Sujet Précédent Sujet Suivant

Aucun n'a detecter seul panda totalscan

Fermé
Vehement - 25 mars 2008 à 07:41
 Vehement - 28 mars 2008 à 10:41
Bonjour,

Aucun anti virus a deceller l'infection seul panda total scan a trouver se virus les autre non rien detecter.
J'espere pas m'avoir mi dans le petrin car j'ai toute effacer manuelement.
Je reste alors dans l'inquiétude jusqu a votre reponse.
Voici le log panada et l'emplacement des fichiers que jai effacer et si au pire si j'ai effacer des mauvais fichiers
peut-etre avec une reparation window avec le cd sa fixera les domage.Au du moin j'attend votre reponse avec inquiétude.
voici le log Panda

adware/dyfuca Adware Latent Hide + Info
HKEY_CURRENT_USER\Softwar...D-442C-93E3-4A4827C2E4C8}
application/be... Tracking Application Latent Hide + Info
c:\windows\smdat32m.sys
dialer.cn Dialer Latent Hide + Info
HKEY_LOCAL_MACHINE\Softwa...B-4953-A268-1C36DA667FE9}
adware/ist.sid... Adware Latent Hide + Info
HKEY_CURRENT_USER\Softwar...7-4971-9844-4ED8E67DBBB8}
Application/Ki... Tracking Application Latent Hide + Info
C:\hp\bin\KillIt.exe

voici un log highjackthis



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:29:45, on 2008-03-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Documents and Settings\Propriétaire\Bureau\slsk.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\regedit.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.yahoo.com/?p=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] :C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe" /lang en
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: YouTube Uploader.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/insaniquarium/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/bejeweled2/Oberongamesloader.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?326
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - (no file)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 1: (no name) - http://by24fd.bay24.hotmail.msn.com/cgi-bin/getmsg?&msg=MSG1167695450.5&start=142428&len=1834007&mimepart=3&curmbox=F000000001&a=f059353e32d0954d09e9613222b5813ba124d3f244ababecaa74e1c5e8bbbe7d&vscan=scan
A voir également:

8 réponses

Réponse 1 / 8
Utilisateur anonyme
25 mars 2008 à 08:05
Télécharger smitfraudfix sur ton bureau et démare en mode sans échec habituellement en appuyant sur F8 ou F10 dépendament des ordinateurs et lance le programme e clicquand sur smitfraudfix


SmitFraudFix

Si tu as Spybot et ad Aware 2007 tu peux aussi faire une nettoyage
0
Réponse 2 / 8
Vehement
25 mars 2008 à 08:23
resalut,
non spybot ne detect rien seulement des cookie qui revienne constamenet chaque jour.
j'ai remarquer que dans mes favori toute les link avais disparu et je ne peux plus adder rien dans mes favori.
alors jy vais avec smitfraud en mode sans echec jimagine que je doit desactiver la restoration system pendant le scan.j'avais eu des probleme avec mon ancien pc et smitfraud pouvais seulement scanner en mode normal et non en mode sans echec esperon que jpourrai scanner en mode sans echec.alors je suis tes conseilles a la lettre,j'y vais avec smitfraud et jte poste le log avec un new log highjackthis.

a tout suite

Vehement
0
Réponse 3 / 8
Vehement
25 mars 2008 à 08:38
voici les log demander

SmitFraudFix v2.200

Rapport fait à 3:29:59,12, 2008-03-25
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{1887CDD9-FD05-43D4-B4B3-37F5C7781591}: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1887CDD9-FD05-43D4-B4B3-37F5C7781591}: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1887CDD9-FD05-43D4-B4B3-37F5C7781591}: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=142.169.1.16 199.84.242.22


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin




log highjackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:38:04, on 2008-03-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\ManifestEngine.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] :C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe" /lang en
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: YouTube Uploader.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/insaniquarium/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/bejeweled2/Oberongamesloader.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?326
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - (no file)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 4 / 8
Utilisateur anonyme
25 mars 2008 à 08:44
as tu fait le nettoyage avec loption 2 et l'option 3 ????
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
Vehement
25 mars 2008 à 09:13
maintenant oui jai fais1 apres 2 apres 3 et jai refais 2 pour reavoir le log

SmitFraudFix v2.200

Rapport fait à 4:07:05,03, 2008-03-25
Executé à partir de C:\Documents and Settings\Propri‚taire\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{1887CDD9-FD05-43D4-B4B3-37F5C7781591}: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS1\Services\Tcpip\..\{1887CDD9-FD05-43D4-B4B3-37F5C7781591}: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS2\Services\Tcpip\..\{1887CDD9-FD05-43D4-B4B3-37F5C7781591}: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=142.169.1.16 199.84.242.22
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=142.169.1.16 199.84.242.22


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

highjackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:13:08, on 2008-03-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr-ca\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] :C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -i
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe" /lang en
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: YouTube Uploader.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - https://www.f-secure.com/en/home/support
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/insaniquarium/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/bejeweled2/Oberongamesloader.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/fr/check/qdiagh.cab?326
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Unknown owner - (no file)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 6 / 8
Vehement
25 mars 2008 à 09:52
voici un log resident spybot qui aidera p-t a comprendre les intrusion de mon ordi.
dsl pour le tmp j obtien a 75% toujours des page d erreur quand j'ouvre une page web et pour les favori se regler apres le reboot toute es redevenu a la normal.
et jautrais une question hors propos,es ce qu il existe un program ou autre pour blocker les port d un ordi a part qu un routeur?

((info HTTP: Connexion réussie à www.microsoft.com.
warn FTP (passif): Erreur 12029 lors de la connexion à ftp.microsoft.com : A connection with the server could not be established
info HTTPS: Connexion réussie à www.microsoft.com.
warn FTP (actif): Erreur 12029 lors de la connexion à ftp.microsoft.com : A connection with the server could not be established
error Impossible d'établir une connexion FTP.
info Redirection de l'utilisateur vers l'appel d'aide ))

((warn FTP (passif): Erreur 12029 lors de la connexion à ftp.microsoft.com : A connection with the server could not be established
warn FTP (actif): Erreur 12029 lors de la connexion à ftp.microsoft.com : A connection with the server could not be established
warn HTTPS: Erreur 12029 lors de la connexion à www.passport.net : A connection with the server could not be established
warn HTTPS: Erreur 12002 lors de la connexion à www.microsoft.com : The operation timed out
info HTTP: Connexion réussie à www.microsoft.com.
error Impossible d'établir une connexion HTTPS.
error Impossible d'établir une connexion FTP. ))


voici le log

2008-02-14 18:44:04 Autorisé(e) (based on user decision) value "QuickTime Task" (new data: "") supprimé(e) in System Startup global entry!
2008-02-29 17:11:40 Refusé(e) (based on user decision) value "Workflow" (new data: "E:\Install\Workflow.exe") ajouté(e) in System Startup global entry!
2008-02-29 17:15:32 Autorisé(e) (based on user decision) value "Start Page" (new data: "http://www.globetrotter.net") modifié(e) in Browser page!
2008-02-29 17:27:01 Autorisé(e) (based on user decision) value "*Restore" (new data: "C:\WINDOWS\system32\restore\rstrui.exe -i") ajouté(e) in System Startup global entry!
2008-03-14 16:58:15 Refusé(e) (based on user decision) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-15 01:20:09 Refusé(e) (based on user decision) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-15 01:29:37 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-15 17:38:31 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-17 13:19:45 Autorisé(e) (based on user decision) value "{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}" (new data: "") ajouté(e) in ActiveX Distribution Unit!
2008-03-18 03:48:36 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 10:56:28 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:41:51 Autorisé(e) (based on user decision) value "updateMgr" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:52 Autorisé(e) (based on user decision) value "swg" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:53 Autorisé(e) (based on user decision) value "OE" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:53 Autorisé(e) (based on user decision) value "NVIEW" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:54 Autorisé(e) (based on user decision) value "LogitechSoftwareUpdate" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:54 Autorisé(e) (based on user decision) value "LDM" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:55 Autorisé(e) (based on user decision) value "Yahoo! Pager" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:41:55 Autorisé(e) (based on user decision) value "UpdateManager" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:41:56 Autorisé(e) (based on user decision) value "UfSeAgnt.exe" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:41:57 Autorisé(e) (based on user decision) value "SpywareTerminator" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:41:57 Autorisé(e) (based on user decision) value "Recguard" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:41:58 Autorisé(e) (based on user decision) value "NeroFilterCheck" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:41:59 Autorisé(e) (based on user decision) value "KBD" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:42:00 Autorisé(e) (based on user decision) value "AlcxMonitor" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:42:00 Autorisé(e) (based on user decision) value "avast!" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:42:01 Autorisé(e) (based on user decision) value "LVCOMSX" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:42:02 Autorisé(e) (based on user decision) value "LogitechVideoRepair" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:42:02 Autorisé(e) (based on user decision) value "LogitechVideoTray" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:42:14 Autorisé(e) (based on user decision) value "MSConfig" (new data: "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto") ajouté(e) in System Startup global entry!
2008-03-18 11:46:41 Autorisé(e) (based on user decision) value "MSConfig" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:46:41 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:52:20 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:53:48 Autorisé(e) (based on user decision) value "ctfmon.exe" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:53:49 Autorisé(e) (based on user decision) value "SpybotSD TeaTimer" (new data: "") supprimé(e) in System Startup user entry!
2008-03-18 11:53:50 Autorisé(e) (based on user decision) value "ZoneAlarm Client" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:53:52 Autorisé(e) (based on user decision) value "SunJavaUpdateSched" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:53:55 Autorisé(e) (based on user decision) value "igfxtray" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:53:55 Autorisé(e) (based on user decision) value "igfxpers" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:53:56 Autorisé(e) (based on user decision) value "igfxhkcmd" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:53:56 Autorisé(e) (based on user decision) value "hpsysdrv" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 11:54:09 Autorisé(e) (based on user decision) value "MSConfig" (new data: "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto") ajouté(e) in System Startup global entry!
2008-03-18 12:13:25 Autorisé(e) (based on user decision) value "ctfmon.exe" (new data: "C:\WINDOWS\system32\ctfmon.exe") ajouté(e) in System Startup user entry!
2008-03-18 12:13:28 Autorisé(e) (based on user decision) value "updateMgr" (new data: "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9") ajouté(e) in System Startup user entry!
2008-03-18 12:13:29 Autorisé(e) (based on user decision) value "SpybotSD TeaTimer" (new data: "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe") ajouté(e) in System Startup user entry!
2008-03-18 12:13:31 Autorisé(e) (based on user decision) value "Yahoo! Pager" (new data: ""C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet") ajouté(e) in System Startup user entry!
2008-03-18 12:13:31 Autorisé(e) (based on user decision) value "swg" (new data: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe") ajouté(e) in System Startup user entry!
2008-03-18 12:13:31 Autorisé(e) (based on user decision) value "OE" (new data: ""C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"") ajouté(e) in System Startup user entry!
2008-03-18 12:13:33 Autorisé(e) (based on user decision) value "NVIEW" (new data: "rundll32.exe nview.dll,nViewLoadHook") ajouté(e) in System Startup user entry!
2008-03-18 12:13:33 Autorisé(e) (based on user decision) value "LogitechSoftwareUpdate" (new data: ""C:\Program Files\Logitech\Video\ManifestEngine.exe" boot") ajouté(e) in System Startup user entry!
2008-03-18 12:13:34 Autorisé(e) (based on user decision) value "LDM" (new data: "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe") ajouté(e) in System Startup user entry!
2008-03-18 12:13:34 Autorisé(e) (based on user decision) value "ZoneAlarm Client" (new data: ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"") ajouté(e) in System Startup global entry!
2008-03-18 12:13:38 Autorisé(e) (based on user decision) value "Recguard" (new data: "C:\WINDOWS\SMINST\RECGUARD.EXE") ajouté(e) in System Startup global entry!
2008-03-18 12:13:40 Autorisé(e) (based on user decision) value "LVCOMSX" (new data: "C:\WINDOWS\system32\LVCOMSX.EXE") ajouté(e) in System Startup global entry!
2008-03-18 12:13:40 Autorisé(e) (based on user decision) value "igfxtray" (new data: "C:\WINDOWS\system32\igfxtray.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:41 Autorisé(e) (based on user decision) value "igfxpers" (new data: "C:\WINDOWS\system32\igfxpers.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:42 Autorisé(e) (based on user decision) value "igfxhkcmd" (new data: "C:\WINDOWS\system32\hkcmd.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:42 Autorisé(e) (based on user decision) value "hpsysdrv" (new data: "c:\windows\system\hpsysdrv.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:43 Autorisé(e) (based on user decision) value "avast!" (new data: "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:43 Autorisé(e) (based on user decision) value "UpdateManager" (new data: ""C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r") ajouté(e) in System Startup global entry!
2008-03-18 12:13:44 Autorisé(e) (based on user decision) value "UfSeAgnt.exe" (new data: ""C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"") ajouté(e) in System Startup global entry!
2008-03-18 12:13:45 Autorisé(e) (based on user decision) value "SunJavaUpdateSched" (new data: ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"") ajouté(e) in System Startup global entry!
2008-03-18 12:13:45 Autorisé(e) (based on user decision) value "SpywareTerminator" (new data: ""C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"") ajouté(e) in System Startup global entry!
2008-03-18 12:13:46 Autorisé(e) (based on user decision) value "NeroFilterCheck" (new data: "C:\WINDOWS\system32\NeroCheck.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:46 Autorisé(e) (based on user decision) value "LogitechVideoTray" (new data: "C:\Program Files\Logitech\Video\LogiTray.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:47 Autorisé(e) (based on user decision) value "LogitechVideoRepair" (new data: "C:\Program Files\Logitech\Video\ISStart.exe") ajouté(e) in System Startup global entry!
2008-03-18 12:13:48 Autorisé(e) (based on user decision) value "KBD" (new data: "C:\HP\KBD\KBD.EXE") ajouté(e) in System Startup global entry!
2008-03-18 12:13:48 Autorisé(e) (based on user decision) value "AlcxMonitor" (new data: "ALCXMNTR.EXE") ajouté(e) in System Startup global entry!
2008-03-18 12:13:49 Autorisé(e) (based on user decision) value "MSConfig" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 12:13:49 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 12:17:36 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 14:38:37 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 14:45:03 Autorisé(e) (based on user decision) value "{512FC5A1-7DE1-43F1-BC0C-371622FCB409}" (new data: "") ajouté(e) in ActiveX Distribution Unit!
2008-03-18 14:52:08 Autorisé(e) (based on user decision) value "{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}" (new data: "") ajouté(e) in ActiveX Distribution Unit!
2008-03-18 18:02:20 Autorisé(e) (based on user decision) value "Search Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") modifié(e) in Browser page!
2008-03-18 18:02:21 Autorisé(e) (based on user decision) value "Search Page" (new data: "") supprimé(e) in Browser page!
2008-03-18 18:02:23 Autorisé(e) (based on user decision) value "Start Page" (new data: "") supprimé(e) in Browser page!
2008-03-18 18:02:25 Autorisé(e) (based on user decision) value "Default_Search_URL" (new data: "") supprimé(e) in Browser page!
2008-03-18 18:02:29 Autorisé(e) (based on user decision) value "Search Page" (new data: "") supprimé(e) in Browser page!
2008-03-18 23:34:57 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 23:37:33 Autorisé(e) (based on user decision) value "avast!" (new data: "") supprimé(e) in System Startup global entry!
2008-03-18 23:40:57 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-19 00:28:01 Autorisé(e) (based on user decision) value "ctfmon.exe" (new data: "") supprimé(e) in System Startup user entry!
2008-03-19 00:28:02 Autorisé(e) (based on user decision) value "OE" (new data: "") supprimé(e) in System Startup user entry!
2008-03-19 00:28:03 Autorisé(e) (based on user decision) value "UfSeAgnt.exe" (new data: "") supprimé(e) in System Startup global entry!
2008-03-19 00:28:03 Autorisé(e) (based on user decision) value "NeroFilterCheck" (new data: "") supprimé(e) in System Startup global entry!
2008-03-19 00:28:04 Autorisé(e) (based on user decision) value "KBD" (new data: "") supprimé(e) in System Startup global entry!
2008-03-19 00:28:16 Autorisé(e) (based on user decision) value "MSConfig" (new data: "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto") ajouté(e) in System Startup global entry!
2008-03-19 00:31:52 Autorisé(e) (based on user decision) value "ctfmon.exe" (new data: "C:\WINDOWS\system32\ctfmon.exe") ajouté(e) in System Startup user entry!
2008-03-19 00:32:00 Autorisé(e) (based on user decision) value "MSConfig" (new data: "") supprimé(e) in System Startup global entry!
2008-03-19 00:32:00 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-20 13:48:03 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-20 14:44:24 Refusé(e) (based on user decision) value "SpywareTerminator" (new data: "") supprimé(e) in System Startup global entry!
2008-03-20 14:47:48 Autorisé(e) (based on user decision) value "SpywareTerminator" (new data: "") supprimé(e) in System Startup global entry!
2008-03-22 15:33:17 Autorisé(e) (based on user decision) value "{512FC5A1-7DE1-43F1-BC0C-371622FCB409}" (new data: "") supprimé(e) in ActiveX Distribution Unit!
2008-03-24 02:12:46 Autorisé(e) (based on user decision) value "Orb" (new data: ""C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background") ajouté(e) in System Startup user entry!
2008-03-24 02:13:17 Autorisé(e) (based on user decision) value "{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}" (new data: "Winamp Toolbar") ajouté(e) in Global browser toolbar!
2008-03-24 02:13:19 Autorisé(e) (based on user decision) value "{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}" (new data: "") ajouté(e) in Browser Helper Object!
2008-03-24 02:13:20 Autorisé(e) (based on user decision) value "&Winamp Toolbar Search" (new data: "") ajouté(e) in Browser menu extension!
2008-03-24 02:14:49 Autorisé(e) (based on user decision) value "WinampAgent" (new data: ""C:\Program Files\Winamp\winampa.exe"") ajouté(e) in System Startup global entry!
2008-03-24 02:39:44 Refusé(e) (based on user decision) value "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (new data: "hex:02,BA,F2,EB,94,90,5A,4C,85,8B,BB,19,8F,3D,8D,E2") ajouté(e) in User-specific browser toolbar!
2008-03-24 03:34:20 Refusé(e) (based on user decision) value "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (new data: "hex:02,BA,F2,EB,94,90,5A,4C,85,8B,BB,19,8F,3D,8D,E2") ajouté(e) in User-specific browser toolbar!
2008-03-24 05:09:43 Refusé(e) (based on user decision) value "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (new data: "hex:02,BA,F2,EB,94,90,5A,4C,85,8B,BB,19,8F,3D,8D,E2") ajouté(e) in User-specific browser toolbar!
2008-03-24 05:11:41 Autorisé(e) (based on user decision) value "AlcxMonitor" (new data: ":ALCXMNTR.EXE") modifié(e) in System Startup global entry!
2008-03-24 05:12:09 Autorisé(e) (based on user decision) value "AlcxMonitor" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 05:20:09 Autorisé(e) (based on user decision) value "hpsysdrv" (new data: ":c:\windows\system\hpsysdrv.exe") modifié(e) in System Startup global entry!
2008-03-24 05:20:17 Autorisé(e) (based on user decision) value "hpsysdrv" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 05:24:23 Autorisé(e) (based on user decision) value "igfxhkcmd" (new data: ":C:\WINDOWS\system32\hkcmd.exe") modifié(e) in System Startup global entry!
2008-03-24 06:56:52 Refusé(e) (based on user decision) value "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (new data: "hex:02,BA,F2,EB,94,90,5A,4C,85,8B,BB,19,8F,3D,8D,E2") ajouté(e) in User-specific browser toolbar!
2008-03-24 07:17:17 Autorisé(e) (based on user decision) value "Uniblue RegistryBooster 2" (new data: "C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S") ajouté(e) in System Startup user entry!
2008-03-24 07:40:43 Refusé(e) (based on user blacklist) value "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}" (new data: "hex:02,BA,F2,EB,94,90,5A,4C,85,8B,BB,19,8F,3D,8D,E2") ajouté(e) in User-specific browser toolbar!
2008-03-24 07:56:31 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:00:01 Autorisé(e) (based on user decision) value "Orb" (new data: "") supprimé(e) in System Startup user entry!
2008-03-24 08:00:16 Autorisé(e) (based on user decision) value "{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}" (new data: "") supprimé(e) in Global browser toolbar!
2008-03-24 08:00:18 Autorisé(e) (based on user decision) value "{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}" (new data: "") supprimé(e) in Browser Helper Object!
2008-03-24 08:00:19 Autorisé(e) (based on user decision) value "&Winamp Toolbar Search" (new data: "") supprimé(e) in Browser menu extension!
2008-03-24 08:14:53 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:23:00 Autorisé(e) (based on user decision) value "Yahoo! Pager" (new data: "") supprimé(e) in System Startup user entry!
2008-03-24 08:23:01 Autorisé(e) (based on user decision) value "MSConfig" (new data: "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto") ajouté(e) in System Startup global entry!
2008-03-24 08:23:01 Autorisé(e) (based on user decision) value "UpdateManager" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:23:02 Autorisé(e) (based on user decision) value "WinampAgent" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:26:17 Autorisé(e) (based on user decision) value "MSConfig" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:26:18 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:30:35 Autorisé(e) (based on user decision) value "MSConfig" (new data: "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto") ajouté(e) in System Startup global entry!
2008-03-24 08:33:20 Autorisé(e) (based on user whitelist) value "MSConfig" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 08:33:21 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 10:46:20 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-24 11:45:43 Autorisé(e) (based on user decision) value "Google Update" (new data: ""C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.0.103.3\GoogleUpdate.exe"") ajouté(e) in System Startup user entry!
2008-03-24 11:47:14 Autorisé(e) (based on user decision) value "Google Update" (new data: ""C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Update\1.1.17.0\GoogleUpdate.exe" /lang en") modifié(e) in System Startup user entry!
2008-03-24 18:40:42 Autorisé(e) (based on user decision) value "{512FC5A1-7DE1-43F1-BC0C-371622FCB409}" (new data: "") ajouté(e) in ActiveX Distribution Unit!
2008-03-24 18:44:53 Autorisé(e) (based on user decision) value "{8436FE12-31DB-48BF-83BF-FE682F9160B4}" (new data: "") ajouté(e) in ActiveX Distribution Unit!
2008-03-24 19:00:35 Autorisé(e) (based on user decision) value "{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}" (new data: "") ajouté(e) in ActiveX Distribution Unit!
2008-03-25 02:00:39 Autorisé(e) (based on user decision) value "{511F9316-771B-4953-A268-1C36DA667FE9}" (new data: "") supprimé(e) in ActiveX Distribution Unit!
2008-03-25 03:35:28 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-25 03:35:42 Refusé(e) (based on user decision) value "Local Page" (new data: "C:\windows\system32\blank.htm") modifié(e) in Browser page!
2008-03-25 03:35:45 Refusé(e) (based on user decision) value "Search Bar" (new data: "") supprimé(e) in Browser page!
2008-03-25 03:35:47 Refusé(e) (based on user decision) value "Search Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") ajouté(e) in Browser page!
2008-03-25 03:35:49 Refusé(e) (based on user decision) value "Local Page" (new data: "C:\windows\system32\blank.htm") modifié(e) in Browser page!
2008-03-25 03:35:51 Refusé(e) (based on user decision) value "Search Bar" (new data: "") supprimé(e) in Browser page!
2008-03-25 03:35:52 Refusé(e) (based on user decision) value "Search Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") ajouté(e) in Browser page!
2008-03-25 03:35:53 Refusé(e) (based on user decision) value "Default_Page_URL" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome") modifié(e) in Browser page!
2008-03-25 03:35:55 Refusé(e) (based on user decision) value "Start Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home") ajouté(e) in Browser page!
2008-03-25 03:35:56 Refusé(e) (based on user decision) value "Default_Search_URL" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") ajouté(e) in Browser page!
2008-03-25 04:10:31 Refusé(e) (based on user blacklist) value "*Restore" (new data: "") supprimé(e) in System Startup global entry!
2008-03-25 04:10:54 Autorisé(e) (based on user decision) value "Local Page" (new data: "C:\windows\system32\blank.htm") modifié(e) in Browser page!
2008-03-25 04:10:55 Autorisé(e) (based on user decision) value "Search Bar" (new data: "") supprimé(e) in Browser page!
2008-03-25 04:10:55 Autorisé(e) (based on user decision) value "Search Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") ajouté(e) in Browser page!
2008-03-25 04:10:56 Autorisé(e) (based on user decision) value "Local Page" (new data: "C:\windows\system32\blank.htm") modifié(e) in Browser page!
2008-03-25 04:10:56 Autorisé(e) (based on user decision) value "Search Bar" (new data: "") supprimé(e) in Browser page!
2008-03-25 04:10:57 Autorisé(e) (based on user decision) value "Search Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") ajouté(e) in Browser page!
2008-03-25 04:10:58 Autorisé(e) (based on user decision) value "Default_Page_URL" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome") modifié(e) in Browser page!
2008-03-25 04:10:58 Autorisé(e) (based on user decision) value "Start Page" (new data: "http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home") ajouté(e) in Browser page!
2008-03-25 04:10:59 Autorisé(e) (based on user decision) value "Default_Search_URL" (new data: "http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch") ajouté(e) in Browser page!


en attente de votre reponse

Vehement
0
Réponse 7 / 8
Utilisateur anonyme
25 mars 2008 à 20:08
Honnêtement je crosi que c,est une perte de temps le log cest beaucoup trop long a lire donc tu devrais seulement te fier au programme lancer le nettoyage ........Si L'anti virus ne détect plus rien ....Spybot et Ad-aware on été lancer,,, ensuite que tu as nettoyer ton registre avec un programme genre ccleaner ta encore des problème c,est peut etre que tu es du pour réinstaller ton xp. Si tu sauvegarde tes données sur une deuxième partition alors c,est encore mieux .....
tips....... Ce que je fais c,est que j'ai une partition et je change le chemin d'acces de Mes Document dans Propriété. Je lui donne d:/Mes Documents donc tout ce que je met dans mes documents Music, vidéos, images documents personel. fichiers partagé ce retrouve automatiquement dans mon disque D donc en cas de probleme je me casse pas la tête je réinstalle j'ai toujours mon Backup
0
Réponse 8 / 8
Vehement
28 mars 2008 à 10:41
resalut:)
ouais jimagine que cest un mechant casse tete lire se log hehe mais mtn mon pc me semble clean mais il me reste un assez gros probleme,la memoire vive se consomme trop,jai pratiquement rien d ouvert et la memoire vive es a 80
5utiliser,aurais til un moyen de verifier si toute es normal de ce coter ou existe til un program pour scanner la memoire vive ?
j'ai ete chercher le trial panda 2008 et voici le log de ce qu il ma nettoyer:)

Rapport des incidents de Panda Antivirus 2008

EVENEMENT DATE RESULTAT INFORMATIONS SUPPLEMENTAIRES
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:16:05 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[2].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:16:05 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[1].txt
Logiciel espion détecté : Cookie/Doubleclick 27/03/08 17:15:55 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@doubleclick[2].txt
Logiciel espion détecté : Cookie/Doubleclick 27/03/08 17:15:54 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@doubleclick[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:15:51 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:15:51 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[2].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:15:51 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@bs.serving-sys[1].txt
Logiciel espion détecté : Cookie/Tribalfusion 27/03/08 17:15:50 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@tribalfusion[1].txt
Logiciel espion détecté : Cookie/Tribalfusion 27/03/08 17:15:18 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@tribalfusion[1].txt
Logiciel espion détecté : Cookie/Doubleclick 27/03/08 17:15:13 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@doubleclick[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:15:10 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@bs.serving-sys[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:15:10 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[2].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:15:10 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[1].txt
Logiciel espion détecté : Cookie/Tribalfusion 27/03/08 17:15:08 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@tribalfusion[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:14:28 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@bs.serving-sys[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:14:28 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:14:28 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[2].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:13:50 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@bs.serving-sys[1].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:13:50 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[2].txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:13:50 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@canypvru.txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 17:13:49 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@serving-sys[1].txt
Logiciel espion détecté : Cookie/Tribalfusion 27/03/08 17:13:49 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@tribalfusion[1].txt
Logiciel espion détecté : Cookie/Tribalfusion 27/03/08 17:13:37 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@tribalfusion[1].txt
Logiciel espion détecté : Cookie/YieldManager 27/03/08 17:12:35 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@ad.yieldmanager[1].txt
Logiciel espion détecté : Cookie/YieldManager 27/03/08 17:11:54 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@ad.yieldmanager[1].txt
Logiciel espion détecté : Cookie/YieldManager 27/03/08 17:11:54 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@ad.yieldmanager[2].txt
Fin de l'analyse 27/03/08 17:11:49 Analyse : Tout mon PC
Logiciel espion détecté : Cookie/adultfriendfinder 27/03/08 17:02:29 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@adultfriendfinder[1].txt
Logiciel espion détecté : Cookie/adultfriendfinder 27/03/08 17:02:29 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@adultfriendfinder[2].txt
Logiciel espion détecté : Cookie/Yadro 27/03/08 16:59:24 Eliminé Emplacement : c:\documents and settings\propriétaire\cookies\propriétaire@yadro[2].txt
Logiciel espion détecté : Cookie/Smartadserver 27/03/08 16:41:30 Eliminé Emplacement : C:\RECYCLER\S-1-5-21-2503771611-808719488-2511317254-1003\Dc1973.txt
Logiciel espion détecté : Cookie/Yadro 27/03/08 16:41:30 Eliminé Emplacement : C:\RECYCLER\S-1-5-21-2503771611-808719488-2511317254-1003\Dc1980.txt
Logiciel espion détecté : Cookie/YieldManager 27/03/08 16:41:30 Eliminé Emplacement : C:\RECYCLER\S-1-5-21-2503771611-808719488-2511317254-1003\Dc1944.txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 16:41:30 Eliminé Emplacement : C:\RECYCLER\S-1-5-21-2503771611-808719488-2511317254-1003\Dc1972.txt
Logiciel espion détecté : Cookie/Atlas DMT 27/03/08 16:41:30 Eliminé Emplacement : C:\RECYCLER\S-1-5-21-2503771611-808719488-2511317254-1003\Dc1949.txt
Logiciel espion détecté : Cookie/Serving-sys 27/03/08 16:41:30 Eliminé Emplacement : C:\RECYCLER\S-1-5-21-2503771611-808719488-2511317254-1003\Dc1950.txt
Début de l'analyse 27/03/08 15:54:24 Analyse : Tout mon PC
Programme de surveillance détecté : Application/SuperFast 27/03/08 15:12:19 Eliminé Emplacement : C:\Documents and Settings\Propriétaire\Bureau\SmitfraudFix\restart.exe
Programme de surveillance détecté : Application/Processor 27/03/08 15:12:18 Eliminé Emplacement : C:\Documents and Settings\Propriétaire\Bureau\SmitfraudFix\Process.exe
Logiciel publicitaire détecté : adware/ist.sidefind 27/03/08 15:00:26 Eliminé Emplacement : HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}
Numéroteur détecté : dialer.cn 27/03/08 15:00:10 Eliminé Emplacement : HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{511F9316-771B-4953-A268-1C36DA667FE9}
Mise à jour 27/03/08 14:56:44 Correcte Signatures de menaces
Virus détecté : Trj/Rebooter.J 27/03/08 14:56:33 Désinfecté Emplacement : C:\Documents and Settings\Propriétaire\Bureau\SmitfraudFix.exe
Mise à jour 27/03/08 14:56:01 Correcte Nouvelles signatures de menaces : 21726
Virus détecté : Trj/Rebooter.J 27/03/08 14:55:47 Désinfecté Emplacement : C:\Documents and Settings\Propriétaire\Application Data\Uniblue\SpyEraser\Quarantine\Riskware-P2P.Reboot.f_27_03_2008_13_36_00.asq41
Virus détecté : Trj/Rebooter.J 27/03/08 14:55:46 Désinfecté Emplacement : C:\Documents and Settings\Propriétaire\Application Data\Uniblue\SpyEraser\Quarantine\Riskware-P2P.Reboot.f_27_03_2008_06_45_57.asq6729
Virus détecté : 27/03/08 14:55:39 Désinfecté Emplacement : C:\Documents and Settings\Propriétaire\Application Data\Uniblue\SpyEraser\Quarantine\Cookie.Tracking-Cookie_27_03_2008_06_45_40.asq18467
Logiciel espion détecté : Cookie/Smartadserver 27/03/08 14:55:34 Eliminé Emplacement : C:\Documents and Settings\Propriétaire\Application Data\Uniblue\SpyEraser\Quarantine\Cookie.SmartAdServer.com_27_03_2008_06_45_40.asq26500
Début de l'analyse 27/03/08 14:47:14 Analyse : Tout mon PC
alors ma derniere question serais a propos de la memoire vive,si il existe un program pour vider la memoire ou scanner ou quelque chose comme sa.

merci de ton aide :)

Vehement
0

Discussions similaires

Installation Win10 - Aucun pilote de périphérique signé n’a été trouvé
telsa7200 -
Rudobiku -

26 réponses
Un seul de mes écouteurs marche. Que faire ?
VM_417 -
vali54 -

4 réponses
je veut créer des codes
jonkiller -
Nhhi -

20 réponses
Faire fonctionner 2 TV avec 1 seul décodeur
valionne -
papy-ion -

5 réponses
Outlook s'ouvre tout seul
Mezann -
Mezann -

10 réponses