est insuffisant, j'en installerai un autre.

 

Encore Merci :P

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...