Sujet Précédent Sujet Suivant

PC lent

Toggreb Messages postés 218 Statut Membre -  
Toggreb Messages postés 218 Statut Membre -
Bonjour,
mon ordi deviens lent et j'ai des fenetres de pub qui s'ouvrent de temps en temps.Virus?
Je post un rapport hijack.Quelqu'un pourrait-il jeter un oeil?Merci!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:52, on 30/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\fred\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\fred\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
A voir également:

65 réponses

Réponse 1 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Télécharge GenProc sur ton bureau

Double-clique sur GenProc.exe

et poste le contenu du rapport qui s'ouvre

Voir comment utiliser GenProc

Pour ceux qui ont Vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs

IMPORTANT : poste le rapport et ne fais rien d'autre pour l'instant ( souvent il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement )

1
Réponse 2 / 65
Toggreb Messages postés 218 Statut Membre 2
 
J'ai enlevé le compte d'utilisateur,je post le rapport demandé

Rapport GenProc 2.514 [2] - 04/04/2009 à 23:52:25 - Windows Vista

# Etape 1/ Télécharge :

- Toolbar-S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2 (Team IDN) sur ton Bureau.

Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** fred *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[2]" sur ton bureau).

# Etape 2/

Lance Toolbar-S&D situé sur le Bureau.
Tape sur "2" puis valide en appuyant sur "Entrée". Ne ferme pas la fenêtre lors de la suppression.

# Etape 3/

Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

# Etape 4/

Redémarre normalement et poste, dans la même réponse :

- Le contenu du rapport C:\TB.txt ;
- Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;

Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------

~~ Arguments de la procédure ~~

# Détections [1] GenProc 2.514 04/04/2009 à 23:40:39
Toolbar:le 04/04/2009 à 23:41:03 "C:\Windows\System32\b4fm.dll"

# Détections [2] GenProc 2.514 04/04/2009 à 23:50:42
Toolbar:le 04/04/2009 à 23:51:05 "C:\Windows\System32\b4fm.dll"
0
Réponse 3 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ok tu peux déjà suivre le procédure Genproc étape par étape et me poster les rapports, je te dis à demain.
0
Réponse 4 / 65
Toggreb Messages postés 218 Statut Membre 2
 
Ok,je me met au travail

A dem!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 65
Toggreb Messages postés 218 Statut Membre 2
 
C'est compliqué tout ca!
0
Réponse 6 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
non là tu en as qu'un à faire parfois il y en a 3 ou 4. à demain.
0
Réponse 7 / 65
Toggreb Messages postés 218 Statut Membre 2
 
Voilà,j'ai fait la procédure.Je post les 2 rapports(C:\TB.txt+nouveau rapport Hijack)

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-56 )
BIOS : Version 1.0
USER : fred ( Administrator )
BOOT : Fail-safe boot
Antivirus : Kaspersky Anti-Virus 8.0.0.506 (Activated)
C:\ (Local Disk) - NTFS - Total:141 Go (Free:72 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 05/04/2009| 1:06 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Windows\System32\b4fm.dll

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.01net.com/telecharger/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\fred\Documents\My Games\Age of Empires 3\Data\uipersonastats1-crackum.xml
C:\Users\fred\Documents\My Games\Age of Empires 3\Data\uipersonastats1-isaaccrack1.xml
C:\Users\fred\Documents\My Games\Age of Empires 3\Data\uipersonastats2-crackum.xml
C:\Users\fred\Documents\My Games\Age of Empires 3\Data\uipersonastats2-isaaccrack1.xml

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 05/04/2009| 0:16 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 05/04/2009| 1:07 - Option : [2]

-----------\\ Fin du rapport a 1:07:29,61

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:47:52, on 30/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\fred\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\fred\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
0
Réponse 8 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Ok maintenant fais ceci :

Télécharge malwarebytes

NB : S'il te manque COMCTL32.OCX alors télécharge le ici

Tu l´installe; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; clic sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".

Clic maintenant sur l´onglet recherche et coche la case : "exécuter un examen complet".

Puis clic sur "rechercher".

Laisse le scanner le pc...

Si des éléments on été trouvés > clic sur supprimer la selection.

si il t´es demandé de redémarrer > clic sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log

Tutoriaux

0
Réponse 9 / 65
Toggreb Messages postés 218 Statut Membre 2
 
le rapport malware...

Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1940
Windows 6.0.6001 Service Pack 1

05/04/2009 15:05:59
mbam-log-2009-04-05 (15-05-59).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 161300
Temps écoulé: 1 hour(s), 28 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{2F5E2DA4-B0D9-1715-429D-5B5DCE6535AF} (Rogue.Antivirus.Gold) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 10 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
très bien vide la quarantaine de malware, puis me faire ceci ensuite :

Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

Télécharge Superantispyware (SAS)

Choisis "enregistrer" et enregistre-le sur ton bureau.

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

Créé une icône sur le bureau.

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
- Sous Configuration and Préférences, clique sur le bouton "Préférences"
- Clique sur l'onglet "Scanning Control "
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

Close browsers before scanning (Fermer Navigateur avant le scan)

Scan for tracking cookies (Scan pour dépister les cookies)

Terminate memory threats before quarantining (Terminez les menaces de mémoire avant de mettre en quarantaine)

- Laisse les autres lignes décochées.

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

Dans la colonne de gauche, coche C:\Fixed Drive.

Dans la colonne de droite, sous "Complète scan", clique sur "Perform Complète Scan"

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

Pour recopier les informations sur le forum, fais ceci :

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
- Clique sur "Préférences" puis sur l'onglet "Statistics/Logs ".
- Dans "scanners logs", double-clique sur SuperAntiSpyware Scan Log.

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

- Copie son contenu dans ta réponse.

Regarde bien le tuto SuperAntiSpyware il est très bien expliqué.

0
Réponse 11 / 65
Toggreb Messages postés 218 Statut Membre 2
 
4h de scan,plus de 300 000 fichiers scannés,et il continue.
Damned!J'éspère que c'est normal...
0
Réponse 12 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
oui ça peut être long.
0
Réponse 13 / 65
Toggreb Messages postés 218 Statut Membre 2
 
Au point où on en est,autant le laisser continuer.(5h,400 000 fichiers,34 risques détectés).
0
Réponse 14 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ok on va attendre alors. A demain.
0
Réponse 15 / 65
Toggreb Messages postés 218 Statut Membre 2
 
Bigre!14 heurs de scan,1 200 000 fichiers
+
Unclassified.Unknown Origin: 1
Adware.Tracking Cooking: 105
Trojan.Agent/Gen-Burn4Free: 1

...et il continue!
0
Réponse 16 / 65
Toggreb Messages postés 218 Statut Membre 2
 
Je reve,il vient de finir.16h27 de scan,1 400 000 fichiers...
Je continue la procédure.
0
Réponse 17 / 65
Toggreb Messages postés 218 Statut Membre 2
 
Je post,donc,le rapport du scan.

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 04/06/2009 at 08:04 AM

Application Version : 4.26.1000

Core Rules Database Version : 3829
Trace Rules Database Version: 1785

Scan type : Complete Scan
Total Scan Time : 16:27:27

Memory items scanned : 628
Memory threats detected : 0
Registry items scanned : 6246
Registry threats detected : 1
File items scanned : 1391995
File threats detected : 106

Unclassified.Unknown Origin
HKU\S-1-5-21-2811648389-1416072487-2168136111-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A972081B-E5FE-45E4-BE29-856D23403C4F}

Adware.Tracking Cookie
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\All Users\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\All Users\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\All Users\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\ProgramData\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\ProgramData\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\ProgramData\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Application Data\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.doubleclick.net [ C:\Users\All Users\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.atdmt.com [ C:\Users\All Users\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\All Users\Mozilla\Firefox\Profiles\idny9qrl.default\cookies.txt ]

Trojan.Agent/Gen-Burn4Free
C:\TOOLBAR SD\BACKUP-TB\WINDOWS\SYSTEM32\B4FM.DLL
0
Réponse 18 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Tout ça effectivement, supprime tout ce que SAS à trouvé, ensuite fais moi ceci :

Télécharger RemoveIT Pro

Fais un scan et poste moi le full rapport log.

A la fin du 1er scan, s'il demande de faire un scan complet dite oui et à la fin du 2ème scan, si virus trouvé cliquez sur fix pour nettoyer des virus trouvés.
0
Réponse 19 / 65
Toggreb Messages postés 218 Statut Membre 2
 
On a un problème.Remove me trouve une infection.Me propose de l'enlever,mais manuellement seulement,ne le pouvant pas sinon.Il me propose de le faire en mode sans échec.Il ne m'a pas proposé de rapport non plus.
0
Réponse 20 / 65
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
tu n'as pas le nom de l'infection?
0