Aide analyse hijackthis
Fermé
dOta
-
18 mai 2006 à 13:05
Séb08 Messages postés 16502 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 - 19 mai 2006 à 13:37
Séb08 Messages postés 16502 Date d'inscription dimanche 13 novembre 2005 Statut Contributeur Dernière intervention 17 février 2023 - 19 mai 2006 à 13:37
A voir également:
- Aide analyse hijackthis
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Analyse performance pc - Guide
- Analyse composant pc - Guide
- Analyse batterie pc - Guide
7 réponses
aranjuez31
Messages postés
8047
Date d'inscription
lundi 7 novembre 2005
Statut
Contributeur
Dernière intervention
9 juillet 2006
354
18 mai 2006 à 13:19
18 mai 2006 à 13:19
hello
tu télécharges n importe quoi !!
et sans p-feu en plus
=============
3/ - Ewido (download)- gratuit même après 14 jours d’essai
http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
Copie/COLLE le rapport généré sur ce forum
4/ - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
6/ - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier
==========
suite à venir car gros boulot à faire sur ton hijack
tu télécharges n importe quoi !!
et sans p-feu en plus
=============
3/ - Ewido (download)- gratuit même après 14 jours d’essai
http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
Copie/COLLE le rapport généré sur ce forum
4/ - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
6/ - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier
==========
suite à venir car gros boulot à faire sur ton hijack
aranjuez31
Messages postés
8047
Date d'inscription
lundi 7 novembre 2005
Statut
Contributeur
Dernière intervention
9 juillet 2006
354
18 mai 2006 à 13:20
18 mai 2006 à 13:20
re
(A)- Si tu n’ as pas de pare-feu, autre que le ‘joujou’ de Windows (à désactiver), je te conseille Kerio (gratuit même après les 30 jours d’ essai)
Tutorial et téléchargement ici :
https://www.vulgarisation-informatique.com/kerio.php
(B)- Règle d’ or à respecter : 1 seul pare-feu, 1 seul antivirus
(A)- Si tu n’ as pas de pare-feu, autre que le ‘joujou’ de Windows (à désactiver), je te conseille Kerio (gratuit même après les 30 jours d’ essai)
Tutorial et téléchargement ici :
https://www.vulgarisation-informatique.com/kerio.php
(B)- Règle d’ or à respecter : 1 seul pare-feu, 1 seul antivirus
aranjuez31
Messages postés
8047
Date d'inscription
lundi 7 novembre 2005
Statut
Contributeur
Dernière intervention
9 juillet 2006
354
18 mai 2006 à 13:24
18 mai 2006 à 13:24
re
ouvre ton hijack
coche et fixe lignes suivantes :
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {201D3DA8-B495-4A3B-BEE8-6D8DDCCC5762} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E114CD5B-17CE-4807-890E-7B1EDF9F2E5E} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E24E8472-89B7-479F-8AD8-BBD7206A6A02} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - https://www.afternic.com/domains/downloadv3.com
+
O18 - Protocol: bw+0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
====
ce n est pas fini
je n ai pas encore attaqué les grosses merdes
ouvre ton hijack
coche et fixe lignes suivantes :
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {0DA910BC-6919-489E-B584-D9A4AAC7B8DE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {17BFC8DA-B4D6-4DB9-AA40-1CD32EDA9845} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {201D3DA8-B495-4A3B-BEE8-6D8DDCCC5762} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {624321F1-0581-49D8-99BD-2E952C2DF31B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1061_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A1C392A2-B274-46DB-89BE-1FBD476B9C93} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {E114CD5B-17CE-4807-890E-7B1EDF9F2E5E} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E19AB99F-AEC4-4B40-A5CA-F69D22522D77} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E24E8472-89B7-479F-8AD8-BBD7206A6A02} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {E7AE1661-EBEB-492B-AE0D-860DF24174C6} - https://www.afternic.com/domains/downloadv3.com
+
O18 - Protocol: bw+0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
====
ce n est pas fini
je n ai pas encore attaqué les grosses merdes
aranjuez31
Messages postés
8047
Date d'inscription
lundi 7 novembre 2005
Statut
Contributeur
Dernière intervention
9 juillet 2006
354
18 mai 2006 à 13:28
18 mai 2006 à 13:28
re
Télécharger ceci (merci a S!RI pour ce petit programme) :
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
L'exécuter, puis double-cliquer sur Smitfraudfix.cmd
Choisir l’option 1, il va générer un rapport
Copier-coller ce dernier dans un message sur le forum.
En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, redémarre en mode normal, copie-colle le rapport sauvegardé sur le forum.
=================
communique moi les 4 ou 5 rapports ddés
et remets moi un hijack
que je puisse continuer
Télécharger ceci (merci a S!RI pour ce petit programme) :
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
L'exécuter, puis double-cliquer sur Smitfraudfix.cmd
Choisir l’option 1, il va générer un rapport
Copier-coller ce dernier dans un message sur le forum.
En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, redémarre en mode normal, copie-colle le rapport sauvegardé sur le forum.
=================
communique moi les 4 ou 5 rapports ddés
et remets moi un hijack
que je puisse continuer
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
un seul mot OH MY GOD,les femme et les enfant d'abord.plus serieusement bonjour aranjuez,vcoila les rapport que tu ma demander ,j'espere avoir suivi les indication correctemment,merci d'avance.
ANALYSE EWIDO RESULTAT:
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 01:34:35, 19/05/2006
+ Somme de contrôle: 3AB10FB2
+ Résultats du scan:
HKLM\SOFTWARE\Classes\CLSID\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Nettoyer et sauvegarder
HKU\S-1-5-21-2298694051-428007868-3645771463-1003\Software\egdhtml -> Dialer.Generic : Nettoyer et sauvegarder
[1692] C:\DOCUME~1\PROPRI~1\APPLIC~1\UPLOAD~1\BAGS PLATFORM.exe -> Downloader.Swizzor.bo : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.41:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.42:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.43:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.56:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.38:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.39:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.40:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.45:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.46:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.47:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.48:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
C:\Program Files\RealVNC\VNC4\wm_hooks.dll -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4 : Nettoyer et sauvegarder
::Fin du rapport
ANALYSE SIRI RESULTAT(c vrai sympatique ce programme):
ANALYSE EWIDO RESULTAT:
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 01:34:35, 19/05/2006
+ Somme de contrôle: 3AB10FB2
+ Résultats du scan:
HKLM\SOFTWARE\Classes\CLSID\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\CLSID\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Nettoyer et sauvegarder
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Nettoyer et sauvegarder
HKU\S-1-5-21-2298694051-428007868-3645771463-1003\Software\egdhtml -> Dialer.Generic : Nettoyer et sauvegarder
[1692] C:\DOCUME~1\PROPRI~1\APPLIC~1\UPLOAD~1\BAGS PLATFORM.exe -> Downloader.Swizzor.bo : Nettoyer et sauvegarder
:mozilla.27:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
:mozilla.41:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.42:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.43:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Zedo : Nettoyer et sauvegarder
:mozilla.49:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.56:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\fgmp06dc.default\cookies.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.38:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.39:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
:mozilla.40:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
:mozilla.45:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.46:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
:mozilla.47:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
:mozilla.48:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\s1qaovdt.zad\cookies.txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyer et sauvegarder
C:\Program Files\RealVNC\VNC4\wm_hooks.dll -> Not-A-Virus.RemoteAdmin.Win32.WinVNC.4 : Nettoyer et sauvegarder
::Fin du rapport
ANALYSE SIRI RESULTAT(c vrai sympatique ce programme):
ANALYSE SIRI RESULTAT(c vrai sympatique ce programme):
SmitFraudFix v2.45
Rapport fait à 2:03:54,12, 19/05/2006
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
2EME ANALYSE(MODE SANS ECHECS)
SmitFraudFix v2.45
Rapport fait à 2:13:36,82, 19/05/2006
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin
ANALYSE HIDJACK APRES NETTOYAGE:
Logfile of HijackThis v1.99.1
Scan saved at 13:20:27, on 19/05/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\program files\steam\steam.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {E98C0E88-ECAF-581C-604D-F76A6B73C6FB} - C:\DOCUME~1\PROPRI~1\APPLIC~1\UPLOAD~1\BAGS PLATFORM.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Propriétaire\launcher.exe" -inv:bootrun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [lite ping] C:\DOCUME~1\PROPRI~1\APPLIC~1\HIDEFR~1\Axis third.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
voila bon courage j'espere qui y aura moins de bordel
PS:est-ce que je peut activer ewido et kerio en meme temps car j'ai l'impression que ezido et un pare feu aussi,merci.
SmitFraudFix v2.45
Rapport fait à 2:03:54,12, 19/05/2006
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Propri‚taire\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\PROPRI~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
2EME ANALYSE(MODE SANS ECHECS)
SmitFraudFix v2.45
Rapport fait à 2:13:36,82, 19/05/2006
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin
ANALYSE HIDJACK APRES NETTOYAGE:
Logfile of HijackThis v1.99.1
Scan saved at 13:20:27, on 19/05/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\program files\steam\steam.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {20929603-21DB-477C-BA6F-0B8E70B3C8A0} - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: (no name) - {E98C0E88-ECAF-581C-604D-F76A6B73C6FB} - C:\DOCUME~1\PROPRI~1\APPLIC~1\UPLOAD~1\BAGS PLATFORM.exe (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Propriétaire\launcher.exe" -inv:bootrun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [lite ping] C:\DOCUME~1\PROPRI~1\APPLIC~1\HIDEFR~1\Axis third.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {4A5812EA-10A7-40D5-9353-6BF027005C3B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
voila bon courage j'espere qui y aura moins de bordel
PS:est-ce que je peut activer ewido et kerio en meme temps car j'ai l'impression que ezido et un pare feu aussi,merci.
Séb08
Messages postés
16502
Date d'inscription
dimanche 13 novembre 2005
Statut
Contributeur
Dernière intervention
17 février 2023
1 429
19 mai 2006 à 13:37
19 mai 2006 à 13:37
Slt dOta,
Fais attention à ce que tu fais ... :)
Tu as recréé un thread avec les derniers rapports cités au dessus.
Le nouveau post va être supprimer.
Merci
Fais attention à ce que tu fais ... :)
Tu as recréé un thread avec les derniers rapports cités au dessus.
Le nouveau post va être supprimer.
Merci
