Analyse Hijackthis.log et kaspersky
Dernière réponse : dans Sécurité
Bonsoir à tous,
Ayant sauvé mon pc, c'est mon frère qui compte sur vous.....son pc est une cata ! :-o
>Merci pour lui
Logfile of HijackThis v1.99.1
Scan saved at 16:11:57, on 4/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\sol.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\O9Q7ODIB\BKR HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.eopdbgzctzlose.net/g_0xa6f8XzhRoQ9p2cKgoBpeI...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4CD16362-63DC-6B54-70F8-0787D12FEC17} - C:\DOCUME~1\PROPRI~1\APPLIC~1\WAYSTO~1\Anti rdr.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [RoadOnlineWinMedia] C:\Documents and Settings\All Users\Application Data\build dart road online\dartlist.exe
O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MATH01] C:\DOCUME~1\PROPRI~1\APPLIC~1\BASEGR~1\Borewipeplatform.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab285...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2867ca44c2a35cacd321/netzip...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C38DF689-4E03-4BFF-9916-55A56E1F3A6C}: NameServer = 195.238.2.22 195.238.2.21
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
Analyse Kaspersky
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, December 04, 2005 17:53:01
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 4/12/2005
Kaspersky Anti-Virus database records: 153402
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 87901
Number of viruses found: 23
Number of infected objects: 72
Number of suspicious objects: 0
Duration of the scan process: 5115 sec
Infected Object Name - Virus Name
C:\cmd.hta Infected: Trojan.HTA.Zones.a
C:\dimitxx.chm/on-line.exe Infected: Trojan.Win32.Dialer.by
C:\dimitxx.chm Infected: Trojan.Win32.Dialer.by
C:\Documents and Settings\All Users\Application Data\build dart road online\Burn 2.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\All Users\Application Data\build dart road online\FLAWPILE.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\All Users\Application Data\build dart road online\plan barb.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.Dummy.e
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.g
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/Beyond.class Infected: Trojan.Java.StartPage.h
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip Infected: Trojan.Java.StartPage.h
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\proc.jar-c327fa9-66d77b7b.zip/MyFunction.class Infected: Trojan-Dropper.Java.Small.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\proc.jar-c327fa9-66d77b7b.zip/MainApp.class Infected: Trojan.Java.ClassLoader.f
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\proc.jar-c327fa9-66d77b7b.zip Infected: Trojan.Java.ClassLoader.f
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\cash wma about.exe Infected: Trojan-Downloader.Win32.Swizzor.cb
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\mqdnjnvn.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\nbdgqvae.exe Infected: Trojan-Downloader.Win32.Swizzor.dr
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\oahnjhgp.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\Slow cool win view.exe Infected: Trojan-Downloader.Win32.Swizzor.dv
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\ttopaahw.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\Application Data\Way store\Anti rdr.exe Infected: Trojan-Downloader.Win32.Swizzor.bo
C:\Documents and Settings\Propriétaire\Local Settings\Temp\c10ce709.exe Infected: Trojan-Downloader.Win32.Swizzor.dr
C:\Documents and Settings\Propriétaire\Local Settings\Temp\c58e94d4.exe Infected: Trojan-Downloader.Win32.Swizzor.dh
C:\Documents and Settings\Propriétaire\Local Settings\Temp\c8fd2dd5.exe Infected: Trojan-Downloader.Win32.Swizzor.dh
C:\Documents and Settings\Propriétaire\Local Settings\Temp\d0d4c0fd.exe Infected: Trojan-Downloader.Win32.Swizzor.dj
C:\Documents and Settings\Propriétaire\Local Settings\Temp\f68d18fe.exe Infected: Trojan-Downloader.Win32.Swizzor.dj
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\OHENKHUJ\2_[1].htm Infected: Exploit.VBS.Phel.cc
C:\falconxx.chm/on-line.exe Infected: Trojan.Win32.Dialer.by
C:\falconxx.chm Infected: Trojan.Win32.Dialer.by
C:\sext.chm/d_sext.exe Infected: Trojan.Win32.Dialer.by
C:\sext.chm Infected: Trojan.Win32.Dialer.by
C:\stasxx.chm/on-line.exe Infected: Trojan.Win32.Dialer.ce
C:\stasxx.chm Infected: Trojan.Win32.Dialer.ce
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058235.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058236.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058239.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058243.exe Infected: Trojan-Downloader.Win32.Swizzor.dr
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058244.exe Infected: Trojan-Downloader.Win32.Swizzor.cb
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058245.exe Infected: Trojan-Downloader.Win32.Swizzor.bo
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059576.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059578.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059582.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059586.exe Infected: Trojan-Downloader.Win32.Swizzor.bo
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059587.exe Infected: Trojan-Downloader.Win32.Swizzor.dv
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059588.exe Infected: Trojan-Downloader.Win32.Swizzor.cb
C:\tony1.chm/d_tony1.exe Infected: Trojan.Win32.Dialer.by
C:\tony1.chm Infected: Trojan.Win32.Dialer.by
Scan process completed.
Ayant sauvé mon pc, c'est mon frère qui compte sur vous.....son pc est une cata ! :-o
>Merci pour lui
Logfile of HijackThis v1.99.1
Scan saved at 16:11:57, on 4/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\sol.exe
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\O9Q7ODIB\BKR HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.eopdbgzctzlose.net/g_0xa6f8XzhRoQ9p2cKgoBpeI...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4CD16362-63DC-6B54-70F8-0787D12FEC17} - C:\DOCUME~1\PROPRI~1\APPLIC~1\WAYSTO~1\Anti rdr.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [RoadOnlineWinMedia] C:\Documents and Settings\All Users\Application Data\build dart road online\dartlist.exe
O4 - HKLM\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\wfx5.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MATH01] C:\DOCUME~1\PROPRI~1\APPLIC~1\BASEGR~1\Borewipeplatform.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab285...
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/2867ca44c2a35cacd321/netzip...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C38DF689-4E03-4BFF-9916-55A56E1F3A6C}: NameServer = 195.238.2.22 195.238.2.21
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
Analyse Kaspersky
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Sunday, December 04, 2005 17:53:01
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 4/12/2005
Kaspersky Anti-Virus database records: 153402
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 87901
Number of viruses found: 23
Number of infected objects: 72
Number of suspicious objects: 0
Duration of the scan process: 5115 sec
Infected Object Name - Virus Name
C:\cmd.hta Infected: Trojan.HTA.Zones.a
C:\dimitxx.chm/on-line.exe Infected: Trojan.Win32.Dialer.by
C:\dimitxx.chm Infected: Trojan.Win32.Dialer.by
C:\Documents and Settings\All Users\Application Data\build dart road online\Burn 2.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\All Users\Application Data\build dart road online\FLAWPILE.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\All Users\Application Data\build dart road online\plan barb.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-2e987d18.zip Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\c.jar-33aa723b-57124a32.zip Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\classload.jar-1f5b6b54-5519682c.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.Dummy.e
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.g
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip/Beyond.class Infected: Trojan.Java.StartPage.h
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count.jar-4d094f49-6a2ee441.zip Infected: Trojan.Java.StartPage.h
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-47cfe281-38cb7fbc.zip Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/BB.class Infected: Trojan.Java.ClassLoader.o
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.k
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip/VerifierBug.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\count4.jar-5da93232-79bea2cb.zip Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\proc.jar-c327fa9-66d77b7b.zip/MyFunction.class Infected: Trojan-Dropper.Java.Small.c
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\proc.jar-c327fa9-66d77b7b.zip/MainApp.class Infected: Trojan.Java.ClassLoader.f
C:\Documents and Settings\Propriétaire\.jpi_cache\jar\1.0\proc.jar-c327fa9-66d77b7b.zip Infected: Trojan.Java.ClassLoader.f
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\cash wma about.exe Infected: Trojan-Downloader.Win32.Swizzor.cb
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\mqdnjnvn.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\nbdgqvae.exe Infected: Trojan-Downloader.Win32.Swizzor.dr
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\oahnjhgp.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\Slow cool win view.exe Infected: Trojan-Downloader.Win32.Swizzor.dv
C:\Documents and Settings\Propriétaire\Application Data\BaseGrimSite\ttopaahw.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\Documents and Settings\Propriétaire\Application Data\Way store\Anti rdr.exe Infected: Trojan-Downloader.Win32.Swizzor.bo
C:\Documents and Settings\Propriétaire\Local Settings\Temp\c10ce709.exe Infected: Trojan-Downloader.Win32.Swizzor.dr
C:\Documents and Settings\Propriétaire\Local Settings\Temp\c58e94d4.exe Infected: Trojan-Downloader.Win32.Swizzor.dh
C:\Documents and Settings\Propriétaire\Local Settings\Temp\c8fd2dd5.exe Infected: Trojan-Downloader.Win32.Swizzor.dh
C:\Documents and Settings\Propriétaire\Local Settings\Temp\d0d4c0fd.exe Infected: Trojan-Downloader.Win32.Swizzor.dj
C:\Documents and Settings\Propriétaire\Local Settings\Temp\f68d18fe.exe Infected: Trojan-Downloader.Win32.Swizzor.dj
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\OHENKHUJ\2_[1].htm Infected: Exploit.VBS.Phel.cc
C:\falconxx.chm/on-line.exe Infected: Trojan.Win32.Dialer.by
C:\falconxx.chm Infected: Trojan.Win32.Dialer.by
C:\sext.chm/d_sext.exe Infected: Trojan.Win32.Dialer.by
C:\sext.chm Infected: Trojan.Win32.Dialer.by
C:\stasxx.chm/on-line.exe Infected: Trojan.Win32.Dialer.ce
C:\stasxx.chm Infected: Trojan.Win32.Dialer.ce
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058235.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058236.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058239.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058243.exe Infected: Trojan-Downloader.Win32.Swizzor.dr
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058244.exe Infected: Trojan-Downloader.Win32.Swizzor.cb
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP560\A0058245.exe Infected: Trojan-Downloader.Win32.Swizzor.bo
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059576.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059578.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059582.exe Infected: Trojan-Downloader.Win32.Swizzor.de
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059586.exe Infected: Trojan-Downloader.Win32.Swizzor.bo
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059587.exe Infected: Trojan-Downloader.Win32.Swizzor.dv
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP569\A0059588.exe Infected: Trojan-Downloader.Win32.Swizzor.cb
C:\tony1.chm/d_tony1.exe Infected: Trojan.Win32.Dialer.by
C:\tony1.chm Infected: Trojan.Win32.Dialer.by
Scan process completed.
Autres pages sur : analyse hijackthis log kaspersky
Lassé par la pub ? Créez un compte
et bien pour te preciser la solution tu enleve deja tes fichiers de restauration anterieur infecte tu eradiques les psyware que tu possedes dans ton pc ainsi vides tes temps de internet explorer apres tu passes un ccleaner puis ad aware ou un spybot et ensuite tu analyse avec ton pc ! Theoriquement tu les enleve si tu as un souci laisse un mess !
Panneau de configuration-> Ajout/suppression de programmes -> C2Media -> Désinstaller.
----
-Redémarre en mode sans échec (session administrateur si possible), (en tapotant F8 au démarrage).
-Assures-toi que tu as accès aux fichiers cachés.
-Explorateur windows->outils->options des dossiers->affichage
"Afficher les fichiers cachés"->coché
"Masquer les extensions.."->décoché
"Masquer les fichiers protégers du système"->décoché
-Supprimes manuellement les fichiers suivants: (en gras)
C:\coursinfo\Contributions\Merlet\Prog\TestTspinEditLabel\Psel.exe <-fichier
C:\Program Files\C2Media <-dossier
Vide ta corbeille.
----
-Redémarre en mode sans échec (session administrateur si possible), (en tapotant F8 au démarrage).
-Assures-toi que tu as accès aux fichiers cachés.
-Explorateur windows->outils->options des dossiers->affichage
"Afficher les fichiers cachés"->coché
"Masquer les extensions.."->décoché
"Masquer les fichiers protégers du système"->décoché
-Supprimes manuellement les fichiers suivants: (en gras)
C:\coursinfo\Contributions\Merlet\Prog\TestTspinEditLabel\Psel.exe <-fichier
C:\Program Files\C2Media <-dossier
Vide ta corbeille.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumAnalyse du fichier hijackthis log file
- ForumAnalyse log de hijackthis
- ForumAnalyse log hijackthis
- ForumHijackthis analyse de mon log svp
- ForumAnalyse d'un log hijackthis
- ForumAnalyse du log de hijackthis
- ForumAnalyse log of hijackthis
- ForumAnalyse de mon fichier log de hijackthis
- ForumLog hijackthis analyse
- ForumHijackthis aimerais une analyse de log.
- Voir plus
