Sujet Précédent Sujet Suivant

[virus] security toolbar

Résolu/Fermé
arno - 12 mai 2006 à 00:12
miguicrazy Messages postés 2 Date d'inscription samedi 16 février 2008 Statut Membre Dernière intervention 16 février 2008 - 16 févr. 2008 à 00:22
bonjour
quand j'ouvre une page explorer j'ai une barre qui n'existait pas avant: il y a 5 onglets: security toolbar, scan for spyware remove admare and popups, spam protection et security test.
Je pense que c'est un virus. Pouvez vous m'aider pour le supprimer.

Voici un log, merci de votre aide

Logfile of HijackThis v1.99.1
Scan saved at 00:14:12, on 12/05/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Nicolas\Mes documents\Sécu\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
A voir également:

17 réponses

Réponse 1 / 17
Utilisateur anonyme
12 mai 2006 à 08:39
Salut,
Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"

O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab


Clique sur demarrer, poste de travail, C:, program files, cherche et supprime ce dossier:

Security Toolbar


Fait ce nettoyage:

¤Telecharges et installes ceci, dans la colonne de gauche cliques sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs

CCleaner:
Ccleaner

¤Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis cliques sur "lancer le nettoyage"


Installe ce pare-feu gratuit pour te proteger des attaques du net:

Kerio:
Pare-feu Kerio
-tutoriel: pour configurer et comprendre Kerio
https://www.vulgarisation-informatique.com/kerio.php


Puis:

Telecharge, installe puis mets à jour ce logiciel, une fois que c'est fait, fais un scan complet de ton systeme et colle le rapport ici avec un nouveau rapport hijackthis
Ewido:
Ewido Security Suite


A++
3
tonodu57
13 nov. 2007 à 20:47
Bonjour, voila G le mm souci et mon analyse hijackthis me donne le résultat suivant, ke dois-je faire??

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:43:50, on 13/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\aektfqxy.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\sm56hlpr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\mrofinu1188.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Barre de confiance CM-CIC - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\azfcehpi.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S89.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [BestsellerAntivirus] C:\Program Files\BestsellerAntivirus\pgs.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [e8c34cf4] rundll32.exe "C:\WINDOWS\system32\jcvbuduh.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0093CE4.dat
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\aektfqxy.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 2 / 17
kratos59
5 juil. 2007 à 12:04
Merci !! j'ai chercher pendantdes heurs mais j'ai rien trouver , mais grace a to 2 sec et voila , debarasser !
MERCI BEAUCOUPS !
0
Réponse 3 / 17
mesmos1 Messages postés 6 Date d'inscription samedi 28 juillet 2007 Statut Membre Dernière intervention 30 juillet 2007
28 juil. 2007 à 21:42
slt jai un probleme avec la barre de security toolbar 7.1 kelk1 pourai m'aider?? voici le rapport de hijackyhis:
Logfile of HijackThis v1.99.1
Scan saved at 19:41:32, on 29/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WIN\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WIN\system32\HPZipm12.exe
C:\WIN\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Video ActiveX Access\iesmn.exe
C:\Program Files\Video ActiveX Access\imsmain.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\WIN\system32\igfxtray.exe
C:\WIN\system32\hkcmd.exe
C:\WIN\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WIN\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WIN\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Video ActiveX Access\imsmn.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WIN\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Video ActiveX Access\iesmin.exe
C:\Program Files\Menara\dslmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WIN\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Menara
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {D61D7E1A-6613-49CA-B6F9-51DB248E209D} - C:\Program Files\Video ActiveX Access\iesplg.dll
O3 - Toolbar: Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - C:\Program Files\Video ActiveX Access\iesbpl.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WIN\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WIN\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WIN\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\Menara\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58CBE221-3407-4F87-886C-5C1DE3340557}: NameServer = 212.217.1.4 212.217.0.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{E585E80E-9964-4029-8BB2-4F78F78B2628}: NameServer = 212.217.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WIN\SYSTEM32\igfxdev.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WIN\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
0
Réponse 4 / 17
pierrot-jojo Messages postés 13 Date d'inscription mardi 21 août 2007 Statut Membre Dernière intervention 22 août 2007
21 août 2007 à 23:37
slt moi jene torue pas tout ce que tu dis etca ne marche pas trop vla mon rapport

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 23:14 2007-08-21

+ Résultat de l'analyse:



C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ip6fw.sys.vir -> Downloader.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{097765CF-F448-4F88-923A-442941BA2861}\RP64\A0041785.exe -> Downloader.DNA : Nettoyé et sauvegardé (mise en quarantaine).
C:\hhqvbxv.exe -> Hijacker.Costrat.be : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{097765CF-F448-4F88-923A-442941BA2861}\RP78\A0050097.exe -> Hijacker.StartPage.aop : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Pierre\Mes documents\Ad-Fix.zip/Ad-Fix/URL2FILE.EXE -> Not-A-Virus.Downloader.Win32.Url2File.a : Ignoré.
C:\System Volume Information\_restore{097765CF-F448-4F88-923A-442941BA2861}\RP94\A0074586.sys -> Rootkit.Agent.ey : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Caroline\Cookies\caroline@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.41:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@aoluk.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@livenation.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@viafrplayer.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@viamtvnvideo.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@msnportal.112.2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@sonyeurope.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@3.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.11:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.12:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.83:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.84:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.25:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.31:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Pierre\Cookies\pierre@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.69:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Pierre\Cookies\pierre@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@com[1].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.23:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.24:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.25:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@bilbo.counted[2].txt -> TrackingCookie.Counted : Nettoyé.
:mozilla.11:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julien\Local Settings\Temp\Cookies\julien@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@e-2dj6wakiujcjido.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@e-2dj6wamycgczkcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@e-2dj6whmywlazgdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@e-2dj6wfk4updzigo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.46:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@ehg-youtube.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@ehg-edgebe.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@auto.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@auto.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@ie.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@ie.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.20:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.22:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@france.real[2].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@real[2].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@realmedia[1].txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Pauline\Local Settings\Temp\Cookies\pauline@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.57:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.57:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.58:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.58:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.59:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.59:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.52:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.53:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.54:C:\Documents and Settings\Pierre\Application Data\Mozilla\Firefox\Profiles\ab6v09c0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.85:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.86:C:\Documents and Settings\Pauline\Application Data\Mozilla\Firefox\Profiles\437twnr9.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Caroline\Cookies\caroline@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Mouki\Cookies\mouki@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Pauline\Cookies\pauline@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\julien\Cookies\julien@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Pierre\Mes documents\My Music\Shared\phone games p910i Bittorrent downloader\BitDownload fastets Bittorrent downloader.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\GOA\Gunbound\Shared\phone games p910i Bittorrent downloader.zip/BitDownload fastets Bittorrent downloader.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{097765CF-F448-4F88-923A-442941BA2861}\RP93\A0067422.exe -> Trojan.Obfuscated.en : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport

merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 17
nomadzica
27 août 2007 à 10:14
Bonjour

quand j'ouvre une page explorer j'ai une barre qui n'existait pas avant: Security toolbar 7.1
Je pense que c'est un virus. Pouvez vous m'aider pour le supprimer.
en plus j'ai une info bulle qui s'affiche dans la barre de tâche : system performance monitor : warning Security Alert Networm-i.Virus@fp
et bien d'autres aussi.
sur mon bureau y'a deux raccourcis : Life Safety Center et Online Security Guide. je ne trouve pas leur origine

J'ai fais une scan avec Avira Antivirus suivi d'un scan avec hijackthis

Voici les log, merci de votre aide

ntiVir PersonalEdition Classic
Report file date: lundi 27 août 2007 09:10

Scanning for 1033561 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: DELL
Computer name: ZOUBEIR

Version information:
BUILD.DAT : 247 14437 Bytes 10/05/2007 11:55:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 11:27:51
ANTIVIR2.VDF : 6.39.1.15 1451008 Bytes 17/08/2007 11:27:51
ANTIVIR3.VDF : 6.39.1.41 91136 Bytes 24/08/2007 11:27:51
AVEWIN32.DLL : 7.4.1.63 2724352 Bytes 24/08/2007 11:27:51
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 24/08/2007 11:27:52
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: lundi 27 août 2007 09:10

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
14 processes with 14 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'A:\'
[NOTE] In the drive 'A:\' no data medium is inserted!
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '11' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\ahr.exe~
[DETECTION] Contains signature of the worm WORM/Delf.CA
[INFO] The file was moved to '47448032.qua'!
C:\WINDOWS\system32\ddcdbyx.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4735804d.qua'!
C:\WINDOWS\system32\fccyaba.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '47358068.qua'!
C:\WINDOWS\system32\khfddby.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4738808f.qua'!
Begin scan in 'A:\'
Search path A:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'D:\'
Search path D:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: lundi 27 août 2007 09:43
Used time: 32:52 min

The scan has been done completely.

4343 Scanning directories
178535 Files were scanned
4 viruses and/or unwanted programs were found
0 classified as suspicious:
0 files were deleted
0 files were repaired
4 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
178531 Files not concerned
2764 Archives were scanned
1 Warnings
0 Notes
0 Hidden objects were found

__________________________


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:49:27, on 27/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ukkwkmhu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ukkwkmhu.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - https://www.worldwinner.com/frontend_404.shtml
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ukkwkmhu - C:\WINDOWS\SYSTEM32\ukkwkmhu.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 6 / 17
lougikat Messages postés 10 Date d'inscription samedi 6 octobre 2007 Statut Membre Dernière intervention 26 août 2009
10 oct. 2007 à 03:02
les boutons et les couleurs ont tous réapparu

je crois qu'il y a une lenteur de je ne sais pas pourquoi????????
0
Réponse 7 / 17
lougikat Messages postés 10 Date d'inscription samedi 6 octobre 2007 Statut Membre Dernière intervention 26 août 2009
10 oct. 2007 à 14:19
JE N'AVAIS PAS VU QUE TU VOULAIS LE RAPPORT DE l'option 2
comment je vais le rechercher svp

et qu'est-ce que la case blanche
0
Réponse 8 / 17
lougikat Messages postés 10 Date d'inscription samedi 6 octobre 2007 Statut Membre Dernière intervention 26 août 2009
10 oct. 2007 à 14:30
voici le rapport qui je crois est ce que tu veux voir mais pour la case blanche ,veux-tu dire le x en haut à droite, icone de fermeture de boite dialogue



SmitFraudFix v2.239

Rapport fait à 20:26:55,34, 2007-10-09
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\system32\regmod.exe supprimé

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{8FC86865-78DC-4EF8-8AC6-A3AD9E6F9CCA}: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{8FC86865-78DC-4EF8-8AC6-A3AD9E6F9CCA}: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{8FC86865-78DC-4EF8-8AC6-A3AD9E6F9CCA}: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 192.168.2.1


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 9 / 17
lougikat Messages postés 10 Date d'inscription samedi 6 octobre 2007 Statut Membre Dernière intervention 26 août 2009
15 oct. 2007 à 16:38
je n'ai plus de nouvelle
est-ce terminé
est-ce ok
0
Réponse 10 / 17
fx
16 oct. 2007 à 17:19
Bonjour,

J'ai le meme problème

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:35, on 16/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LOGICIEL\COMPRESSION\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\LOGICIEL\MULTIMEDIA\Adobe Pro\Distillr\acrotray.exe
C:\Program Files\LOGICIEL\MULTIMEDIA\DSC-T50\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Documents and Settings\FX_surfer\Bureau\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\LOGICIEL\MULTIMEDIA\Adobe Pro\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\uxgfjbnn.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\LOGICIEL\MULTIMEDIA\Adobe Pro\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\LOGICIEL\MULTIMEDIA\Adobe Pro\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\uxgfjbnn.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\LOGICIEL\MULTIMEDIA\DSC-T50\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\LOGICIEL\MULTIMEDIA\Adobe Pro\Distillr\acrotray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\LOGICIEL\MULTIM~1\Office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\LOGICIEL\MULTIM~1\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/in ... er_gmn.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://fxsurfer.spaces.live.com//PhotoU ... nPUpld.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://photoways.com/clients/uploader_v2.2.0.6.cab
O20 - Winlogon Notify: uxgfjbnn - C:\WINDOWS\SYSTEM32\uxgfjbnn.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: License Management Service ESD - element5 - C:\Program Files\Fichiers communs\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\LOGICIEL\COMPRESSION\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 11 / 17
latitebelge
20 oct. 2007 à 17:04
Bonjour, j'ai le même problème que tout le monde, voici mon log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:17, on 20/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files2\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files2\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
D:\Program Files2\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
D:\Program Files2\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxpers.exe
D:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ojebaahi.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
O4 - HKLM\..\Run: [KASP] "C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\OESpamTest.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\wxjyhkym.dll",sitypnow
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://latitebelge-amoureuse.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://latitebelge-amoureuse.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files2\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files2\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files2\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files2\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
0
Réponse 12 / 17
Micky
21 oct. 2007 à 18:41
Bonjour,
j ai le meme probléme que tout le monde voici le rapport Hijackthis, que dois faire ?
Logfile of HijackThis v1.99.1
Scan saved at 18:35:37, on 21/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\WANADOO\TaskBarIcon.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Telecharger\anti\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.asus.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\nhysgopb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\wobymmko.dll",sitypnow
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} (StreamPlug Class) - http://www.streamplug.com/StreamPlug/SP.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3326151B-BB71-4335-ABFB-18DF719BD0EE}: NameServer = 192.168.1.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
0
Réponse 13 / 17
sandycool
14 nov. 2007 à 19:41
Bonjour,
j ai egalement le meme probleme!!
security tollbars s est installe et depuis...c est la cata!
aidez moi svp!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:34:06, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\neuf telecom\neuf Box\Wizard\Agent_WiFi.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Club-Internet\Le Compagnon Club\bin\mpbtn.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\jbcnggngd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\antivirus\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\ACER\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\foalacdo.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Workflow] D:\install\Workflow.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\CLUB-I~1\LECOMP~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2.1\McciTrayApp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\system32\rysmoyfo.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [jbcnggngd] c:\windows\system32\jbcnggngd.exe jbcnggngd
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [TVAgent WiFi] C:\Program Files\neuf telecom\neuf Box\Wizard\Agent_WiFi.exe
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: LE COMPAGNON CLUB.lnk = C:\Program Files\Club-Internet\Le Compagnon Club\bin\matcli.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{98B6A124-9610-41FC-A6D4-BD71C0748E70}: NameServer = 85.255.116.42,85.255.112.135
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c007364.dat
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\clnygtdu.exe
O23 - Service: ewido security suite control - Unknown owner - C:\Program Files\ewido anti-malware\ewidoctrl.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Syntek DC-112X Service (StkSSrv) - Unknown owner - C:\WINDOWS\System32\StkSrv2K.exe (file missing)
0
Réponse 14 / 17
paco
17 nov. 2007 à 10:08
j'ai le même probleme mais je n'ai rien ds program file qui s'appele security toolbar
0
Réponse 15 / 17
paco
22 nov. 2007 à 20:46
Bonjour,
j'ai le mém probleme toolbar7.1 que faire merci
0
Réponse 16 / 17
nouria94
15 févr. 2008 à 16:41
bonjour


alor moi jai un probleme avec les publicité je narrive pas a les bloquer ,quand jouvre internet explorer il ya plein de pub qui apparaissent
et a force sa me soul jai des pib de anti spawer etc... qui vienne tout le temp
je c pas koi faire aider moi svp
0
Réponse 17 / 17
miguicrazy Messages postés 2 Date d'inscription samedi 16 février 2008 Statut Membre Dernière intervention 16 février 2008
16 févr. 2008 à 00:22
MOI AUSSI JAI SE PROBLEMME ALORS JAI FAIT CE QUE AVEZ DIT ET SA DONNER SA





Search Navipromo version 3.4.5 commencé le 2008/02/15 à 17:54:06.67

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 11.02.2008 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\MENACE\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\MENACE\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\MENACE\MENUDM~1\PROGRA~1" ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\MENACE\locals~1\applic~1" *



*** Recherche fichiers ***




*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :


* Dans "C:\Documents and Settings\MENACE\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !

4)Recherche fichiers connus :



*** Analyse terminée le 2008/02/15 à 18:05:08.81 ***





ALORS AIDER MOI S.V.P. BESOIN URGENT
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Boîte mail piratée ?
mike the llama -
mike the llama -

4 réponses
Code de réinitialisation mdp facebook sans le demander
Colonel_El_Moustachat -
Colonel_El_Moustachat -

4 réponses
Security boot fail lors du démarrage
Steu -
NBK -

4 réponses
Analyse de l'appli "AI SECURITY"
cl06 -
CCMBot -

1 réponse