Cochonneries à virer

Résolu/Fermé
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 - 25 avril 2008 à 15:13
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 - 10 mai 2008 à 17:40
Salut à tous,

J'ai depuis hier, des fenêtrs IE qui s'ouvrent toutes seules du style :
"http://82.98.235.210/go//?cmp=vm_cmp793_xt&uid=23B2721C10AC11DDBC8D152174CFFFFF&guid=2079DCEE13EF4885BC772E7672A02413&affid=152174&rid=ggthnks&lid=http" avec comme titre "HHTP 404 non trouvé"
ou encore "http://85.12.43.98/www/delivery/afr.php?n=a7b11b84&zoneid=59" "Advertissement Windows IE " vide
ou des pubs de jeux, "http://www.cotedazurpalace.com/lnd/fr/?lnd_index=p200g500b800".
De plus, mon pc rame et plante. Je dirais même qu'il déconne sérieux, là, par exemple, il oublie des lettres ou ne met pas les espaces !
J'ai vraiment besoin d'un docteur ;)
Si quelqu'un peut m'aider, je sais à quel point c'est long et pénible de faire un nettoyage mais je vous remercie d'avance car toute seule,e ne sais pas par où ommencer.
J'ai, évidemment, fait tous les scans habituels (Avast, CCleaner, Spybot, AdAware) qui n'ont rien trouvé.
AVG est en train de chercher, je vous dis "quoi", lol
Je lancerai donc à Hijackthis après et je vous poste ça.
à tout'

9 réponses

Ajbol Messages postés 3015 Date d'inscription jeudi 16 novembre 2006 Statut Membre Dernière intervention 23 janvier 2012 403
25 avril 2008 à 15:17
Kit de désinfection :

1 : Désinstalle ton antivirus actuel
2 : Télécharge Antivir, mets à jour et scanne ton système.
Tutorial FR : http://www.tutopat.com/viewtopic.php?t=2417 ou bien https://www.malekal.com/avira-free-security-antivirus-gratuit/ ou bien http://speedweb1.free.fr/frames2.php?page=tuto5
3 : Télécharge Adaware, Spybot
4 : Mets chacun de ces logiciels à jour et fais les tourner sur l’entièreté du disque dur
5 : Télécharge Ccleaner
Tutorial FR : http://www.internetmonitor.lu/download/ccleaner_27082006.pdf

6 : Reviens nous donner des nouvelles.

Pourquoi Antivir et pas Avast : http://forum.malekal.com/ftopic3528.php
1
Bonjour,


J'ai exactement le même problème que la personne précédente, de plus mes navigateurs sont bloqués par exemple quand je tape un truc a cherché sur google ( sur ie ou opéra) il reste a la page de recherche et charge charge charge...sans trouver, c'est dépriment....

A l'aide :)
0
Ajbol Messages postés 3015 Date d'inscription jeudi 16 novembre 2006 Statut Membre Dernière intervention 23 janvier 2012 403
25 avril 2008 à 15:20
Ben, essaie les mêmes remèdes...
0
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 12
25 avril 2008 à 15:37
Ok, merci Ajbol, j'y cours !
à plus
0
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 12
25 avril 2008 à 18:30
Bon bah voilà, qu'en penses-tu?



AntiVir PersonalEdition Classic
Report file date: vendredi 25 avril 2008 15:36

Scanning for 740715 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: Owen & Ethan
Computer name: GOLLUM

Version information:
BUILD.DAT : 248 14437 Bytes 31/05/2007 16:59:00
AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
ANTIVIR1.VDF : 6.37.1.151 4303360 Bytes 23/02/2007 13:09:01
ANTIVIR2.VDF : 6.38.0.214 729600 Bytes 12/04/2007 13:09:02
ANTIVIR3.VDF : 6.38.0.225 50688 Bytes 16/04/2007 13:09:02
AVEWIN32.DLL : 7.4.0.12 2404864 Bytes 13/04/2007 13:04:24
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.8 360488 Bytes 27/03/2007 07:48:28
AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 25 avril 2008 15:36

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '0' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '0' Module(s) have been scanned
Scan process 'avguard.exe' - '0' Module(s) have been scanned
Scan process 'sched.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'VSSVC.exe' - '0' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'ieuser.exe' - '1' Module(s) have been scanned
Scan process 'ashSimpl.exe' - '0' Module(s) have been scanned
Scan process 'avgwb.dat' - '1' Module(s) have been scanned
Scan process 'Ad-Aware2007.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '0' Module(s) have been scanned
Scan process 'HPHC_Service.exe' - '0' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHid.exe' - '1' Module(s) have been scanned
Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '0' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'avgcc.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'WebCam10.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'schtasks.exe' - '1' Module(s) have been scanned
Scan process 'jureg.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned
Scan process 'OSD.exe' - '1' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '0' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'TosBtSrv.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'NBService.exe' - '0' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '0' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '0' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'avgemc.exe' - '0' Module(s) have been scanned
Scan process 'avgrssvc.exe' - '0' Module(s) have been scanned
Scan process 'avgrssvc.exe' - '0' Module(s) have been scanned
Scan process 'avgupsvc.exe' - '0' Module(s) have been scanned
Scan process 'avgamsvr.exe' - '0' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
Scan process 'ashServ.exe' - '0' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '0' Module(s) have been scanned
Scan process 'aawservice.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'winlogon.exe' - '0' Module(s) have been scanned
Scan process 'SLsvc.exe' - '0' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'lsm.exe' - '0' Module(s) have been scanned
Scan process 'lsass.exe' - '0' Module(s) have been scanned
Scan process 'services.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'wininit.exe' - '0' Module(s) have been scanned
Scan process 'csrss.exe' - '0' Module(s) have been scanned
Scan process 'smss.exe' - '0' Module(s) have been scanned
34 processes with 34 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0005
[NOTE] Please restart the search with Administrator rights
Boot sector 'D:\'
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0005
[NOTE] Please restart the search with Administrator rights
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '28' files ).


Starting the file scan:

Begin scan in 'C:\' <HP>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\amstream.dll
[WARNING] The file could not be opened!
C:\Program Files\d3d8.dll
[WARNING] The file could not be opened!
C:\Program Files\d3d9.dll
[WARNING] The file could not be opened!
C:\Program Files\d3dim.dll
[WARNING] The file could not be opened!
C:\Program Files\d3dim700.dll
[WARNING] The file could not be opened!
C:\Program Files\d3dpmesh.dll
[WARNING] The file could not be opened!
C:\Program Files\d3dramp.dll
[WARNING] The file could not be opened!
C:\Program Files\d3drm.dll
[WARNING] The file could not be opened!
C:\Program Files\d3dxof.dll
[WARNING] The file could not be opened!
C:\Program Files\ddhelp.exe
[WARNING] The file could not be opened!
C:\Program Files\ddraw.dll
[WARNING] The file could not be opened!
C:\Program Files\ddraw16.dll
[WARNING] The file could not be opened!
C:\Program Files\ddrawex.dll
[WARNING] The file could not be opened!
C:\Program Files\devenum.dll
[WARNING] The file could not be opened!
C:\Program Files\diactfrm.dll
[WARNING] The file could not be opened!
C:\Program Files\dimap.dll
[WARNING] The file could not be opened!
C:\Program Files\dinput.dll
[WARNING] The file could not be opened!
C:\Program Files\dinput8.dll
[WARNING] The file could not be opened!
C:\Program Files\dmband.dll
[WARNING] The file could not be opened!
C:\Program Files\dmcompos.dll
[WARNING] The file could not be opened!
C:\Program Files\dmime.dll
[WARNING] The file could not be opened!
C:\Program Files\dmloader.dll
[WARNING] The file could not be opened!
C:\Program Files\dmscript.dll
[WARNING] The file could not be opened!
C:\Program Files\dmstyle.dll
[WARNING] The file could not be opened!
C:\Program Files\dmsynth.dll
[WARNING] The file could not be opened!
C:\Program Files\dmusic.dll
[WARNING] The file could not be opened!
C:\Program Files\dmusic16.dll
[WARNING] The file could not be opened!
C:\Program Files\dmusic32.dll
[WARNING] The file could not be opened!
C:\Program Files\dplaysvr.exe
[WARNING] The file could not be opened!
C:\Program Files\dplayx.dll
[WARNING] The file could not be opened!
C:\Program Files\dpmodemx.dll
[WARNING] The file could not be opened!
C:\Program Files\dpnaddr.dll
[WARNING] The file could not be opened!
C:\Program Files\dpnet.dll
[WARNING] The file could not be opened!
C:\Program Files\dpnhpast.dll
[WARNING] The file could not be opened!
C:\Program Files\dpnhupnp.dll
[WARNING] The file could not be opened!
C:\Program Files\dpnlobby.dll
[WARNING] The file could not be opened!
C:\Program Files\dpnsvr.exe
[WARNING] The file could not be opened!
C:\Program Files\dpvacm.dll
[WARNING] The file could not be opened!
C:\Program Files\dpvoice.dll
[WARNING] The file could not be opened!
C:\Program Files\dpvsetup.exe
[WARNING] The file could not be opened!
C:\Program Files\dpvvox.dll
[WARNING] The file could not be opened!
C:\Program Files\dpwsockx.dll
[WARNING] The file could not be opened!
C:\Program Files\dsdmo.dll
[WARNING] The file could not be opened!
C:\Program Files\dsdmoprp.dll
[WARNING] The file could not be opened!
C:\Program Files\dsound.dll
[WARNING] The file could not be opened!
C:\Program Files\dsound3d.dll
[WARNING] The file could not be opened!
C:\Program Files\dswave.dll
[WARNING] The file could not be opened!
C:\Program Files\dx7vb.dll
[WARNING] The file could not be opened!
C:\Program Files\dx8vb.dll
[WARNING] The file could not be opened!
C:\Program Files\dxapi.sys
[WARNING] The file could not be opened!
C:\Program Files\dxdiag.exe
[WARNING] The file could not be opened!
C:\Program Files\dxdiagn.dll
[WARNING] The file could not be opened!
C:\Program Files\dxdllreg.exe
[WARNING] The file could not be opened!
C:\Program Files\dxmigr.dll
[WARNING] The file could not be opened!
C:\Program Files\dxtmsft.dll
[WARNING] The file could not be opened!
C:\Program Files\dxtrans.dll
[WARNING] The file could not be opened!
C:\Program Files\encapi.dll
[WARNING] The file could not be opened!
C:\Program Files\gameenum.sys
[WARNING] The file could not be opened!
C:\Program Files\gcdef.dll
[WARNING] The file could not be opened!
C:\Program Files\gchand.dll
[WARNING] The file could not be opened!
C:\Program Files\hidgame.sys
[WARNING] The file could not be opened!
C:\Program Files\ks.sys
[WARNING] The file could not be opened!
C:\Program Files\ks98.sys
[WARNING] The file could not be opened!
C:\Program Files\ksse.sys
[WARNING] The file could not be opened!
C:\Program Files\ksuser.dll
[WARNING] The file could not be opened!
C:\Program Files\mciqtz32.dll
[WARNING] The file could not be opened!
C:\Program Files\migrate.dll
[WARNING] The file could not be opened!
C:\Program Files\msdmo.dll
[WARNING] The file could not be opened!
C:\Program Files\mskssrv.sys
[WARNING] The file could not be opened!
C:\Program Files\mspclock.sys
[WARNING] The file could not be opened!
C:\Program Files\mstee.sys
[WARNING] The file could not be opened!
C:\Program Files\mswebdvd.dll
[WARNING] The file could not be opened!
C:\Program Files\pid.dll
[WARNING] The file could not be opened!
C:\Program Files\qasf.dll
[WARNING] The file could not be opened!
C:\Program Files\qcap.dll
[WARNING] The file could not be opened!
C:\Program Files\qdv.dll
[WARNING] The file could not be opened!
C:\Program Files\qdvd.dll
[WARNING] The file could not be opened!
C:\Program Files\qedit.dll
[WARNING] The file could not be opened!
C:\Program Files\qedwipes.dll
[WARNING] The file could not be opened!
C:\Program Files\quartz.dll
[WARNING] The file could not be opened!
C:\Program Files\stream.sys
[WARNING] The file could not be opened!
C:\Program Files\stream98.sys
[WARNING] The file could not be opened!
C:\Program Files\swenum.sys
[WARNING] The file could not be opened!
C:\Program Files\swenum98.sys
[WARNING] The file could not be opened!
C:\Program Files\swenumse.sys
[WARNING] The file could not be opened!
C:\Program Files\vidx16.dll
[WARNING] The file could not be opened!
Begin scan in 'D:\' <FACTORY_IMAGE>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: vendredi 25 avril 2008 17:58
Used time: 2:22:10 min

The scan has been done completely.

22329 Scanning directories
599814 Files were scanned
0 viruses and/or unwanted programs were found
0 classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
88 Files cannot be scanned
599814 Files not concerned
5219 Archives were scanned
88 Warnings
0 Notes
0 Hidden objects were found
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 12
26 avril 2008 à 09:38
Salut,

Si quelqu'un peut et veux m'aider, ça serait vraiment sympa....Hier, j'ai ptet fait une counerie, j'ai supprimé en MSE un truc rangé dans "AppData/Loca/Temp/...('me suviens du nom)", j'ai une pub de moins mais une application aussi lol
Et toujours les mêmes problèmes ......
Je poste un scan d'HiJackThis, si vous avez une soluce, merci d'avance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:58, on 21/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\jureg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Owen & Ethan\Downloads\VundoFix.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DoesBird] "C:\ProgramData\Upload Deaf Deaf.83ow7"
O4 - HKCU\..\Run: [Long Internet Team Stupid] "C:\ProgramData\four acid bend.zt243ts"
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
0
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 12
26 avril 2008 à 10:40
Et voici celui de Navilog :



Search Navipromo version 3.5.5 commencé le 26/04/2008 à 10:24:05,50

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Owen & Ethan"

Mise à jour le 25.04.2008 à 22h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\fred\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\Owen & Ethan\AppData\Roaming" ***


*** Recherche dossiers dans "C:\Users\fred\appdata\roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

gnc.exe absent, Recherche non effectuee dans "C:\Windows\system32" !

* Recherche dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" *

gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" !

* Recherche dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" *

gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" !

* Recherche dans "C:\Users\Owen & Ethan\AppData\Local" *

gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local" !



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" :


* Dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\Owen & Ethan\AppData\Local" :


* Dans "C:\Users\fred\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 26/04/2008 à 10:37:27,69 ***
0
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 12
26 avril 2008 à 14:00
Toujours personne? :'(
Je ne sais vraiment pas par où commencer.....siouplait :D
0
med365 Messages postés 16 Date d'inscription dimanche 27 avril 2008 Statut Membre Dernière intervention 28 avril 2008
27 avril 2008 à 20:24
Bonjour

Passons directement à MalwareBytes Antimalware :

Télécharge MalwareBytes Antimalware : http://www.malwarebytes.org/mbam.php
Mets le à jour
Effectue un scan complet de ton système
Supprime tout
Sauvegarde le rapport et poste le dans ta prochaine réponse avec un nouveau log HijackThis

A+
0
lutifan Messages postés 85 Date d'inscription mercredi 2 janvier 2008 Statut Membre Dernière intervention 31 janvier 2014 12
10 mai 2008 à 17:40
OOOps, salut et désolée, j'ai bidouillé avec l'aide d'une connaissance et avec ce logiciel parmi tant d'autres j'ai tout nettoyé.
J'aime pas laisser mon pc maladou, je comprends que vous n'êtes pas dispo sur le champs et je vous remercie encore pour avoir essayé de m'aider. Cela a été tellement compliqué pour mon petit cerveau de blonde que j'avoue avoir complètement zappé le forum :/
Encore pardon pour mon impolitesse....
0