/!\ ordi qui s'eteint tout seul ->infection plus que probable
Dernière réponse : dans Sécurité
Bonjour à tous!!!
Alors voila mon problème. Mon ordinateur s'éteint seul et ma session se déconnecte également seule.
Je suis persuadé d'être infecté par un ou plusieurs virus ou malware ( enfin par des merdes quoi ^^)
Alors voila quelqu'un pourrait m'aider a désinfecté mon PC s'il vous plait c'est assez urgent
Merci d'avance à toutes et à tous.
Alors voila mon problème. Mon ordinateur s'éteint seul et ma session se déconnecte également seule.
Je suis persuadé d'être infecté par un ou plusieurs virus ou malware ( enfin par des merdes quoi ^^)
Alors voila quelqu'un pourrait m'aider a désinfecté mon PC s'il vous plait c'est assez urgent
Merci d'avance à toutes et à tous.
Autres pages sur : ordi eteint seul infection probable
Lassé par la pub ? Créez un compte
Bonjour,
Faut que tu arrêtes de poster un sujet à chaque fois un message en disant que ton pc est lent ou autre... Parce que à chaque fois tu as la même réponse "ce n'est pas une infection"
On peut toujours vérifier...
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Double clique sur HJTInstall.exe pour lancer l'installation.
Clique sur Install.
Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
Accepte la licence en cliquant sur Yes.
Clique sur Do a system scan and save a logfile.
Poste ici le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Faut que tu arrêtes de poster un sujet à chaque fois un message en disant que ton pc est lent ou autre... Parce que à chaque fois tu as la même réponse "ce n'est pas une infection"
On peut toujours vérifier...
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Merci de t'interesser a mon probleme.
Voici mon log hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:20, on 07/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Ripp-it_AM\Ripp-it_AM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\RIPP-I~1\dlls\log.dll
C:\PROGRA~1\RIPP-I~1\vdubmod\virtualdubmod.exe
C:\Program Files\DivX\DivX Codec\divxsm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fearfm.nl/jumpstyle_hardstyle_radio/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Anthony/Bureau/Streamy/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LMDVox] C:\Program Files\Micro Application\Votre PC prend la parole\LMDVox.exe Lancement
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [9Giga Synchro] "C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe" /delayed
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8933 bytes
Voici mon log hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:20, on 07/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Ripp-it_AM\Ripp-it_AM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\RIPP-I~1\dlls\log.dll
C:\PROGRA~1\RIPP-I~1\vdubmod\virtualdubmod.exe
C:\Program Files\DivX\DivX Codec\divxsm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fearfm.nl/jumpstyle_hardstyle_radio/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Documents and Settings/Anthony/Bureau/Streamy/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\ASUS\ASUS Remote\RemoteControlAppl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LMDVox] C:\Program Files\Micro Application\Votre PC prend la parole\LMDVox.exe Lancement
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [9Giga Synchro] "C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe" /delayed
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8933 bytes
C'est propre.
Télécharge Catchme (Przemyslaw Gmerek) sur ton Bureau.
Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse. (Ce rapport est sur ton bureau.)
Télécharge Catchme (Przemyslaw Gmerek) sur ton Bureau.
voila le log de Catchme:
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-07 14:50:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{5C648FDB-0138-4619-B66E-230EF53E8E2C}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 735 bytes hidden from API
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{84DDE556-43EF-43ED-B2DF-37AF9E5DDD75}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 705 bytes hidden from API
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{EAA38532-7AD0-4F78-918A-4F4F02096ECE}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 720 bytes hidden from API
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{F248ADFA-64E0-4B03-8A83-059078BED6A0}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 675 bytes hidden from API
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 715 bytes hidden from API
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\9CC04CD3d01 24107 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\14D37E65d01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\3C004D47d01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\22D37E75d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B35Cd01 386349 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\0CC04D43d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B2DAd01 393933 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B2DCd01 394225 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B2DEd01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B346d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B348d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B34Ad01 1001874 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B34Cd01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B34Ed01 393745 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B356d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B358d01 393765 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B35Ad01 390128 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\34004D41d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\04C04D5Bd01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\93151816d01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\47604D52d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\4C004D4Bd01
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 27
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-07 14:50:47
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{5C648FDB-0138-4619-B66E-230EF53E8E2C}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 735 bytes hidden from API
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{84DDE556-43EF-43ED-B2DF-37AF9E5DDD75}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 705 bytes hidden from API
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{EAA38532-7AD0-4F78-918A-4F4F02096ECE}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 720 bytes hidden from API
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\GameExplorer\{F248ADFA-64E0-4B03-8A83-059078BED6A0}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 675 bytes hidden from API
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Windows\GameExplorer\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}\PlayTasks\1\Les Sims™ 2 : Boit@Look.lnk 715 bytes hidden from API
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\9CC04CD3d01 24107 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\14D37E65d01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\3C004D47d01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\22D37E75d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B35Cd01 386349 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\0CC04D43d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B2DAd01 393933 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B2DCd01 394225 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B2DEd01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B346d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B348d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B34Ad01 1001874 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B34Cd01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B34Ed01 393745 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B356d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B358d01 393765 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\17F8B35Ad01 390128 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\34004D41d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\04C04D5Bd01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\93151816d01 20689 bytes
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\47604D52d01
C:\Documents and Settings\Anthony\Local Settings\Application Data\Mozilla\Firefox\Profiles\bbtm8cyw.default\Cache\4C004D4Bd01
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 27
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumOrdi redemare tout seul infecte
- ForumOrdi eteint tout seul
- ForumOrdi s eteint tout seul
- ForumOrdi qui s eteint tout seul
- ForumMon ordi s eteint tout seul
- ForumMon ordi s eteint d un coup
- ForumVirus , l ordi s eteint souvent
- ForumOrdi qui reste allume eteint
- ForumLogiciel eteint ordi
- solutionsEcran bleu qui eteint mon ordi
- Voir plus
