Flashy dossier apparaît dans tous les flash drive je branche à mon pc ..
- albin
- Novice
- Inscription: Sep 19, 2007
- Messages: 28
- Loc: Philippines
- Status: Offline
Avril 5th, 2009, 5:37 pm
Voici le logfile.
J'espère que vous pourrez aider avec mon problème.
Edit My Registry a été désactivé, ainsi que des mon gestionnaire de tâches.
Mon option de dossier dans panneau de disparaître aussi.
Je tente de résoudre ce problème en utilisant gpedit.msc mais je ne peux pas.
Je crois que cette Flashy.exe est l'une des raisons pour lesquelles j'ai ce problème dans mon pc.
Merci beaucoup d'avance!
Logfile de HijackThis v1.99.1
Scan sauvé à 8:25:36 AM, le 4.6.2009
Plate-forme: Windows XP SP2 (WinNT 5.01. 2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Bonjour \ mDNSResponder. exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ VTtrayp.exe
C: \ WINDOWS \ system32 \ VTTimer.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ OEAddOn.exe
C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ ZangoSA.exe
C: \ WINDOWS \ system32 \ Flashy.exe
C: \ WINDOWS \ system32 \ drivers \ svchost.exe
C: \ Program Files \ Mozilla Firefox \ firefox. exe
C: \ Program Files \ HijackThis \ HijackThis. exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://g.msn.com/0SEENUS/SAOS11
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://search.orbitdownloader.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
F2 - REG: system.ini: Userinit = userinit.exe, password_viewer.exe
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 5.0 \ Reader \ ActiveX \ AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6. 0_03 \ bin \ ssv.dll
O2 - BHO: (no name) - (89BAF38F-4097-4577-A368-CB56DD136717) - (no file)
O2 - BHO: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ HostIE.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg.dll
O3 - Toolbar: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ HostIE.dll
O4 - HKLM \ .. \ Run: [VTTrayp] VTtrayp.exe
O4 - HKLM \ .. \ Run: [VTTimer] VTTimer.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [ZangoOE] C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [ZangoSA] "C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ ZangoSA.exe"
O4 - HKLM \ .. \ Run: [Flashy Bot] C: \ WINDOWS \ system32 \ Flashy.exe
O4 - HKCU \ .. \ Run: [SVCHOST.exe] C: \ WINDOWS \ system32 \ drivers \ svchost.exe
O4 - Startup: systemID.pif =?
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv. dll
O9 - Extra button: (no name) - (53F6FCCD-9E22-4d71-86EA-6E43136192AB) - (no file)
O9 - Extra button: (no name) - (925DAB62-F9AC-4221-806A-057BFB1014AA) - (no file)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra button: SpeechExpert - (9963BBF2-4056-4899-87FA-ECAA6724C46F) - C: \ WINDOWS \ system32 \ shdocvw.dll (HKCU)
O9 - Extra "Outils" menuitem: & SpeechExpert - (9963BBF2-4056-4899-87FA-ECAA6724C46F) - C: \ WINDOWS \ system32 \ shdocvw.dll (HKCU)
O10 - Unknown file dans Winsock LSP: c: \ program files \ bonjour \ mdnsnsp.dll
O12 - Plugin for. Pdf: C: \ Program Files \ Internet Explorer \ PLUGINS \ nppdf32.dll
O12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox. dll
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (AF7D214D-18FD-4743-9EDB-846ED0C40EFE): NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (BB594E8E-4BAC-43DB-8ED4-00FFB7CD25B0): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: NameServer = 85.255.114.93 85.255.112. 235
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ Parameters: NameServer = 85.255.114.93 85.255.112.235
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ .. \ (8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: NameServer = 85.255.114.93 85.255.112.235
O20 - Winlogon Notify: winbue32 - winbue32. dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc. exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
J'espère que vous pourrez aider avec mon problème.
Edit My Registry a été désactivé, ainsi que des mon gestionnaire de tâches.
Mon option de dossier dans panneau de disparaître aussi.
Je tente de résoudre ce problème en utilisant gpedit.msc mais je ne peux pas.
Je crois que cette Flashy.exe est l'une des raisons pour lesquelles j'ai ce problème dans mon pc.
Merci beaucoup d'avance!
Logfile de HijackThis v1.99.1
Scan sauvé à 8:25:36 AM, le 4.6.2009
Plate-forme: Windows XP SP2 (WinNT 5.01. 2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Bonjour \ mDNSResponder. exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ VTtrayp.exe
C: \ WINDOWS \ system32 \ VTTimer.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ OEAddOn.exe
C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ ZangoSA.exe
C: \ WINDOWS \ system32 \ Flashy.exe
C: \ WINDOWS \ system32 \ drivers \ svchost.exe
C: \ Program Files \ Mozilla Firefox \ firefox. exe
C: \ Program Files \ HijackThis \ HijackThis. exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://g.msn.com/0SEENUS/SAOS11
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://search.orbitdownloader.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
F2 - REG: system.ini: Userinit = userinit.exe, password_viewer.exe
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 5.0 \ Reader \ ActiveX \ AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6. 0_03 \ bin \ ssv.dll
O2 - BHO: (no name) - (89BAF38F-4097-4577-A368-CB56DD136717) - (no file)
O2 - BHO: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ HostIE.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg.dll
O3 - Toolbar: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ HostIE.dll
O4 - HKLM \ .. \ Run: [VTTrayp] VTtrayp.exe
O4 - HKLM \ .. \ Run: [VTTimer] VTTimer.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [ZangoOE] C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [ZangoSA] "C: \ Program Files \ Zango \ bin \ 10.3.65.0 \ ZangoSA.exe"
O4 - HKLM \ .. \ Run: [Flashy Bot] C: \ WINDOWS \ system32 \ Flashy.exe
O4 - HKCU \ .. \ Run: [SVCHOST.exe] C: \ WINDOWS \ system32 \ drivers \ svchost.exe
O4 - Startup: systemID.pif =?
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv. dll
O9 - Extra button: (no name) - (53F6FCCD-9E22-4d71-86EA-6E43136192AB) - (no file)
O9 - Extra button: (no name) - (925DAB62-F9AC-4221-806A-057BFB1014AA) - (no file)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra button: SpeechExpert - (9963BBF2-4056-4899-87FA-ECAA6724C46F) - C: \ WINDOWS \ system32 \ shdocvw.dll (HKCU)
O9 - Extra "Outils" menuitem: & SpeechExpert - (9963BBF2-4056-4899-87FA-ECAA6724C46F) - C: \ WINDOWS \ system32 \ shdocvw.dll (HKCU)
O10 - Unknown file dans Winsock LSP: c: \ program files \ bonjour \ mdnsnsp.dll
O12 - Plugin for. Pdf: C: \ Program Files \ Internet Explorer \ PLUGINS \ nppdf32.dll
O12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox. dll
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (AF7D214D-18FD-4743-9EDB-846ED0C40EFE): NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (BB594E8E-4BAC-43DB-8ED4-00FFB7CD25B0): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: NameServer = 85.255.114.93 85.255.112. 235
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ Parameters: NameServer = 85.255.114.93 85.255.112.235
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ .. \ (8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C): NameServer = 85.255.114.93,85.255.112.235
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: NameServer = 85.255.114.93 85.255.112.235
O20 - Winlogon Notify: winbue32 - winbue32. dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc. exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Avril 5th, 2009, 5:37 pm
- UPSGuy
- Lurker ಠ_ಠ
- Inscription: Juil 25, 2005
- Messages: 2735
- Loc: Nashville, TN
- Status: Offline
Avril 5th, 2009, 6:54 pm
Vous avez vous-même un virus:
http://www.greatis.com/appdata/d/f/flashy.exe.htm
http://www.greatis.com/appdata/d/f/flashy.exe.htm
I'd love to change the world, but they won't give me the source code.
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 2 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 169 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
