(ereur fatal) message a l ouverture de lordi
Toni
-
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Regis59 Messages postés 21143 Date d'inscription Statut Contributeur sécurité Dernière intervention -
besoin d aide urgent il y a plusiueurs virus dans mon ordi je ne sais plus comment m en debarasser , j ai tous essyer, merci a l avance de votre aide et mon log anti spywar est cela =========================================================================
This file was created by SpyAway on 05.23.07 06:07:34
http://spyaway2007.com/
=========================================================================
PRODUCT VERSION:
1.1.8
DATABASE VERSION:
1.0.1.2
SCAN MODE:
Full Scan
*******************************
INFECTED:
40
=========================================
- DETAILED REPORT.
=========================================
*******************************
INFECTED PROCCESS:
0
*******************************
- NOT FOUND -
*******************************
INFECTED REGISTRY ENTRIES:
11
*******************************
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352} - 2nd Thought
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489} - 2nd Thought
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30000273-8230-4dd4-be4f-6889d1e74167} - A Better Internet
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31} - 2020Search
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b} - 180Solutions
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} - 2nd Thought
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e} - 7FaSSt Search
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} - 180Solutions
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - 7FaSSt Search
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b} - 4Arcade PBar
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274} - 180Solutions
*******************************
INFECTED FILES:
29
*******************************
c:\windows\system32\fuamfu32.ini - Trojan.ADHammer
c:\windows\system32\gtv_sd.bin - Trojan.ADHammer
c:\windows\system32\lfd32.ini - Trojan.ADHammer
c:\windows\system32\msdn_lib.dll - Trojan.ADHammer
c:\windows\system32\msixu.dll - 180Solutions
c:\windows\system32\vxddsk.exe - Abebot
c:\windows\system32\wer8274.dll - 180Solutions
c:\windows\system32\wml.exe - Abebot
c:\windows\180ax.exe - 180Solutions
c:\windows\764.exe - 764 Dialer
c:\windows\7search.dll - 7FaSSt Search
c:\windows\bjam.dll - 2020Search
c:\windows\bokja.exe - 2nd Thought
c:\windows\cdsm32.dll - 2nd Thought
c:\windows\default.htm - Trojan.ADHammer
c:\windows\didduid.ini - 180Solutions
c:\windows\flt.dll - 7FaSSt Search
c:\windows\mspphe.dll - 2020Search
c:\windows\pbar.dll - 4Arcade PBar
c:\windows\saiemod.dll - 180Solutions
c:\windows\salm.exe - 180Solutions
c:\windows\satmat.exe - A Better Internet
c:\windows\stcloader.exe - 2nd Thought
c:\windows\susp.exe - A Better Internet
c:\windows\swin32.dll - 2nd Thought
c:\windows\updatetc.exe - 180Solutions
c:\windows\voiceip.dll - 2nd Thought
c:\windows\vxddsk.exe - Abebot
c:\windows\wml.exe - Abebot
*******************************
INFECTED COOKIES:
0
*******************************
- NOT FOUND -
*******************************
INFECTED FAVORITES:
0
*******************************
- NOT FOUND -
=========================================
- END OF FILE.
This file was created by SpyAway on 05.23.07 06:07:34
http://spyaway2007.com/
=========================================================================
PRODUCT VERSION:
1.1.8
DATABASE VERSION:
1.0.1.2
SCAN MODE:
Full Scan
*******************************
INFECTED:
40
=========================================
- DETAILED REPORT.
=========================================
*******************************
INFECTED PROCCESS:
0
*******************************
- NOT FOUND -
*******************************
INFECTED REGISTRY ENTRIES:
11
*******************************
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352} - 2nd Thought
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489} - 2nd Thought
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30000273-8230-4dd4-be4f-6889d1e74167} - A Better Internet
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31} - 2020Search
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b} - 180Solutions
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} - 2nd Thought
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e} - 7FaSSt Search
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} - 180Solutions
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - 7FaSSt Search
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b} - 4Arcade PBar
HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274} - 180Solutions
*******************************
INFECTED FILES:
29
*******************************
c:\windows\system32\fuamfu32.ini - Trojan.ADHammer
c:\windows\system32\gtv_sd.bin - Trojan.ADHammer
c:\windows\system32\lfd32.ini - Trojan.ADHammer
c:\windows\system32\msdn_lib.dll - Trojan.ADHammer
c:\windows\system32\msixu.dll - 180Solutions
c:\windows\system32\vxddsk.exe - Abebot
c:\windows\system32\wer8274.dll - 180Solutions
c:\windows\system32\wml.exe - Abebot
c:\windows\180ax.exe - 180Solutions
c:\windows\764.exe - 764 Dialer
c:\windows\7search.dll - 7FaSSt Search
c:\windows\bjam.dll - 2020Search
c:\windows\bokja.exe - 2nd Thought
c:\windows\cdsm32.dll - 2nd Thought
c:\windows\default.htm - Trojan.ADHammer
c:\windows\didduid.ini - 180Solutions
c:\windows\flt.dll - 7FaSSt Search
c:\windows\mspphe.dll - 2020Search
c:\windows\pbar.dll - 4Arcade PBar
c:\windows\saiemod.dll - 180Solutions
c:\windows\salm.exe - 180Solutions
c:\windows\satmat.exe - A Better Internet
c:\windows\stcloader.exe - 2nd Thought
c:\windows\susp.exe - A Better Internet
c:\windows\swin32.dll - 2nd Thought
c:\windows\updatetc.exe - 180Solutions
c:\windows\voiceip.dll - 2nd Thought
c:\windows\vxddsk.exe - Abebot
c:\windows\wml.exe - Abebot
*******************************
INFECTED COOKIES:
0
*******************************
- NOT FOUND -
*******************************
INFECTED FAVORITES:
0
*******************************
- NOT FOUND -
=========================================
- END OF FILE.
A voir également:
- (ereur fatal) message a l ouverture de lordi
- Recuperer message whatsapp supprimé - Guide
- Message absence thunderbird - Guide
- Epingler un message whatsapp - Accueil - Messagerie instantanée
- Voir message supprimé whatsapp - Guide
- Page d'ouverture google - Guide
6 réponses
Bienvenue sur le forum d’entraide de CommentCaMarche.net
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Nous connaissons votre situation et nous vous conseillons de ne surtout pas vous inquiéter.
De plus, au vu du nombre croissant de désinfections effectuées sur le forum, nous vous demandons un peu de patience et surtout de ne pas créer plusieurs postes pour le même problème.
Merci de votre compréhension.
Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
voila mon log de hijack this
par contre j'ai deja reussi a enlever certains trojans et autres spywares mais il en reste quelqu'uns comme trojan.ADHammer et abebot
Logfile of HijackThis v1.99.1
Scan saved at 17:01:02, on 15/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\Mes documents\emule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: msdn_lib.msdn_hlp - {38847C4B-1AB1-4A47-9026-9A6CF7B43D31} - C:\WINDOWS\system32\msdn_lib.dll
O2 - BHO: sa_ie_monitor.ie_monitor - {4F65D192-327B-41D6-B082-0D2A104D9B73} - C:\Program Files\SpyAway\sa_ie_monitor.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKLM\..\Run: [SpyAway] C:\Program Files\SpyAway\SpyAway.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?843fec450cdc4f9e9f14e75acc02a17c
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?843fec450cdc4f9e9f14e75acc02a17c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
par contre j'ai deja reussi a enlever certains trojans et autres spywares mais il en reste quelqu'uns comme trojan.ADHammer et abebot
Logfile of HijackThis v1.99.1
Scan saved at 17:01:02, on 15/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
D:\Mes documents\emule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.camfrog.com/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.camfrog.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: msdn_lib.msdn_hlp - {38847C4B-1AB1-4A47-9026-9A6CF7B43D31} - C:\WINDOWS\system32\msdn_lib.dll
O2 - BHO: sa_ie_monitor.ie_monitor - {4F65D192-327B-41D6-B082-0D2A104D9B73} - C:\Program Files\SpyAway\sa_ie_monitor.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKLM\..\Run: [SpyAway] C:\Program Files\SpyAway\SpyAway.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Startup: CamTrack.lnk = C:\Program Files\DigitalPeers\CamTrack\camtrack.exe
O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?843fec450cdc4f9e9f14e75acc02a17c
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?843fec450cdc4f9e9f14e75acc02a17c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/2.0.1.14/cfweb_activex.camfrogweb.com-advanced-2.0.1.14_instmodule.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Salut
Tu as le rapport avec les détections?
A+
Tu as le rapport avec les détections?
A+
c bon jai retrouvé le log de detection , le voila
This file was created by SpyAway on 06.16.07 20:22:56
http://spyaway2007.com/
=========================================================================
PRODUCT VERSION:
1.1.9
DATABASE VERSION:
1.0.1.2
SCAN MODE:
Quick Scan
*******************************
INFECTED:
33
=========================================
- DETAILED REPORT.
=========================================
*******************************
INFECTED PROCCESS:
0
*******************************
- NOT FOUND -
*******************************
INFECTED REGISTRY ENTRIES:
0
*******************************
- NOT FOUND -
*******************************
INFECTED FILES:
33
*******************************
c:\windows\saiemod.dll - 180Solutions
c:\windows\didduid.ini - 180Solutions
c:\windows\updatetc.exe - 180Solutions
c:\windows\salm.exe - 180Solutions
c:\windows\180ax.exe - 180Solutions
c:\windows\system32\wer8274.dll - 180Solutions
c:\windows\system32\msixu.dll - 180Solutions
c:\windows\bjam.dll - 2020Search
c:\windows\mspphe.dll - 2020Search
c:\windows\mssvr.exe - 2020Search
c:\windows\bokja.exe - 2nd Thought
c:\windows\cdsm32.dll - 2nd Thought
c:\windows\swin32.dll - 2nd Thought
c:\windows\voiceip.dll - 2nd Thought
c:\windows\stcloader.exe - 2nd Thought
c:\windows\pbar.dll - 4Arcade PBar
c:\windows\764.exe - 764 Dialer
c:\windows\flt.dll - 7FaSSt Search
c:\windows\7search.dll - 7FaSSt Search
c:\windows\satmat.exe - A Better Internet
c:\windows\susp.exe - A Better Internet
c:\windows\wml.exe - Abebot
c:\windows\system32\wml.exe - Abebot
c:\windows\system32\vxddsk.exe - Abebot
c:\windows\vxddsk.exe - Abebot
c:\windows\system32\actbar2.ocx - CustomToolbar
c:\windows\system32\gtv_sd.bin - Trojan.ADHammer
c:\windows\system32\lfd32.ini - Trojan.ADHammer
c:\windows\default.htm - Trojan.ADHammer
c:\windows\system32\fuamfu32.ini - Trojan.ADHammer
c:\windows\system32\msdn_lib.dll - Trojan.ADHammer
c:\windows\system32\msorcl32.exe - Trojan.ADHammer
c:\windows\system32\wmvds32.dll - Trojan.ADHammer
*******************************
INFECTED COOKIES:
0
*******************************
- NOT FOUND -
*******************************
INFECTED FAVORITES:
0
*******************************
- NOT FOUND -
=========================================
- END OF FILE.
This file was created by SpyAway on 06.16.07 20:22:56
http://spyaway2007.com/
=========================================================================
PRODUCT VERSION:
1.1.9
DATABASE VERSION:
1.0.1.2
SCAN MODE:
Quick Scan
*******************************
INFECTED:
33
=========================================
- DETAILED REPORT.
=========================================
*******************************
INFECTED PROCCESS:
0
*******************************
- NOT FOUND -
*******************************
INFECTED REGISTRY ENTRIES:
0
*******************************
- NOT FOUND -
*******************************
INFECTED FILES:
33
*******************************
c:\windows\saiemod.dll - 180Solutions
c:\windows\didduid.ini - 180Solutions
c:\windows\updatetc.exe - 180Solutions
c:\windows\salm.exe - 180Solutions
c:\windows\180ax.exe - 180Solutions
c:\windows\system32\wer8274.dll - 180Solutions
c:\windows\system32\msixu.dll - 180Solutions
c:\windows\bjam.dll - 2020Search
c:\windows\mspphe.dll - 2020Search
c:\windows\mssvr.exe - 2020Search
c:\windows\bokja.exe - 2nd Thought
c:\windows\cdsm32.dll - 2nd Thought
c:\windows\swin32.dll - 2nd Thought
c:\windows\voiceip.dll - 2nd Thought
c:\windows\stcloader.exe - 2nd Thought
c:\windows\pbar.dll - 4Arcade PBar
c:\windows\764.exe - 764 Dialer
c:\windows\flt.dll - 7FaSSt Search
c:\windows\7search.dll - 7FaSSt Search
c:\windows\satmat.exe - A Better Internet
c:\windows\susp.exe - A Better Internet
c:\windows\wml.exe - Abebot
c:\windows\system32\wml.exe - Abebot
c:\windows\system32\vxddsk.exe - Abebot
c:\windows\vxddsk.exe - Abebot
c:\windows\system32\actbar2.ocx - CustomToolbar
c:\windows\system32\gtv_sd.bin - Trojan.ADHammer
c:\windows\system32\lfd32.ini - Trojan.ADHammer
c:\windows\default.htm - Trojan.ADHammer
c:\windows\system32\fuamfu32.ini - Trojan.ADHammer
c:\windows\system32\msdn_lib.dll - Trojan.ADHammer
c:\windows\system32\msorcl32.exe - Trojan.ADHammer
c:\windows\system32\wmvds32.dll - Trojan.ADHammer
*******************************
INFECTED COOKIES:
0
*******************************
- NOT FOUND -
*******************************
INFECTED FAVORITES:
0
*******************************
- NOT FOUND -
=========================================
- END OF FILE.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question