Sujet Précédent Sujet Suivant

Mon pc reste infecté apres formatage

nico -  
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour a tous,
J'ai formater mon DD il ya moins d'un mois car Avast me disait sans arret qu'il etait infecté.Je reinstalle tout et apres avoir reinstallé avast, il me dit qu'il ya encore des virus sur mon PC. Je les ai ignorés jusqu'a present car ils ne me derangaient po vraiment mais, il y a 2 jours, je suis tombé sur une veritable avalanche de virus, trojan et compagnie et je voudrais savoir comment m'en debarrasser manuellement une fois pour toute( puisque apparement un formatage ne suffit po) et aussi comment proteger efficacement ma future config.
MErci de me repondre au plus vite, je n'en peux plus...
A voir également:

12 réponses

Réponse 1 / 12
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
slt,

Pour vérifier, scanne ton PC avec cet antivirus en ligne (sous IE et accepte l’activX) :
http://www.bitdefender.fr/bd/site/search.php#
Clique sur « scan on line » suis les instructions.

Et colle le rapport

Ensuite :

télécharge HijackThis (version francaise) ici:
http://telechargement.zebulon.fr/160-Patch-fran%C3%A7ais-pour-HijackThis.html

Dézippe le dans un dossier prévu à cet effet.

Par exemple C:\hijackthis < Enregistre le bien dans c : !

Démo (merci à Balltrap) :
instalation hijackthis
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "faire un scan et sauvegarder le log" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (merci à balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

On va voir ce qu'on peut faire.

A+

0
Réponse 2 / 12
nico
 
je ne peux pas exporter le rapport d'analyse bitdefender sans faire planter mon pc. je reessaie pour voir...
Cela pourrait aller si je copiait collait directement la listes des fichiers infectés de mon DD?
Sinon, ca marche de lancer seulement HIjack this?
merci d'avance...
0
Réponse 3 / 12
nico
 
voila le rapport bitdefender, j'ai finalement reussi a l'enregister

BitDefender Online Scanner

Rapport d'analyse généré à: Sat, Sep 16, 2006 - 14:29:14

Voie d'analyse: A:\;C:\;D:\;E:\;F:\;I:\;

Statistiques

Temps

00:20:51

Fichiers

141038

Directoires

2476

Secteurs de boot

4

Archives

1431

Paquets programmes

17070

Résultats

Virus identifiés

15

Fichiers infectés

34

Fichiers suspects

0

Avertissements

0

Désinfectés

0

Fichiers effacés

29

Info sur les moteurs

Définition virus

454517

Version des moteurs

AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Analyse des plugins

13

Archive des plugins

38

Unpack des plugins

6

E-mail plugins

6

Système plugins

1

Paramètres d'analyse

Première action

Désinfecté

Seconde Action

Supprimé

Heuristique

Oui

Acceptez les avertissements

Oui

Extensions analysées

*;

Excludez les extensions

Analyse d'emails

Oui

Analyse des Archives

Oui

Analyser paquets programmes

Oui

Analyse des fichiers

Oui

Analyse de boot

Oui

Fichier analysé

Statut

C:\deskbar4.exe

Infecté par: Trojan.DollarRevenue.B

C:\deskbar4.exe

Echec de la désinfection

C:\deskbar4.exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temp\cmdinst.exe

Infecté par: Trojan.Proxy.493

C:\Documents and Settings\Administrateur\Local Settings\Temp\cmdinst.exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temp\cmdinst.exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\drsmartload45a[1].exe

Infecté par: Generic.Adload.F9C9B292

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\drsmartload45a[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\drsmartload45a[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\drsmartload849a[1].exe

Infecté par: Generic.Adload.F3CFFEC4

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\drsmartload849a[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\drsmartload849a[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\installer[1].exe

Infecté par: Trojan.Proxy.493

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\installer[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\installer[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\MTE3NDI6ODoxNg[1].exe

Infecté par: Trojan.Downloader.Small.BUY

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3H3Y1K9N\MTE3NDI6ODoxNg[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DTPHY6HT\deskbar[1].exe

Infecté par: Trojan.DollarRevenue.B

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DTPHY6HT\deskbar[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DTPHY6HT\deskbar[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\IUS9JF3J\Installer[1].exe

Infecté par: Trojan.Canbede.L

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\IUS9JF3J\Installer[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\IUS9JF3J\Installer[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\drsmartload46a[1].exe

Infecté par: Generic.Adload.31217E54

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\drsmartload46a[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\drsmartload46a[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\loader[1].exe

Infecté par: Trojan.Downloader.Adload.DT

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\loader[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\loader[1].exe

Supprimé

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\SS1001[1].exe

Infecté par: Trojan.Dropper.Small.QN

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\SS1001[1].exe

Echec de la désinfection

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\LFGPG6WN\SS1001[1].exe

Supprimé

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\01TLDEOY\drsmartload195a[1].exe

Infecté par: Generic.Adload.B56E3CA8

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\01TLDEOY\drsmartload195a[1].exe

Echec de la désinfection

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\01TLDEOY\drsmartload195a[1].exe

Supprimé

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GBKN71CF\deskbar[1].exe

Infecté par: Trojan.DollarRevenue.B

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GBKN71CF\deskbar[1].exe

Echec de la désinfection

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GBKN71CF\deskbar[1].exe

Supprimé

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GBKN71CF\dr[1].exe

Infecté par: DeepScan:Generic.Malware.dld!!.D4C1D89C

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GBKN71CF\dr[1].exe

Echec de la désinfection

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GBKN71CF\dr[1].exe

Supprimé

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MI92EXV7\loader[1].exe

Infecté par: Trojan.Downloader.Adload.DT

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MI92EXV7\loader[1].exe

Echec de la désinfection

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MI92EXV7\loader[1].exe

Supprimé

C:\drsmartload.exe

Infecté par: Trojan.Downloader.Adload.DT

C:\drsmartload.exe

Echec de la désinfection

C:\drsmartload.exe

Supprimé

C:\drsmartload45a45x.exe

Infecté par: Generic.Adload.F9C9B292

C:\drsmartload45a45x.exe

Echec de la désinfection

C:\drsmartload45a45x.exe

Supprimé

C:\drsmartload46a46x.exe

Infecté par: Generic.Adload.31217E54

C:\drsmartload46a46x.exe

Echec de la désinfection

C:\drsmartload46a46x.exe

Supprimé

C:\drsmartload849a849x.exe

Infecté par: Generic.Adload.F3CFFEC4

C:\drsmartload849a849x.exe

Echec de la désinfection

C:\drsmartload849a849x.exe

Supprimé

C:\dwv.exe

Infecté par: DeepScan:Generic.Malware.dld!!.D4C1D89C

C:\dwv.exe

Echec de la désinfection

C:\dwv.exe

Echec de la suppression

C:\Installer4.exe

Infecté par: Trojan.Canbede.L

C:\Installer4.exe

Echec de la désinfection

C:\Installer4.exe

Supprimé

C:\MTE3NDI6ODoxNg.exe

Infecté par: Trojan.Downloader.Small.BUY

C:\MTE3NDI6ODoxNg.exe

Supprimé

C:\Program Files\Network Monitor\netmon.exe

Infecté par: Trojan.Dnschange.F

C:\Program Files\Network Monitor\netmon.exe

Echec de la désinfection

C:\Program Files\Network Monitor\netmon.exe

Echec de la suppression

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060073.dll

Infecté par: Trojan.Candebe.CZ

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060073.dll

Echec de la désinfection

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060073.dll

Supprimé

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060074.dll

Infecté par: Trojan.Candebe.CZ

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060074.dll

Echec de la désinfection

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060074.dll

Supprimé

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060075.dll

Infecté par: Trojan.Candebe.CZ

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060075.dll

Echec de la désinfection

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060075.dll

Supprimé

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060076.dll

Infecté par: Trojan.Candebe.CZ

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060076.dll

Echec de la désinfection

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0060076.dll

Supprimé

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0061055.dll

Infecté par: Trojan.Candebe.CZ

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0061055.dll

Echec de la désinfection

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0061055.dll

Supprimé

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0061070.exe

Infecté par: DeepScan:Generic.Malware.dld!!.D4C1D89C

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0061070.exe

Echec de la désinfection

C:\System Volume Information\_restore{4C4DE7F3-6123-44EC-BF9F-55DB06CE6EFF}\RP58\A0061070.exe

Supprimé

C:\winde.exe

Infecté par: Generic.Adload.B56E3CA8

C:\winde.exe

Echec de la désinfection

C:\winde.exe

Supprimé

C:\WINDOWS\dxsr.exe

Infecté par: Generic.Adload.B56E3CA8

C:\WINDOWS\dxsr.exe

Echec de la désinfection

C:\WINDOWS\dxsr.exe

Supprimé

C:\WINDOWS\system32\HNZidr12.dll

Infecté par: Trojan.Candebe.CZ

C:\WINDOWS\system32\HNZidr12.dll

Echec de la désinfection

C:\WINDOWS\system32\HNZidr12.dll

Echec de la suppression

C:\WINDOWS\system32\ssmc.exe

Infecté par: GenPack:Generic.Sdbot.F97B6735

C:\WINDOWS\system32\ssmc.exe

Echec de la désinfection

C:\WINDOWS\system32\ssmc.exe

Echec de la suppression

C:\WINDOWS\system32\sysinfo32.exe

Infecté par: GenPack:Generic.Sdbot.885831C2

C:\WINDOWS\system32\sysinfo32.exe

Echec de la désinfection

C:\WINDOWS\system32\sysinfo32.exe

Echec de la suppression
0
Réponse 4 / 12
nico
 
Et voila mon rapport hijack:

Logfile of HijackThis v1.99.1
Scan saved at 14:43:05, on 16/09/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Tmlra28\command.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\system32\ssmc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\MSDHCP32.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\sysinfo32.exe
C:\Program Files\QuickTime\qttask.exe
C:\kybrdff_e5.exe
C:\dfndrff_e5.exe
C:\nwnmff_e5.exe
C:\WINDOWS\System32\MSDHCP32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
c:\MTE3NDI6ODoxNgnew.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\i2.tmp
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://findthewebsiteyouneed.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Windows Update Manager] sysinfo32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_e5.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_e5.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmff_e5.exe
O4 - HKLM\..\Run: [Windows-Update] wuamgrd.exe
O4 - HKLM\..\RunServices: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKLM\..\RunServices: [Windows Update Manager] sysinfo32.exe
O4 - HKLM\..\RunServices: [Windows-Update] wuamgrd.exe
O4 - HKCU\..\Run: [MS Dynamic Host Configuration Protocol] MSDHCP32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: RunOnceEx - C:\WINDOWS\system32\pmtorsvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Tmlra28\command.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Reader Machine - Unknown owner - C:\WINDOWS\system32\ssmc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

Je l'ai fais apres redemmarage de mon pc( plantage) Je ne sais pas si ca fait quelque chose mais je prefere preciser...

J'espere que vous pourrez m'aider parce que je n'en peux plus...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
télécharge, installe ce log et scanne ton PC avec :

ewido (gratuit même après la période d’essai)
Téléchargement :
http://perso.orange.fr/entraide-hijackthis/Ewido/
Cliques sur « update » fais les mise à jour ensuite clique sur « scanner » puis sur « complete scan system ».
Tuto pour la version 4 d’Ewido :
https://www.malekal.com/tutorial-et-guide-ewido-v4/

"Deleted" tout ce qu'il te trouve et colle lme rapport STP.

A+
0
Réponse 6 / 12
nicoooooooo Messages postés 5 Statut Membre
 
voila mon rapport ewido, merci d'avance...
normalement tous les fichiers en quarantaine, ont été efacés

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:45:08 17/09/2006

+ Scan result:

C:\Program Files\Alwil Software\Avast4\DATA\moved\ASAPPSRV.DLL.vir -> Adware.CommAd : Cleaned with backup (quarantined).
C:\WINDOWS\Tmlra28\__delete_on_reboot__c_o_m_m_a_n_d_._e_x_e_ -> Adware.CommAd : Cleaned with backup (quarantined).
C:\WINDOWS\Tmlra28\asappsrv.dll -> Adware.CommAd : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1060284298-1972579041-725345543-500\Software\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1060284298-1972579041-725345543-500\Software\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKU\S-1-5-21-1060284298-1972579041-725345543-500\Software\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Cleaned with backup (quarantined).
C:\WINDOWS\system32\__delete_on_reboot__n_m_m_s_m_g_r_._d_l_l_ -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\fnj0211mg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\gp2ol3f31.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\h6n0lg5m16.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\i0nm0a51ed.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\i8lo0i33e8.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\j0l4la3q1d.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\m0pola731d.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mcrtdep.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mfawt.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mqgina.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\n68olgl316q.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\nv0029dmg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\uhrcntra.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\warebundlenewer.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Installer -> Adware.Look2Me : Cleaned with backup (quarantined).
[668] C:\WINDOWS\system32\mfawt.dll -> Adware.Look2Me : Error during cleaning.
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Local Settings\Temp\da9.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Local Settings\Temp\i2.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Program Files\SurfSideKick 3 -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Program Files\SurfSideKick 3\SskBho.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Program Files\SurfSideKick 3\SskCore.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf SideKick -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-1060284298-1972579041-725345543-500\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-1060284298-1972579041-725345543-500\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\UCmore - The Search Accelerator -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\UCmore - The Search Accelerator\How To Uninstall.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\UCmore - The Search Accelerator\UCmore - The Search Accelerator.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\UCmore - The Search Accelerator\UCmore Tour.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\INSTALL.LOG -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\IUCmore.dll -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\TBlogin.users.ucmore.com.4.5.40.0 -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\UNWISE.EXE -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\logo.ico -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\TheSearchAccelerator\toolbar.cfg -> Adware.UCmore : Cleaned with backup (quarantined).
C:\ucmoreiex.exe/IUCMORE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\ucmoreiex.exe/UCMTSAIE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\ucmoreiex.exe/empty_00000001 -> Adware.Ucmore : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UCmore - The Search Accelerator -> Adware.UCmore : Cleaned with backup (quarantined).
C:\Program Files\Network Monitor\__delete_on_reboot__n_e_t_m_o_n_._e_x_e_ -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.
:mozilla.68:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.69:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.70:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.458:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.459:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.460:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.495:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.352:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.353:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.413:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.287:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.288:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.390:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.392:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.393:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.279:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.178:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.412:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.208:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.209:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.210:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.211:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.212:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.213:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.214:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.215:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.471:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
:mozilla.147:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.148:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.149:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.310:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.311:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.284:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.285:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.286:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.32:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.33:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.34:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.35:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.60:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.318:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.477:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.479:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.480:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned.
:mozilla.306:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.31:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.16:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.17:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.18:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.20:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.22:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.23:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.24:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.25:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.26:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.27:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.28:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.271:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.272:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.273:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.274:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.275:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.100:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.101:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.102:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.103:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.104:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.105:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.106:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.107:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.108:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.109:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.110:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.111:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.112:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.114:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.115:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.116:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.117:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.118:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.119:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.120:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.121:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.122:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.123:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.124:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.126:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.127:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.128:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.79:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.80:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.81:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.82:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.83:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.84:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.85:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.86:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.87:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.88:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.89:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.90:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.91:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.92:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.93:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.94:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.95:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.96:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.97:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.98:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.99:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.130:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.131:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.132:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.133:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.134:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.135:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.136:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.137:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.138:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.139:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.140:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.141:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.144:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.71:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.72:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.73:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.359:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.183:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.184:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.185:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.251:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.259:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.276:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.277:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.278:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.400:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.360:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.361:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.10:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.11:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.12:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.13:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.6:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.7:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.8:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.9:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jyaucs4d.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Administrateur\Cookies\administrateur@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end
0
Réponse 7 / 12
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Slt,

Pour avance Séb

On va soulager Ewido


Fais ce qui suit

CleanUp40
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm

Tu refais un Ewido, tu colles le rapport == > tu verras la différence

Ensuite

Telecharge la derniere version stp

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

========================================
Refais un Hitjackthis

A+
0
Réponse 8 / 12
nicoooooooo Messages postés 5 Statut Membre
 
voila la premiere etape:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 14:27:48 17/09/2006

+ Scan result:

C:\WINDOWS\system32\vvscript.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
[1648] C:\WINDOWS\system32\nmdsapi.dll -> Adware.Look2Me : Error during cleaning.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\C96R89Q7\drsmartload1022a[1].exe -> Downloader.Adload.ds : Cleaned with backup (quarantined).
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2RGNCVWF\loader[1].exe -> Downloader.Adload.fg : Cleaned with backup (quarantined).
C:\Program Files\Network Monitor\__delete_on_reboot__n_e_t_m_o_n_._e_x_e_ -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.
C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.

::Report end
0
Réponse 9 / 12
nicoooooooo Messages postés 5 Statut Membre
 
2eme etape:

SmitFraudFix v2.90

Rapport fait à 14:31:28,98, 17/09/2006
Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\

C:\drsmartload?.exe PRESENT !
C:\drsmartload??.exe PRESENT !
C:\drsmartload???.exe PRESENT !
C:\drsmartload????.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\drsmartload2.dat PRESENT !
C:\WINDOWS\keyboard1.dat PRESENT !
C:\WINDOWS\newname.dat PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="repairs303169590.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 10 / 12
nicoooooooo Messages postés 5 Statut Membre
 
3eme etape:

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\drsmartload?.exe supprimé
C:\WINDOWS\drsmartload2.dat supprimé
C:\WINDOWS\keyboard1.dat supprimé
C:\WINDOWS\newname.dat supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 11 / 12
nicoooooooo Messages postés 5 Statut Membre
 
Et derniere etape, hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 14:45:52, on 17/09/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lsyss.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
c:\doc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mad.exe
C:\WINDOWS\System32\HPZipm12.exe
c:\Program Files\Numericable\Mon Assistant Internet\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer par NUMERICABLE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NUMERI~1\MONASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows-Update] wuamgrd.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunServices: [Windows-Update] wuamgrd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Mon Assistant Internet.lnk = C:\Program Files\Numericable\Mon Assistant Internet\bin\matcli.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\e8jmli1118.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Tmlra28\command.exe (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Reader Machine - Unknown owner - C:\WINDOWS\system32\ssmc.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Windows Reg Service - Unknown owner - C:\WINDOWS\system32\lsyss.exe
0
Réponse 12 / 12
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7

* Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
* Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
* Coche Run this program as a task
* Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 10 seconds". Clique OK
* Il se relancera après les 10 secondes, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
* Lorsque le scan termine, clique sur le bouton Remove L2M
* Un message Done Scanning apparaîtra, clique OK.
* Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
* Ton PC va maintenant s'éteindre.
* Démarre ton PC normalement.
* Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt , ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

#Si Look2Me-Destroyer ne se relance pas automatiquement après les 10 secondes, redémarre et essaie à nouveau.

##Si tu reçois un message de ton parefeu que l'outil tente d'accéder à l'internet : accepte.

###Si un message runtime error '339' s'affiche : télécharge MSWINSCK.OCX du lien ci-bas, et place-le dans le dossier C:\Windows\System32.
http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX

A+
0