La discussion « J'ai besoin d'aide pour désinfecter mon ordinateur! » se trouve dans le forum « Virus, troyens, etc... »
Statut de la discussion » J'ai besoin d'aide pour désinfecter mon ordinateur! « ( résolue)

J'ai besoin d'aide pour désinfecter mon ordinateur!

Page:

Le  1-12-2007 à 13:09 #


Bonjour,

j'ai des virus sur mon ordi et il est est très lent.
comme je m'y connais pas, j'ai besoin d'aide

Le  1-12-2007 à 13:14 #

salut

Télécharger Hijackthis sur le bureau
= clic droit dessus ==> renommer ==> écrire : "test"( à la place de "hijackthis")
=Double-clic dessus
= Clic Do a system scan and save the log
-- Le Bloc-Notes s'ouvre :
copier coller le contenu du rapport
=======================================================
merci de mettre tous les rapports sous Spoiler

pour cela sélectionner la totalité de chaque rapport mis dans la case réponse
et clic sur le point d'interrogation en bas à droite de cette case
(à coté de TeX)

Le  1-12-2007 à 13:39 #


Le  1-12-2007 à 13:40 #

tu n 'a pas mis le rapport...

Le  1-12-2007 à 13:43 #


Le  1-12-2007 à 13:44 #

oublies les spoiliers et poste le rapport complet

Le  1-12-2007 à 13:45 #

LLogfile of HijackThis v1.99.1
Scan saved at 13:41:38, on 01/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\service.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NETGEAR\WG511U Configuration Utility\wlancfgu.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {a56afd8e-fb0d-334b-f054-bbe94c3e60d0} - {0d06e3c4-9ebb-450f-b433-d0bfe8dfa65a} - C:\WINDOWS\system32\lxxyotid.dll
O2 - BHO: (no name) - {12d954a9-a9a3-461f-950d-12e42e910779} - (no file)
O2 - BHO: (no name) - {1424EFFF-7E7D-42C0-A3A7-03C4E9369643} - (no file)
O2 - BHO: (no name) - {1D0A2B19-749D-4C3F-8B8A-BE7FE8BF5512} - (no file)
O2 - BHO: (no name) - {203F7890-8F1B-4D48-875D-557EB81DEE5C} - (no file)
O2 - BHO: (no name) - {2925ebb5-e98e-4bac-8de7-bb67191c843b} - (no file)
O2 - BHO: (no name) - {37DC8F2D-0D28-40C8-A2C7-8492E3B51047} - (no file)
O2 - BHO: (no name) - {3D8AD62D-87D0-42A9-AAF5-EC80AF17483F} - (no file)
O2 - BHO: (no name) - {4184EA88-2084-4D16-9E09-6388BFB9B493} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {56256BDD-9DF6-4079-9CC0-F5907CF8562B} - C:\WINDOWS\system32\gebcy.dll
O2 - BHO: (no name) - {564145CE-CD35-44F4-9018-173F6D706166} - (no file)
O2 - BHO: (no name) - {72B797C7-51A2-4259-972A-1C925979297D} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7E8BA535-6DCB-4494-8132-0CB51E035D26} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {92B3BC07-9786-4327-B0FE-5C72F23AE280} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {C30AFA30-EE4A-415A-B23D-FE2DD036DD10} - (no file)
O2 - BHO: (no name) - {D06EBD90-6DBD-48EC-AAFA-E4A98865D99C} - (no file)
O2 - BHO: (no name) - {FB6C8FEA-8279-4C7D-9121-39592990AF70} - (no file)
O2 - BHO: (no name) - {FF463A3C-9020-444E-B651-B5440019EE74} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [NI.UGDCFR_0001_N122M2610] "C:\documents and settings\test\application data\installer_fr[1].exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG511U Smart Wizard.lnk = ?
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?df590edfa2a94f819a469816cae8415a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?df590edfa2a94f819a469816cae8415a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194466338796
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSEasyInstallX.CAB
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game10.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c008FB69.dat
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe


Le  1-12-2007 à 13:48 #

Télécharger sur le Bureau : VundoFix

= Double-clic VundoFix.exe.
= Clic OK
=Attendre le redemarrage de Vundofix
=Clic Scan for Vundo
= le scan est assez long , à la fin
=Clic Remove Vundo
= Puis yes
= Le Bureau disparaît un moment lors de la suppression des fichiers.
=Message shutdown
=clic OK
=Redémarrage auto
Note : il peut y avoir plusieurs redémarrages
= le rapport se trouve dans C:\vundofix.txt

tu postes le rapport vundofix

======================

Télécharger sur le bureau
VirtumondoBegone

=Double clic sur VirtumundoBeGone.exe
=clic Continue
=clic Start
=clic Oui
=A la fin si Vundo est présent , le PC s’éteint et redémarre

Si Ecran bleu et message : Erreur fatale .. pas de problème

=Poster le rapport VBG.TXT qui est sur le bureau

=======================================================
merci de mettre tous les rapports sous Spoiler

pour cela sélectionner la totalité de chaque rapport mis dans la case réponse
et clic sur le point d'interrogation en bas à droite de cette case
(à coté de TeX)

Le  1-12-2007 à 14:05 #


VundoFix V6.6.2

Checking Java version...

Java version is 1.5.0.2
Old versions of java are exploitable and should be removed.

Scan started at 13:49:25 01/12/2007

Listing files found while scanning....

C:\windows\system32\cbxwvwu.dll
C:\windows\system32\cbxwwxy.dll
C:\windows\system32\gebcy.dll
C:\windows\system32\mljghgh.dll
C:\windows\system32\nnnoonn.dll
C:\windows\system32\qomkijh.dll
C:\windows\system32\vturolm.dll
C:\windows\system32\xjdidxlq.dll
C:\windows\system32\ycbeg.bak1
C:\windows\system32\ycbeg.bak2
C:\windows\system32\ycbeg.ini
C:\windows\system32\ycbeg.ini2
C:\windows\system32\ycbeg.tmp

Beginning removal...

Attempting to delete C:\windows\system32\cbxwvwu.dll
C:\windows\system32\cbxwvwu.dll Has been deleted!

Attempting to delete C:\windows\system32\cbxwwxy.dll
C:\windows\system32\cbxwwxy.dll Has been deleted!

Attempting to delete C:\windows\system32\gebcy.dll
C:\windows\system32\gebcy.dll Has been deleted!

Attempting to delete C:\windows\system32\mljghgh.dll
C:\windows\system32\mljghgh.dll Has been deleted!

Attempting to delete C:\windows\system32\nnnoonn.dll
C:\windows\system32\nnnoonn.dll Has been deleted!

Attempting to delete C:\windows\system32\qomkijh.dll
C:\windows\system32\qomkijh.dll Has been deleted!

Attempting to delete C:\windows\system32\vturolm.dll
C:\windows\system32\vturolm.dll Has been deleted!

Attempting to delete C:\windows\system32\xjdidxlq.dll
C:\windows\system32\xjdidxlq.dll Has been deleted!

Attempting to delete C:\windows\system32\ycbeg.bak1
C:\windows\system32\ycbeg.bak1 Has been deleted!

Attempting to delete C:\windows\system32\ycbeg.bak2
C:\windows\system32\ycbeg.bak2 Has been deleted!

Attempting to delete C:\windows\system32\ycbeg.ini
C:\windows\system32\ycbeg.ini Has been deleted!

Attempting to delete C:\windows\system32\ycbeg.ini2
C:\windows\system32\ycbeg.ini2 Has been deleted!

Attempting to delete C:\windows\system32\ycbeg.tmp
C:\windows\system32\ycbeg.tmp Has been deleted!

Performing Repairs to the registry.
Done!



Ajout du 01-12-2007 à 14:06:


[12/01/2007, 14:05:58] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\test\Local Settings\Temporary Internet Files\Content.IE5\O1IZ0TU7\VirtumundoBeGone[1].exe" )
[12/01/2007, 14:06:00] - Detected System Information:
[12/01/2007, 14:06:00] - Windows Version: 5.1.2600, Service Pack 2
[12/01/2007, 14:06:00] - Current Username: test (Admin)
[12/01/2007, 14:06:00] - Windows is in NORMAL mode.
[12/01/2007, 14:06:00] - Searching for Browser Helper Objects:
[12/01/2007, 14:06:00] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[12/01/2007, 14:06:00] - BHO 2: {0d06e3c4-9ebb-450f-b433-d0bfe8dfa65a} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - Checking for HKLM\...\Winlogon\Notify\lxxyotid
[12/01/2007, 14:06:00] - Key not found: HKLM\...\Winlogon\Notify\lxxyotid, continuing.
[12/01/2007, 14:06:00] - BHO 3: {12d954a9-a9a3-461f-950d-12e42e910779} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 4: {1424EFFF-7E7D-42C0-A3A7-03C4E9369643} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 5: {1D0A2B19-749D-4C3F-8B8A-BE7FE8BF5512} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 6: {203F7890-8F1B-4D48-875D-557EB81DEE5C} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 7: {2925ebb5-e98e-4bac-8de7-bb67191c843b} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 8: {37DC8F2D-0D28-40C8-A2C7-8492E3B51047} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 9: {3D8AD62D-87D0-42A9-AAF5-EC80AF17483F} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 10: {4184EA88-2084-4D16-9E09-6388BFB9B493} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 11: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[12/01/2007, 14:06:00] - BHO 12: {56256BDD-9DF6-4079-9CC0-F5907CF8562B} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - Checking for HKLM\...\Winlogon\Notify\gebcy
[12/01/2007, 14:06:00] - Key not found: HKLM\...\Winlogon\Notify\gebcy, continuing.
[12/01/2007, 14:06:00] - BHO 13: {564145CE-CD35-44F4-9018-173F6D706166} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 14: {72B797C7-51A2-4259-972A-1C925979297D} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 15: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 16: {7E8BA535-6DCB-4494-8132-0CB51E035D26} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:00] - No filename found. Continuing.
[12/01/2007, 14:06:00] - BHO 17: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[12/01/2007, 14:06:00] - BHO 18: {92B3BC07-9786-4327-B0FE-5C72F23AE280} ()
[12/01/2007, 14:06:00] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:01] - No filename found. Continuing.
[12/01/2007, 14:06:01] - BHO 19: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[12/01/2007, 14:06:01] - BHO 20: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper)
[12/01/2007, 14:06:01] - BHO 21: {C30AFA30-EE4A-415A-B23D-FE2DD036DD10} ()
[12/01/2007, 14:06:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:01] - No filename found. Continuing.
[12/01/2007, 14:06:01] - BHO 22: {D06EBD90-6DBD-48EC-AAFA-E4A98865D99C} ()
[12/01/2007, 14:06:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:01] - No filename found. Continuing.
[12/01/2007, 14:06:01] - BHO 23: {FB6C8FEA-8279-4C7D-9121-39592990AF70} ()
[12/01/2007, 14:06:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:01] - No filename found. Continuing.
[12/01/2007, 14:06:01] - BHO 24: {FF463A3C-9020-444E-B651-B5440019EE74} ()
[12/01/2007, 14:06:01] - WARNING: BHO has no default name. Checking for Winlogon reference.
[12/01/2007, 14:06:01] - No filename found. Continuing.
[12/01/2007, 14:06:01] - Finished Searching Browser Helper Objects
[12/01/2007, 14:06:01] - Finishing up...
[12/01/2007, 14:06:01] - Nothing found! Exiting...

Le  1-12-2007 à 14:11 #

Télécharger et enregistrer sur le bureau
Combofix

=Double-clic sur Combofix
= Presser 1 quand demandé
= Attendre la fermeture de l’outil ( 5 à 10 mn)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
ComboFix-quarantined-files + Qoobox sont eux à supprimer
» Liste des Forums » Virus, troyens, etc...




Ces discussions pourraient vous intéresser également:


J'ai besoin d'aide pour un virus (albumphotocpmpresse r) sur msn!
Ordinateur envahi de virus. Besoin d'aide pour extermination
ordinateur infesté!!! besoin d'aide SVP!
J'ai besoin d'aide ( Trojan Horse)
Virus W32.Myzor.FK@yf j'ai besoin d'aide



Sujets Connexes


Connectés

Il y a actuellement 456 visiteurs
et 29 toiliens en ligne.

Restos

605€

Pour chaque actu publiée, SLT verse 1€ aux Restos du Coeur. Notre objectif de 1000€ est réalisé à 60.5% Pour participer, proposez une actu récente liée aux sciences ou à l'informatique!

Sauf mention contraire, le contenu du blog et du forum est sous licence Creative Commons By-Sa. Vous avez le droit de le reproduire et de le modifier à condition de citer l'auteur, de faire un lien vers la page d'origine, et de partager vos travaux dérivés selon les mêmes conditions.

Conditions d'utilisation -

Partenaires: [Informatique Multimédia] [Portail du Maroc] [Actualité High Tech]
[Tutoriaux Photoshop] [éligibilité ADSL] [Astuces Windows]

Page générée en 283 millisecondes sur WWW1.