Infection win32 crypt

louloun -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
suite a un telechargement mon pc est infecter par win32 crypt (scan davast ).il lance automatiquement mon disque dur externe ou le déconnecte ce qui bloque tous mes telechargement en cour,g lancer un scan d'hijack this et voici le rapport.
que doi je faire.merci de votre aide



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:13:37, on 30/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ServoApp.exe
C:\Program Files\MFP Server\App\Common\MFPAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [KASP] "C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\OESpamTest.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe -CheckAutoRun
O4 - HKLM\..\Run: [Server Application] C:\WINDOWS\system32\ServoApp.exe
O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S65.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S71.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www8.hp.com/fr/fr/home.html
O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://madlouloun.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/moncompte/Account/LogOn?ReturnUrl=%2ftransfert
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-bbb5b33baadc158c.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
A voir également:

13 réponses

Réponse 1 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt

sur un ordi un seul antivirus:

vire avast et garde kaspersky

pour virer avast:

https://www.avast.com/fr-fr/uninstall-utility


_____________________

branche ton disque externe et tes clés usb

puis

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
louloun
 
salut merci d'avoir repondu
je nai qu'un seul texte qui c'est ouvert le voici


Logfile of random's system information tool 1.06 (written by random/random)
Run by compaqy at 2009-03-30 13:55:24
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 14 GB (36%) free of 38 GB
Total RAM: 382 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:55:26, on 30/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ServoApp.exe
C:\Program Files\MFP Server\App\Common\MFPAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\compaqy\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\compaqy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [KASP] "C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\OESpamTest.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MFP Manager] C:\Program Files\MFP Server\MFPAgent.exe -CheckAutoRun
O4 - HKLM\..\Run: [Server Application] C:\WINDOWS\system32\ServoApp.exe
O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files\MFP Server\App\Common\MFPAgent.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S65.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\WINDOWS\TEMP\E_S71.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://madlouloun.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.photoweb.fr/telechargement/telechargement-photoweb.cab
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www4.photoweb.fr/telechargement/Photoweb_uploader.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-bbb5b33baadc158c.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
0
Réponse 2 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tu as gardé avast ou kaspersky?

_________________


Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus

# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!

2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.

_________________


scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:


https://www.malekal.com/tutoriel-malwarebyte-anti-malware/­


__________________

colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr
0
louloun
 
g garder avast

je vai faire ce que tu mindique
vu que je suis pas une pro peu tu me dire si je nai pas dinfection apres la premiere etape faut il que je fasse la seconde?
0
Réponse 3 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
fais la suite et on saura ce qu'il en est exactement

a plus
0
louloun
 
dac
rav indique que mon pc est sain
parcontre le second lien que tu ma donner na pa valide
0
Réponse 4 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok fais la suite alors
0
louloun
 
voici le rapport de malwarebytes avnt que je supprime ce qui avait ete trouver
Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1918
Windows 5.1.2600 Service Pack 3

30/03/2009 18:25:30
mbam-log-2009-03-30 (18-25-06).txt

Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 149975
Temps écoulé: 1 hour(s), 32 minute(s), 18 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> No action taken.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)




et voici le rapport une foi les element supprimé
Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1918
Windows 5.1.2600 Service Pack 3

30/03/2009 18:25:30
mbam-log-2009-03-30 (18-25-06).txt

Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 149975
Temps écoulé: 1 hour(s), 32 minute(s), 18 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> No action taken.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)



je fai la suite
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
il fallait virer ce qui a été trouvé par malwarbeyte
0
louloun
 
comment je fait?
0
Réponse 6 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tu regarde le manuel

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
louloun
 
c bon c'est ce ke jai fai
je sui en train de faire le scan en ligne
0
Réponse 7 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok
a plus
0
louloun
 
me revoila g lancer le scan en ligne de pandaactiv scan,pendant mon absence,la page ki safiche me di simplement ke je sui infecter
Que doije faire maintenant?

merci
0
Réponse 8 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
il faudrait le rapport pour voir les fichiers infectés et les virer gratos ...
0
louloun
 
je vai relancer un scan pour voir si il y a un rapport.
sur la page ou il etait indiquer ke mon ordi etai infecter je pouvai le faire desinfecter gratuit par leur outil
je me sert de celui la?
0
Réponse 9 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
oui si c'est grtuit tu peux faire

mais il me faudrait le rapport pour voir que faire
0
louloun
 
ok ben le scan est lancer
mais o depart avec panda, jme sui tromper et g lancer un scan rapide a la fin il etai indiquer ke j'etai infecter mai il mon pas aficher de rapport!
avec le scan minutieux est tu sur kil y en a un?
0
Réponse 10 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
avec le scan minutieux est tu sur kil y en a un?

oui
0
louloun
 
voici le rapport de scan (scan en ligne panda activscan)


;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-04-03 22:35:30
PROTECTIONS: 1
MALWARE: 33
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus 4.7.1098 [VPS 090402-1] 4.7.1098 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@doubleclick[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@atdmt[3].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.tradedoubler.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.247realmedia.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.fastclick.net/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.mediaplex.com/]
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.sexlist.com/]
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.sexlist.com/]
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.sexlist.com/]
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.sexlist.com/]
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.sexlist.com/]
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.sexlist.com/]
00147806 Cookie/7search TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.7search.com/]
00147806 Cookie/7search TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.7search.com/]
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.revenue.net/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@xiti[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.apmebf.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.bs.serving-sys.com/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adtech.de/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adtech.de/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.adtech.de/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adtech.de/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[fl01.ct2.comclick.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.advertising.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.overture.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.zedo.com/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Cookies\compaqy@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.bluestreak.com/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.bluestreak.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.adrevolver.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.adultfriendfinder.com/]
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[searchportal.information.com/]
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adviva.net/]
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.adviva.net/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Cookies\greg@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\compaqy\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\cookies.txt[.smartadserver.com/]
00294875 Adware/SaveNow Adware No 0 Yes No C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\chrome\whenu_ff.jar[content/overlay.js]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\compaqy\Bureau\Flash_Disinfector.exe[C:\Documents and Settings\compaqy\Bureau\Flash_Disinfector.exe][nircmd.exe]
00620810 Adware/MediaAdvantage Adware No 0 Yes No C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\MeMedia_FF.dll
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\greg\Application Data\Mozilla\Firefox\Profiles\k3uolk5o.default\cookies.txt[.enhance.com/]
02861976 Trj/Agent.HEH Virus/Trojan No 1 Yes No C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix\msnchk.exe
02861976 Trj/Agent.HEH Virus/Trojan No 1 Yes No C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix\incl\msnchk.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location Z
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description Z
;===================================================================================================================================================================================
;===================================================================================================================================================================================



pour ce ki est du virus trojan des deux derniere ligne je men etai debarasser il y a deja 2ans et je nai plus de pb avec.

est ce ke je lance la desinfection gratuite?
0
Réponse 11 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe (de Old_Timer) sur ton Bureau.

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste instruction for items to be moved.
(attention bien mettre :files)

:files
C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\ch­rome\whenu_ff.jar
C:\Documents and Settings\compaqy\Bureau\Flash_Disinfector.exe[C:\Documents and Settings\compaqy\Bureau\Flash_Disinfector.exe
C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}\co­mponents\MeMedia_FF.dll
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix\msnchk.exe
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix
:commands
[purity]
[emptytemp]
[start explorer]


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.


_________________


utilise pour supprimer tes traces

CCLEANER: (lance un nettoyage et répare 3 fois le registre) sans installer la barre yahoo
(dans les options puis avancé :désactive la case: effacer les fichiers de plus de 48 heures)
https://www.malekal.com/tutoriel-ccleaner/
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-----------------------


Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
_________________

encore des soucis???
0
louloun
 
voici le rapport


========== FILES ==========
File/Folder C:\Program Files\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\ch­­rome\whenu_ff.jar not found.
File/Folder C:\Documents and Settings\compaqy\Bureau\Flash_Disinfector.exe[C:\Documents and Settings\compaqy\Bureau\Flash_Disinfector.exe not found.
File/Folder C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}\co­­mponents\MeMedia_FF.dll not found.
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix\msnchk.exe moved successfully.
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix\incl moved successfully.
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNFix moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\compaqy\LOCALS~1\Temp\ee366d2b2e4ede8287de879e85a0dcc2PSK_PLUGINS_0 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\compaqy\LOCALS~1\Temp\Perflib_Perfdata_fd0.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5f0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\84841B91d01 scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04032009_225208

Files moved on Reboot...
C:\DOCUME~1\compaqy\LOCALS~1\Temp\ee366d2b2e4ede8287de879e85a0dcc2PSK_PLUGINS_0 moved successfully.
File C:\DOCUME~1\compaqy\LOCALS~1\Temp\Perflib_Perfdata_fd0.dat not found!
C:\WINDOWS\temp\_avast4_\Webshlock.txt moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_5f0.dat moved successfully.
C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\84841B91d01 moved successfully.
C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\compaqy\Local Settings\Application Data\Mozilla\Firefox\Profiles\pj2lvnkm.default\XUL.mfl moved successfully.



je vai faire la suite
0
louloun > louloun
 
et voici le dernier rapport :

[ Rapport ToolsCleaner version 2.3.3 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\MsnCleaner.txt: trouvé !
C:\HijackThis: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\compaqy\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\compaqy\Bureau\Rsit.exe: trouvé !
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNCleaner.exe: trouvé !
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\rapport hijack\hijackthis.log: trouvé !
C:\Documents and Settings\compaqy\Mes documents\HijackThis.exe: trouvé !
C:\hijackthis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !
C:\_OTMoveIt\MovedFiles\04032009_225208\Documents and Settings\compaqy\Bureau\r\nettoyage\MsnFix: trouvé !

---------------------------------
--> Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\MSNCleaner.exe: supprimé !
C:\Documents and Settings\compaqy\Mes documents\HijackThis.exe: supprimé !
C:\hijackthis\HijackThis.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\MsnCleaner.txt: supprimé !
C:\Documents and Settings\compaqy\Bureau\OTMoveIt3.exe: supprimé !
C:\Documents and Settings\compaqy\Bureau\Rsit.exe: supprimé !
C:\Documents and Settings\compaqy\Bureau\r\nettoyage\rapport hijack\hijackthis.log: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\HijackThis: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !





il me semble kil ny a plus de probleme,

mon disque dur extern tourne normalement


merci pour ton aide.
pour garder mon pc sain peu tu mindiquer quelque conseil(logiciel nettoyant ...)ou fau til ke je créer une nouvel discution?



merci encore
0
louloun
 
derniere question est ce ke je peu effacer tou ce ke g telecharger pour la desinfection?

merci
0
Réponse 12 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
tool cleaner a viré ce qui a été utilisé


___________________





pour protéger gratos ton ordi
http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

ANTIVIR ou ((AVAST)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
MALWAREBYTE ANTIMALWARE + SPYBOT
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

--------
un pare feu :
(celui de Windows) ou mieux COMODO ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

http://www.clubic.com/telecharger-fiche11071-sunbelt-persona­l-firewall-e(...)
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
https://www.commentcamarche.net/telecharger/ 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf
0
lououn
 
merci pour tout je vai suivra tes conseil
0
Réponse 13 / 13
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok bonne suite
0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Comment décrypter (ouvrir) un fichier .crypt14 Whatsapp
questionuser -
jordane45 -

5 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses
Comment récupérer des fichiers crypt14 supprimes accident ?
CharlesIII -
Charlesiii -

4 réponses