Enlever des pub !
Utilisateur anonyme
-
J_O_J_O Messages postés 50 Date d'inscription Statut Membre Dernière intervention -
J_O_J_O Messages postés 50 Date d'inscription Statut Membre Dernière intervention -
Bonjour,J'aimerais connaitre un logiciel ou une manipulation a faire ... Qui enlève Des pub qui viennet me couper mon travaille sans cesse !!
Quand je joue en ligne sa me deconnecte e je suis obliger de les enlever
Sa commence a me saouler ... J'ai plein de pub qui arrive comment les enlever !! merci !!
Quand je joue en ligne sa me deconnecte e je suis obliger de les enlever
Sa commence a me saouler ... J'ai plein de pub qui arrive comment les enlever !! merci !!
Configuration: Windows XP Firefox 3.0.5
A voir également:
- Enlever des pub !
- Enlever pub youtube - Accueil - Streaming
- Pub par sms - Guide
- Enlever pub xiaomi ✓ - Forum Xiaomi
- Enlever le mode sécurisé - Guide
- Enlever liste déroulante excel - Guide
57 réponses
- 1
- 2
- 3
Suivant
Résumé de la discussion
Des utilisateurs cherchent un logiciel ou une manipulation pour supprimer les publicités intrusives qui interrompent le travail et provoquent des déconnexions en ligne, sous Windows XP et Firefox 3.0.5. Plusieurs réponses évoquent AD-Remover comme solution potentielle, avec téléchargement et installation, exécution et génération d’un rapport sauvegardé, puis instructions pour copier-coller les résultats, tandis que d’autres avis citent des actions de désinfection du système. Enfin, certaines réponses soulignent la nécessité d’évaluer la fiabilité des outils et rappellent les risques potentiels liés à l’installation d’un logiciel de désinfection, notamment les questions de compatibilité avec des applications de messagerie.
bonmjour
telecharge cela:util pour voir ce que peut etre l infection et agir ensuite.
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
installe le normallement comme tout autre programme dans c/programme/...............
clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
telecharge cela:util pour voir ce que peut etre l infection et agir ensuite.
http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
installe le normallement comme tout autre programme dans c/programme/...............
clique sur do a scan and save a logfile, tu obtiens un rapport que tu colles.
Salut lol fait ça stp : *Télécharges et installes le logiciel HijackThis de Merijn(prog de diagnostic !) :
*ici : http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
*Ouvre et click sur: "do you scan systeme and save log file" a la fin du scan poste le rapport ici :)
*ici : http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
*Ouvre et click sur: "do you scan systeme and save log file" a la fin du scan poste le rapport ici :)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Oui exact copie le et colle le =) Oui et non y'a des infos sur ton pc et non personnel ! [ Enfin peux être ton nom et prenom sa dépend comment ta nommée ta session et ton pc ] Mais ne tkt pas !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:20, on 02/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {438eb570-d347-467d-8752-d4e2aef79348} - C:\WINDOWS\system32\vekopefu.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK] C:\Documents and Settings\All Users\Application Data\That Face Camp Shim\glue cast.exe
O4 - HKLM\..\Run: [tonezapima] Rundll32.exe "C:\WINDOWS\system32\nanemefu.dll",s
O4 - HKLM\..\Run: [CPM0f097f6a] Rundll32.exe "c:\windows\system32\divosewo.dll",a
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PopReadme] C:\DOCUME~1\oem\APPLIC~1\TEAMTH~1\Delete Four.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [tonezapima] Rundll32.exe "C:\WINDOWS\system32\nanemefu.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\melunule.dll c:\windows\system32\sawubiyi.dll c:\windows\system32\midevebi.dll C:\WINDOWS\system32\hifofiga.dll c:\windows\system32\divosewo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\divosewo.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\divosewo.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Scan saved at 19:39:20, on 02/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {438eb570-d347-467d-8752-d4e2aef79348} - C:\WINDOWS\system32\vekopefu.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK] C:\Documents and Settings\All Users\Application Data\That Face Camp Shim\glue cast.exe
O4 - HKLM\..\Run: [tonezapima] Rundll32.exe "C:\WINDOWS\system32\nanemefu.dll",s
O4 - HKLM\..\Run: [CPM0f097f6a] Rundll32.exe "c:\windows\system32\divosewo.dll",a
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [PopReadme] C:\DOCUME~1\oem\APPLIC~1\TEAMTH~1\Delete Four.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [tonezapima] Rundll32.exe "C:\WINDOWS\system32\nanemefu.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\system32\melunule.dll c:\windows\system32\sawubiyi.dll c:\windows\system32\midevebi.dll C:\WINDOWS\system32\hifofiga.dll c:\windows\system32\divosewo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\divosewo.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\divosewo.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
Ta du Navipromo est Vundo comme infection =s Ont va virer tout ça :P commence par ça stp ::
Télécharge et installe Malwarebyte's Anti-Malware:
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
*met le a jours !!
*redémarre en mode sans échec ! (tapote la touche f8 ou f5 au démarrage du pc et choisi ta session habituel)
*ouvre malwaresbyte's ! et scan avec (exécute un scan complet !)
*a la fin tout ce qui trouvera tu supprimera :)
*a la fin un rapport sera généré(bloc note s'ouvre) garde le et poste le ici
Comment reboot en mode sans échec ::: https://forums.cnetfrance.fr
Télécharge et installe Malwarebyte's Anti-Malware:
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
*met le a jours !!
*redémarre en mode sans échec ! (tapote la touche f8 ou f5 au démarrage du pc et choisi ta session habituel)
*ouvre malwaresbyte's ! et scan avec (exécute un scan complet !)
*a la fin tout ce qui trouvera tu supprimera :)
*a la fin un rapport sera généré(bloc note s'ouvre) garde le et poste le ici
Comment reboot en mode sans échec ::: https://forums.cnetfrance.fr
Je les deja le logiciel pour le mettre en route j'appuis ou ? J'ai 2 boutons Soit : mbam ou mbamtrayctrl
Oulala euh désinstalle la version que ta Puis reprend celle que je t'es donné et à la fin de l'installation clique deux fois sur l'icône qui se sera crée sur le bureau [ bureau = font d'écran avec des icônes ]
Oui ! Si il date pas de l'année dernière [ trop bon la blague ^^ ] et que ton antivirus et à jour :) Mais essaye Mbam quand même --'
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1597
Windows 5.1.2600 Service Pack 3
02/01/2009 22:19:37
mbam-log-2009-01-02 (22-19-37).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 149195
Temps écoulé: 1 hour(s), 36 minute(s), 55 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 31
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hifofiga.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yutununu.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vekopefu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nanemefu.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\divosewo.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{438eb570-d347-467d-8752-d4e2aef79348} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{438eb570-d347-467d-8752-d4e2aef79348} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{438eb570-d347-467d-8752-d4e2aef79348} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tonezapima (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm0f097f6a (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\hifofiga.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hifofiga.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\hifofiga.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\divosewo.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\divosewo.dll -> Delete on reboot.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\nanemefu.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\divosewo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vekopefu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hifofiga.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yutununu.dll (Trojan.Vundo) -> Delete on reboot.
C:\ARKF.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\oem\Local Settings\Application Data\Mozilla\Firefox\Profiles\4miq6mo7.default\Cache\63F1AE75d01 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP508\A0182080.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP508\A0182081.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP508\A0182082.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP512\A0186203.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP512\A0186204.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186499.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186500.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186501.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186498.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0194811.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0194812.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0194813.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0200816.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0200818.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fipuyuko.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nominenu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kowewohe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vokafifu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vonowiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wobupobu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pozowaha.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mirupibe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rifedava.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rituvuza.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
Version de la base de données: 1597
Windows 5.1.2600 Service Pack 3
02/01/2009 22:19:37
mbam-log-2009-01-02 (22-19-37).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 149195
Temps écoulé: 1 hour(s), 36 minute(s), 55 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 5
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 31
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\hifofiga.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yutununu.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vekopefu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nanemefu.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\divosewo.dll (Trojan.Vundo.H) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{438eb570-d347-467d-8752-d4e2aef79348} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{438eb570-d347-467d-8752-d4e2aef79348} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{438eb570-d347-467d-8752-d4e2aef79348} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tonezapima (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm0f097f6a (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\hifofiga.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hifofiga.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\hifofiga.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\divosewo.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\divosewo.dll -> Delete on reboot.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\nanemefu.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\divosewo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\vekopefu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hifofiga.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\yutununu.dll (Trojan.Vundo) -> Delete on reboot.
C:\ARKF.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\oem\Local Settings\Application Data\Mozilla\Firefox\Profiles\4miq6mo7.default\Cache\63F1AE75d01 (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP508\A0182080.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP508\A0182081.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP508\A0182082.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP512\A0186203.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP512\A0186204.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186499.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186500.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186501.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP513\A0186498.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0194811.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0194812.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0194813.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0200816.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A169DCC0-1F7F-402E-AECE-5088C45E0AC6}\RP514\A0200818.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fipuyuko.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nominenu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kowewohe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vokafifu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vonowiya.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wobupobu.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pozowaha.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mirupibe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rifedava.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rituvuza.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
- 1
- 2
- 3
Suivant
