Cochonneries à virer

Résolu
lutifan Messages postés 87 Statut Membre -  
lutifan Messages postés 87 Statut Membre -
Salut à tous,

J'ai depuis hier, des fenêtrs IE qui s'ouvrent toutes seules du style :
"http://82.98.235.210/go//?cmp=vm_cmp793_xt&uid=23B2721C10AC11DDBC8D152174CFFFFF&guid=2079DCEE13EF4885BC772E7672A02413&affid=152174&rid=ggthnks&lid=http" avec comme titre "HHTP 404 non trouvé"
ou encore "http://85.12.43.98/www/delivery/afr.php?n=a7b11b84&zoneid=59" "Advertissement Windows IE " vide
ou des pubs de jeux, "http://www.cotedazurpalace.com/lnd/fr/?lnd_index=p200g500b800".
De plus, mon pc rame et plante. Je dirais même qu'il déconne sérieux, là, par exemple, il oublie des lettres ou ne met pas les espaces !
J'ai vraiment besoin d'un docteur ;)
Si quelqu'un peut m'aider, je sais à quel point c'est long et pénible de faire un nettoyage mais je vous remercie d'avance car toute seule,e ne sais pas par où ommencer.
J'ai, évidemment, fait tous les scans habituels (Avast, CCleaner, Spybot, AdAware) qui n'ont rien trouvé.
AVG est en train de chercher, je vous dis "quoi", lol
Je lancerai donc à Hijackthis après et je vous poste ça.
à tout'
Configuration: Windows Vista
Internet Explorer 7.0

9 réponses

  1. Ajbol Messages postés 3034 Statut Membre 403
     
    Kit de désinfection :

    1 : Désinstalle ton antivirus actuel
    2 : Télécharge Antivir, mets à jour et scanne ton système.
    Tutorial FR : http://www.tutopat.com/viewtopic.php?t=2417 ou bien https://www.malekal.com/avira-free-security-antivirus-gratuit/ ou bien http://speedweb1.free.fr/frames2.php?page=tuto5
    3 : Télécharge Adaware, Spybot
    4 : Mets chacun de ces logiciels à jour et fais les tourner sur l’entièreté du disque dur
    5 : Télécharge Ccleaner
    Tutorial FR : http://www.internetmonitor.lu/download/ccleaner_27082006.pdf

    6 : Reviens nous donner des nouvelles.

    Pourquoi Antivir et pas Avast : http://forum.malekal.com/ftopic3528.php
    1
  2. enlérga
     
    Bonjour,

    J'ai exactement le même problème que la personne précédente, de plus mes navigateurs sont bloqués par exemple quand je tape un truc a cherché sur google ( sur ie ou opéra) il reste a la page de recherche et charge charge charge...sans trouver, c'est dépriment....

    A l'aide :)
    0
    1. Ajbol Messages postés 3034 Statut Membre 403
       
      Ben, essaie les mêmes remèdes...
      0
  3. lutifan Messages postés 87 Statut Membre 12
     
    Ok, merci Ajbol, j'y cours !
    à plus
    0
  4. lutifan Messages postés 87 Statut Membre 12
     
    Bon bah voilà, qu'en penses-tu?

    AntiVir PersonalEdition Classic
    Report file date: vendredi 25 avril 2008 15:36

    Scanning for 740715 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows Vista
    Windows version: (plain) [6.0.6000]
    Username: Owen & Ethan
    Computer name: GOLLUM

    Version information:
    BUILD.DAT : 248 14437 Bytes 31/05/2007 16:59:00
    AVSCAN.EXE : 7.0.4.15 282664 Bytes 20/04/2007 11:37:14
    AVSCAN.DLL : 7.0.4.4 33832 Bytes 27/03/2007 11:31:54
    LUKE.DLL : 7.0.4.11 143400 Bytes 27/03/2007 11:26:04
    LUKERES.DLL : 7.0.4.0 10280 Bytes 19/03/2007 11:18:59
    ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 13:08:58
    ANTIVIR1.VDF : 6.37.1.151 4303360 Bytes 23/02/2007 13:09:01
    ANTIVIR2.VDF : 6.38.0.214 729600 Bytes 12/04/2007 13:09:02
    ANTIVIR3.VDF : 6.38.0.225 50688 Bytes 16/04/2007 13:09:02
    AVEWIN32.DLL : 7.4.0.12 2404864 Bytes 13/04/2007 13:04:24
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
    AVPREF.DLL : 7.0.2.1 24616 Bytes 27/03/2007 11:31:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
    AVPACK32.DLL : 7.3.0.8 360488 Bytes 27/03/2007 07:48:28
    AVREG.DLL : 7.0.1.2 31784 Bytes 15/03/2007 08:05:08
    AVEVTLOG.DLL : 7.0.0.18 86056 Bytes 27/03/2007 11:16:05
    AVARKT.DLL : 1.0.0.17 278568 Bytes 02/05/2007 10:32:26
    NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
    RCIMAGE.DLL : 7.0.1.15 2228264 Bytes 13/03/2007 09:46:18
    RCTEXT.DLL : 7.0.45.0 86056 Bytes 19/03/2007 11:42:42

    Configuration settings for the scan:
    Jobname..........................: Local Drives
    Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: E:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: vendredi 25 avril 2008 15:36

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'SearchFilterHost.exe' - '0' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '0' Module(s) have been scanned
    Scan process 'avguard.exe' - '0' Module(s) have been scanned
    Scan process 'sched.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'VSSVC.exe' - '0' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'iexplore.exe' - '1' Module(s) have been scanned
    Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
    Scan process 'ieuser.exe' - '1' Module(s) have been scanned
    Scan process 'ashSimpl.exe' - '0' Module(s) have been scanned
    Scan process 'avgwb.dat' - '1' Module(s) have been scanned
    Scan process 'Ad-Aware2007.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'SearchProtocolHost.exe' - '0' Module(s) have been scanned
    Scan process 'HPHC_Service.exe' - '0' Module(s) have been scanned
    Scan process 'kbd.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtHid.exe' - '1' Module(s) have been scanned
    Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
    Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
    Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '0' Module(s) have been scanned
    Scan process 'sidebar.exe' - '1' Module(s) have been scanned
    Scan process 'avgcc.exe' - '1' Module(s) have been scanned
    Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
    Scan process 'WebCam10.exe' - '1' Module(s) have been scanned
    Scan process 'mobsync.exe' - '1' Module(s) have been scanned
    Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
    Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
    Scan process 'schtasks.exe' - '1' Module(s) have been scanned
    Scan process 'jureg.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
    Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned
    Scan process 'OSD.exe' - '1' Module(s) have been scanned
    Scan process 'SDWinSec.exe' - '0' Module(s) have been scanned
    Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'TosBtSrv.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'NBService.exe' - '0' Module(s) have been scanned
    Scan process 'LSSrvc.exe' - '0' Module(s) have been scanned
    Scan process 'IAANTmon.exe' - '0' Module(s) have been scanned
    Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
    Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
    Scan process 'avgemc.exe' - '0' Module(s) have been scanned
    Scan process 'avgrssvc.exe' - '0' Module(s) have been scanned
    Scan process 'avgrssvc.exe' - '0' Module(s) have been scanned
    Scan process 'avgupsvc.exe' - '0' Module(s) have been scanned
    Scan process 'avgamsvr.exe' - '0' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'dwm.exe' - '1' Module(s) have been scanned
    Scan process 'taskeng.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '0' Module(s) have been scanned
    Scan process 'ashServ.exe' - '0' Module(s) have been scanned
    Scan process 'aswUpdSv.exe' - '0' Module(s) have been scanned
    Scan process 'aawservice.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'winlogon.exe' - '0' Module(s) have been scanned
    Scan process 'SLsvc.exe' - '0' Module(s) have been scanned
    Scan process 'audiodg.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '0' Module(s) have been scanned
    Scan process 'lsm.exe' - '0' Module(s) have been scanned
    Scan process 'lsass.exe' - '0' Module(s) have been scanned
    Scan process 'services.exe' - '0' Module(s) have been scanned
    Scan process 'csrss.exe' - '0' Module(s) have been scanned
    Scan process 'wininit.exe' - '0' Module(s) have been scanned
    Scan process 'csrss.exe' - '0' Module(s) have been scanned
    Scan process 'smss.exe' - '0' Module(s) have been scanned
    34 processes with 34 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    [WARNING] The boot sector file could not be read!
    [WARNING] Error code: 0x0005
    [NOTE] Please restart the search with Administrator rights
    Boot sector 'D:\'
    [NOTE] No virus was found!
    [WARNING] The boot sector file could not be read!
    [WARNING] Error code: 0x0005
    [NOTE] Please restart the search with Administrator rights
    Boot sector 'F:\'
    [NOTE] In the drive 'F:\' no data medium is inserted!
    Boot sector 'G:\'
    [NOTE] In the drive 'G:\' no data medium is inserted!
    Boot sector 'H:\'
    [NOTE] In the drive 'H:\' no data medium is inserted!
    Boot sector 'I:\'
    [NOTE] In the drive 'I:\' no data medium is inserted!

    Starting to scan the registry.
    The registry was scanned ( '28' files ).

    Starting the file scan:

    Begin scan in 'C:\' <HP>
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Program Files\amstream.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3d8.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3d9.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3dim.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3dim700.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3dpmesh.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3dramp.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3drm.dll
    [WARNING] The file could not be opened!
    C:\Program Files\d3dxof.dll
    [WARNING] The file could not be opened!
    C:\Program Files\ddhelp.exe
    [WARNING] The file could not be opened!
    C:\Program Files\ddraw.dll
    [WARNING] The file could not be opened!
    C:\Program Files\ddraw16.dll
    [WARNING] The file could not be opened!
    C:\Program Files\ddrawex.dll
    [WARNING] The file could not be opened!
    C:\Program Files\devenum.dll
    [WARNING] The file could not be opened!
    C:\Program Files\diactfrm.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dimap.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dinput.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dinput8.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmband.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmcompos.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmime.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmloader.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmscript.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmstyle.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmsynth.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmusic.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmusic16.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dmusic32.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dplaysvr.exe
    [WARNING] The file could not be opened!
    C:\Program Files\dplayx.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpmodemx.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpnaddr.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpnet.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpnhpast.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpnhupnp.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpnlobby.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpnsvr.exe
    [WARNING] The file could not be opened!
    C:\Program Files\dpvacm.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpvoice.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpvsetup.exe
    [WARNING] The file could not be opened!
    C:\Program Files\dpvvox.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dpwsockx.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dsdmo.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dsdmoprp.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dsound.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dsound3d.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dswave.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dx7vb.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dx8vb.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dxapi.sys
    [WARNING] The file could not be opened!
    C:\Program Files\dxdiag.exe
    [WARNING] The file could not be opened!
    C:\Program Files\dxdiagn.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dxdllreg.exe
    [WARNING] The file could not be opened!
    C:\Program Files\dxmigr.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dxtmsft.dll
    [WARNING] The file could not be opened!
    C:\Program Files\dxtrans.dll
    [WARNING] The file could not be opened!
    C:\Program Files\encapi.dll
    [WARNING] The file could not be opened!
    C:\Program Files\gameenum.sys
    [WARNING] The file could not be opened!
    C:\Program Files\gcdef.dll
    [WARNING] The file could not be opened!
    C:\Program Files\gchand.dll
    [WARNING] The file could not be opened!
    C:\Program Files\hidgame.sys
    [WARNING] The file could not be opened!
    C:\Program Files\ks.sys
    [WARNING] The file could not be opened!
    C:\Program Files\ks98.sys
    [WARNING] The file could not be opened!
    C:\Program Files\ksse.sys
    [WARNING] The file could not be opened!
    C:\Program Files\ksuser.dll
    [WARNING] The file could not be opened!
    C:\Program Files\mciqtz32.dll
    [WARNING] The file could not be opened!
    C:\Program Files\migrate.dll
    [WARNING] The file could not be opened!
    C:\Program Files\msdmo.dll
    [WARNING] The file could not be opened!
    C:\Program Files\mskssrv.sys
    [WARNING] The file could not be opened!
    C:\Program Files\mspclock.sys
    [WARNING] The file could not be opened!
    C:\Program Files\mstee.sys
    [WARNING] The file could not be opened!
    C:\Program Files\mswebdvd.dll
    [WARNING] The file could not be opened!
    C:\Program Files\pid.dll
    [WARNING] The file could not be opened!
    C:\Program Files\qasf.dll
    [WARNING] The file could not be opened!
    C:\Program Files\qcap.dll
    [WARNING] The file could not be opened!
    C:\Program Files\qdv.dll
    [WARNING] The file could not be opened!
    C:\Program Files\qdvd.dll
    [WARNING] The file could not be opened!
    C:\Program Files\qedit.dll
    [WARNING] The file could not be opened!
    C:\Program Files\qedwipes.dll
    [WARNING] The file could not be opened!
    C:\Program Files\quartz.dll
    [WARNING] The file could not be opened!
    C:\Program Files\stream.sys
    [WARNING] The file could not be opened!
    C:\Program Files\stream98.sys
    [WARNING] The file could not be opened!
    C:\Program Files\swenum.sys
    [WARNING] The file could not be opened!
    C:\Program Files\swenum98.sys
    [WARNING] The file could not be opened!
    C:\Program Files\swenumse.sys
    [WARNING] The file could not be opened!
    C:\Program Files\vidx16.dll
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <FACTORY_IMAGE>
    Begin scan in 'F:\'
    Search path F:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'G:\'
    Search path G:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'H:\'
    Search path H:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'I:\'
    Search path I:\ could not be opened!
    Le périphérique n'est pas prêt.

    Begin scan in 'E:\'
    Search path E:\ could not be opened!
    Le périphérique n'est pas prêt.

    End of the scan: vendredi 25 avril 2008 17:58
    Used time: 2:22:10 min

    The scan has been done completely.

    22329 Scanning directories
    599814 Files were scanned
    0 viruses and/or unwanted programs were found
    0 classified as suspicious:
    0 files were deleted
    0 files were repaired
    0 files were moved to quarantine
    0 files were renamed
    88 Files cannot be scanned
    599814 Files not concerned
    5219 Archives were scanned
    88 Warnings
    0 Notes
    0 Hidden objects were found
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. lutifan Messages postés 87 Statut Membre 12
     
    Salut,

    Si quelqu'un peut et veux m'aider, ça serait vraiment sympa....Hier, j'ai ptet fait une counerie, j'ai supprimé en MSE un truc rangé dans "AppData/Loca/Temp/...('me suviens du nom)", j'ai une pub de moins mais une application aussi lol
    Et toujours les mêmes problèmes ......
    Je poste un scan d'HiJackThis, si vous avez une soluce, merci d'avance.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:34:58, on 21/02/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\jureg.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Labtec\WebCam10\WebCam10.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\hp\kbd\kbd.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Users\Owen & Ethan\Downloads\VundoFix.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [DoesBird] "C:\ProgramData\Upload Deaf Deaf.83ow7"
    O4 - HKCU\..\Run: [Long Internet Team Stupid] "C:\ProgramData\four acid bend.zt243ts"
    O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
    O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    0
  7. lutifan Messages postés 87 Statut Membre 12
     
    Et voici celui de Navilog :

    Search Navipromo version 3.5.5 commencé le 26/04/2008 à 10:24:05,50

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!
    !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

    Outil exécuté depuis C:\Program Files\navilog1
    Session actuelle : "Owen & Ethan"

    Mise à jour le 25.04.2008 à 22h00 par IL-MAFIOSO

    Microsoft Windows Vista 6.0.6000
    Internet Explorer : 7.0.6000.16643
    Système de fichiers : NTFS

    Executé en mode normal

    *** Recherche Programmes installés ***

    *** Recherche dossiers dans "C:\Windows" ***

    *** Recherche dossiers dans "C:\Program Files" ***

    *** Recherche dossiers dans "C:\ProgramData" ***

    *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***

    *** Recherche dossiers dans "C:\Users\fred\appdata\roaming\micros~1\windows\startm~1\programs" ***

    *** Recherche dossiers dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\Program Files" ***

    *** Recherche dossiers dans "C:\Users\Owen & Ethan\AppData\Roaming" ***

    *** Recherche dossiers dans "C:\Users\fred\appdata\roaming" ***

    *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
    pour + d'infos : http://www.gmer.net

    Aucun Fichier trouvé

    *** Recherche avec GenericNaviSearch ***
    !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A vérifier impérativement avant toute suppression manuelle !!!

    * Recherche dans "C:\Windows\system32" *

    gnc.exe absent, Recherche non effectuee dans "C:\Windows\system32" !

    * Recherche dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" *

    gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" !

    * Recherche dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" *

    gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" !

    * Recherche dans "C:\Users\Owen & Ethan\AppData\Local" *

    gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local" !

    *** Recherche fichiers ***

    *** Recherche clés spécifiques dans le Registre ***

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche nouveaux fichiers Instant Access :

    2)Recherche Heuristique :

    * Dans "C:\Windows\system32" :

    * Dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" :

    * Dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" :

    * Dans "C:\Users\Owen & Ethan\AppData\Local" :

    * Dans "C:\Users\fred\AppData\Local" :

    3)Recherche Certificats :

    Certificat Egroup absent !
    Certificat Electronic-Group absent !
    Certificat OOO-Favorit absent !
    Certificat Sunny-Day-Design-Ltd absent !

    4)Recherche fichiers connus :

    *** Analyse terminée le 26/04/2008 à 10:37:27,69 ***
    0
  8. lutifan Messages postés 87 Statut Membre 12
     
    Toujours personne? :'(
    Je ne sais vraiment pas par où commencer.....siouplait :D
    0
  9. med365 Messages postés 16 Statut Membre
     
    Bonjour

    Passons directement à MalwareBytes Antimalware :

    Télécharge MalwareBytes Antimalware : http://www.malwarebytes.org/mbam.php
    Mets le à jour
    Effectue un scan complet de ton système
    Supprime tout
    Sauvegarde le rapport et poste le dans ta prochaine réponse avec un nouveau log HijackThis

    A+
    0
  10. lutifan Messages postés 87 Statut Membre 12
     
    OOOps, salut et désolée, j'ai bidouillé avec l'aide d'une connaissance et avec ce logiciel parmi tant d'autres j'ai tout nettoyé.
    J'aime pas laisser mon pc maladou, je comprends que vous n'êtes pas dispo sur le champs et je vous remercie encore pour avoir essayé de m'aider. Cela a été tellement compliqué pour mon petit cerveau de blonde que j'avoue avoir complètement zappé le forum :/
    Encore pardon pour mon impolitesse....
    0