Sujet Précédent Sujet Suivant

Pc infecter s.v.p a l'aide

Fermé
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011 - 24 mai 2008 à 18:15
 Utilisateur anonyme - 25 mai 2008 à 01:31
Bonjour, j'aurais besoin d'aide pour pouvoir désinfecter ce pc s.v.p étape par étape . j'ai un message de spyware sur mon bureau qui ne part plu . je ne suis pas trop connaisseur ds ce domaine s.v.p a l'aide
A voir également:

16 réponses

Réponse 1 / 16
Utilisateur anonyme
24 mai 2008 à 18:16
bojours

Préalable
• Vider la corbeille
• Fermer toutes les applications

================NAVILOG====================

Télécharge ceci http://il.mafioso.pagesperso-orange.fr/Navifix/download.htm

prend navilog1.exe

Choisir option 1 uniquement

Ensuite suit ce tutorial : http://mickael.barroux.free.fr/securite/navilog.php

Et enfin post le rapport du scan navilog
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 19:19
merci a toi a l'avance voSearch Navipromo version 3.5.7 commencé le 2008-05-24 à 12:49:02,51

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Jan Lafleche"

Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO


Microsoft Windows XP [Version 5.1.2600]
Internet Explorer : 7.0.5730.11
Système de fichiers : FAT32

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\startm~1\programs" ***


*** Recherche dossiers dans "C:\Documents and Settings\Jan Lafleche\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\OWNER\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Jan Lafleche\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\OWNER\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\Jan Lafleche\startm~1\programs" ***


*** Recherche dossiers dans "C:\DOCUME~1\OWNER\startm~1\programs" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\startm~1\programs" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Jan Lafleche\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\OWNER\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\Jan Lafleche\locals~1\applic~1" :


* Dans "C:\DOCUME~1\OWNER\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 2008-05-24 à 12:51:25,46 ***
ici le rapport
0
Réponse 2 / 16
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 19:24
re bonjour , dit moi le prochain step a faire s.v.p
0
Réponse 3 / 16
Utilisateur anonyme
24 mai 2008 à 19:36
Télécharge ceci: (by Moe) :
http://sosvirus.changelog.fr/Green_day/Lopxpsetup.exe

Double clic sur Lopxpsetup.exe pour lancer l'installation
Au menu, choisir l'option 1
Patienter jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
Une rapport sera alors crée, à copie/colle en entier sur le forum.
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 20:09
voici l'autre rapport

# Rapport Lopxp fait le 2008-05-24 à 14:02:34
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.10 - Maj du 11/04/2008

Killing 'iexplore.exe'
"C:\Program Files\Internet Explorer\iexplore.exe" (2184)
"C:\Program Files\Internet Explorer\iexplore.exe" (772)

========== Listing des dossiers Application Data

+- C:\Documents and Settings\All Users\Application Data

2002-01-15 à 16:39:02 - Microsoft
2002-05-13 à 17:39:02 - MSN6
2002-05-13 à 17:46:12 - Symantec
2003-06-23 à 04:00:18 - McAfee.com
2003-09-09 à 21:34:16 - ACD Systems
2004-12-07 à 22:50:04 - Adobe
2005-09-20 à 02:11:14 - Windows Genuine Advantage
2006-04-08 à 21:32:40 - yahoo!
2007-01-19 à 02:59:54 - MumboJumbo
2007-02-24 à 02:47:54 - TEMP
2007-07-26 à 21:08:54 - Spybot - Search & Destroy
2007-08-01 à 03:21:14 - PopCap
2008-05-24 à 06:37:58 - Adsl Software Limited
2008-05-24 à 17:44:42 - Lavasoft

+- C:\Documents and Settings\Owner\Application Data

2002-01-15 à 16:49:02 - Adobe
2002-01-15 à 16:49:02 - InterTrust
2002-01-15 à 16:39:02 - Microsoft
2002-01-15 à 17:07:28 - Identities

+- C:\Documents and Settings\Owner\Local Settings\Application Data

2002-01-15 à 17:07:20 - Microsoft

+- C:\Documents and Settings\Jan Lafleche\Application Data

2002-01-15 à 17:07:28 - Identities
2002-01-15 à 16:49:02 - Adobe
2002-01-15 à 16:49:02 - InterTrust
2002-01-15 à 16:39:02 - Microsoft
2002-05-13 à 17:39:02 - MSN6
2002-05-13 à 17:46:20 - Symantec
2002-05-13 à 18:23:28 - Help
2002-05-16 à 19:20:54 - Canon
2002-05-16 à 20:10:22 - Active Disk
2003-09-09 à 21:36:02 - ACD Systems
2003-11-29 à 22:49:06 - ACDInTouch
2003-12-19 à 02:46:38 - Macromedia
2004-04-06 à 21:09:32 - FotoWire
2004-06-15 à 21:58:38 - FileMaker
2004-12-07 à 22:53:56 - AdobeUM
2005-04-07 à 03:19:12 - Zylom
2006-02-21 à 17:43:24 - Real
2006-02-21 à 17:47:40 - Google
2006-07-31 à 23:40:02 - Magic Match
2006-12-03 à 18:22:12 - Skype
2007-04-26 à 22:40:52 - Template
2007-07-26 à 21:43:20 - gtopala
2008-05-24 à 18:23:42 - Mozilla

+- C:\Documents and Settings\Jan Lafleche\Local Settings\Application Data

2002-01-15 à 17:07:20 - Microsoft
2002-05-13 à 18:15:22 - Identities
2002-05-13 à 18:23:28 - Help
2004-07-30 à 21:06:26 - FileMaker
2004-12-07 à 22:53:52 - Adobe
2005-11-12 à 22:21:06 - Google
2008-02-05 à 15:18:42 - ApplicationHistory
2008-02-27 à 00:59:34 - iCu2
2008-05-24 à 18:23:42 - Mozilla

+- C:\Documents and Settings\Administrator\Application Data

2002-01-15 à 17:07:28 - Identities
2002-01-15 à 16:49:02 - Adobe
2002-01-15 à 16:49:02 - InterTrust
2002-01-15 à 16:39:02 - Microsoft

+- C:\Documents and Settings\Administrator\Local Settings\Application Data

2002-01-15 à 17:07:20 - Microsoft

========== Listing du dossier Program Files

+- C:\Program Files

2002-01-15 à 16:39:28 - Common Files
2002-01-15 à 16:43:46 - Windows NT
2002-01-15 à 16:43:50 - MSN Gaming Zone
2002-01-15 à 16:43:50 - MSN
2004-12-21 à 22:13:10 - FileZilla
2002-01-15 à 16:44:00 - Online Services
2002-01-15 à 16:44:00 - WindowsUpdate
2002-01-15 à 16:44:38 - ComPlus Applications
2002-01-15 à 16:45:00 - Internet Explorer
2002-01-15 à 16:45:02 - Outlook Express
2002-01-15 à 16:45:04 - NetMeeting
2002-01-15 à 16:45:06 - Windows Media Player
2002-01-15 à 16:45:14 - Movie Maker
2002-01-15 à 16:49:02 - Adobe
2002-01-15 à 16:50:16 - microsoft frontpage
2002-01-15 à 16:50:16 - xerox
2002-01-15 à 17:07:24 - Uninstall Information
2008-01-23 à 23:25:42 - ORL
2002-02-21 à 00:42:42 - OpenGraphics
2002-02-21 à 01:05:26 - Chicony
2002-02-21 à 01:08:04 - Adaptec
2005-03-21 à 22:43:58 - GedFiliations
2002-05-13 à 17:26:52 - Program Shortcuts
2004-12-07 à 23:00:32 - Click'N Design 3D
2002-05-13 à 17:46:10 - Symantec
2005-04-01 à 03:34:08 - MSN Games
2002-05-13 à 18:09:02 - SiS7012
2002-05-13 à 18:09:14 - CONEXANT
2002-05-13 à 20:41:34 - Microsoft Works
2005-11-12 à 22:20:42 - Picasa2
2005-04-07 à 03:19:06 - Zylom Games
2002-05-13 à 21:02:18 - Microsoft Office
2002-05-13 à 21:03:22 - Windows Messaging
2002-05-13 à 21:23:28 - ICUII5
2002-05-13 à 21:36:12 - InstallShield Installation Information
2002-05-13 à 21:36:12 - nanoCom Corporation
2002-05-14 à 22:53:42 - Canon
2005-04-25 à 01:40:08 - WareOut
2002-05-16 à 19:09:44 - ArcSoft
2002-05-16 à 20:08:06 - Iomega
2005-04-28 à 22:36:42 - Microsoft AntiSpyware
2005-06-28 à 22:08:30 - iMesh
2005-06-28 à 22:08:42 - iMeshBar
2007-07-06 à 18:00:58 - Norton 360
2006-02-19 à 18:45:42 - Google
2006-11-18 à 05:08:50 - MSXML 4.0
2008-02-27 à 00:59:32 - iCu2
2007-07-26 à 20:40:38 - CodeStuff
2007-07-26 à 21:08:50 - Spybot - Search & Destroy
2008-01-23 à 23:24:44 - NerdViewClient
2008-05-24 à 18:23:28 - Mozilla Firefox
2008-05-24 à 18:28:50 - NetProject
2008-05-24 à 19:46:04 - Navilog1
2008-05-24 à 21:02:20 - Lopxp
2002-05-21 à 20:53:20 - Corel
2002-05-21 à 21:02:06 - WexTech
2002-11-26 à 00:26:26 - Caere
2002-12-13 à 18:11:08 - Logitech
2003-02-20 à 16:58:32 - Lavasoft Ad-Aware
2003-03-15 à 22:25:26 - GameHouse
2003-05-15 à 08:02:26 - McAfee
2003-05-15 à 08:40:48 - FILER
2003-06-02 à 13:37:24 - Brother's Keeper 6
2003-06-23 à 04:00:04 - McAfee.com
2003-08-07 à 17:44:10 - Lavasoft
2003-08-19 à 19:25:26 - messenger
2003-10-11 à 00:53:34 - Zero G Registry
2003-10-23 à 20:02:22 - Panicware
2003-10-25 à 19:02:52 - WS_FTP
2003-10-27 à 22:09:18 - ACD Systems
2004-02-26 à 02:04:44 - Yahoo!
2004-03-17 à 02:21:38 - Zone.com Deluxe Games
2004-03-19 à 03:36:12 - Real
2004-04-02 à 22:43:32 - Skype
2004-04-03 à 21:15:44 - directx
2004-04-05 à 01:45:48 - MSN Messenger
2004-04-24 à 03:02:18 - PacificPoker
2004-06-15 à 20:32:00 - Norton AntiVirus
2004-07-31 à 03:20:32 - MSN Apps

========== Tâches planifiées

Aucune tâche planifiée détecté.

========== Clés registre


========== Bloqueur popups Internet Explorer

zonenxt.msn-ppe.com
zone.msn.com
*.securewebinfo.com
*.safetyincludes.com
*.securemanaging.com

========== Suggestion ( /!\ Nécessite une interprétation.) ==========


+- Registre : Aucune suggestion.


- Fin du rapport -
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 20:13
la prochaine etape s.v.p c vraiment apprécier ton aide merci encore
0
Réponse 4 / 16
Utilisateur anonyme
24 mai 2008 à 20:16
Telecharge malwarebytes

-> http://www.commentcamarche.net/telecharger/malwarebyte s anti malware 34055379 avis opinions.php3

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examun complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 23:46
la prochaine étape s.v.p très intéressant
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 20:47
re boujour je doit attendre pour le rapport c estimer a 18 minute merci pour ta patience
0
Réponse 6 / 16
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
24 mai 2008 à 23:44
voila le rapport 55 minute Malwarebytes' Anti-Malware 1.12
Version de la base de données: 783

Type de recherche: Examen complet (C:\|)
Eléments examinés: 101562
Temps écoulé: 47 minute(s), 55 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 26
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 30

Processus mémoire infecté(s):
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> No action taken.

Module(s) mémoire infecté(s):
C:\WINDOWS\apsagy.dll (Trojan.FakeAlert) -> No action taken.
C:\Program Files\NetProject\wamdl.dll (Trojan.Zlob) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e18c3daf-9841-4340-afe9-27ab400650ab} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e48c3daf-9841-4345-afe9-27ab400650ab} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\bho.bho (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4fdf7b4-ead1-4872-a3f7-20fd86d6e798} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{a4fdf7b4-ead1-4872-a3f7-20fd86d6e798} (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4fdf7b4-ead1-4872-a3f7-20fd86d6e798} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Service (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Secure Browsing (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Application (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Adsl Software Limited (Rogue.MalWarrior) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinSpywareProtect (ver. 5.1) (Rogue.MalWarrior) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\Wallpaper (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\NetProject (Trojan.Zlob) -> No action taken.
C:\WINDOWS\system32\566828 (Trojan.BHO) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\SAVED (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\DELETED (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\BASE (Rogue.MalWarrior) -> No action taken.

Fichier(s) infecté(s):
C:\WINDOWS\apsagy.dll (Trojan.FakeAlert) -> No action taken.
C:\Program Files\NetProject\wamdl.dll (Trojan.Zlob) -> No action taken.
C:\System Volume Information\_restore{A6AAB5CB-D156-44A8-913D-28B82ED69165}\RP249\A0046863.scr (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{A6AAB5CB-D156-44A8-913D-28B82ED69165}\RP251\A0046935.scr (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Jan Lafleche\Local Settings\Temp\zfe4.exe (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Jan Lafleche\Desktop\c-setup.exe (Trojan.FakeAlert) -> No action taken.
C:\Program Files\NetProject\scu.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\sbun.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\waun.exe (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\ts.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\ot.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\myd.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\mym.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\myp.ico (Trojan.Zlob) -> No action taken.
C:\Program Files\NetProject\myv.ico (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080524004331733.log (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080524031238824.log (Rogue.MalWarrior) -> No action taken.
C:\Documents and Settings\Jan Lafleche\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Jan Lafleche\My Documents\My Music\My Music.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Jan Lafleche\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Jan Lafleche\My Documents\My Videos\My Video.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Jan Lafleche\My Documents\My Documents.url (Trojan.Zlob) -> No action taken.
C:\Documents and Settings\Jan Lafleche\Favorites\Online Security Test.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Desktop\Online Security Guide.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url (Rogue.Link) -> No action taken.
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url (Rogue.Link) -> No action taken.
wow
0
Réponse 7 / 16
Utilisateur anonyme
24 mai 2008 à 23:52
No action taken.


t as supprimé la selection ??

si oui

va dans malewarebyte
va sur rapport/log

envoi le rapport qui le confirme
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 00:10
voici le rappMalwarebytes' Anti-Malware 1.12
Version de la base de données: 783

Type de recherche: Examen complet (C:\|)
Eléments examinés: 101562
Temps écoulé: 47 minute(s), 55 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 26
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 30

Processus mémoire infecté(s):
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\apsagy.dll (Trojan.FakeAlert) -> Unloaded module successfully.
C:\Program Files\NetProject\wamdl.dll (Trojan.Zlob) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7c4bcd17-bdba-4078-9d8c-8ca8b7eabe77} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e18c3daf-9841-4340-afe9-27ab400650ab} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e48c3daf-9841-4345-afe9-27ab400650ab} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bho.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4fdf7b4-ead1-4872-a3f7-20fd86d6e798} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a4fdf7b4-ead1-4872-a3f7-20fd86d6e798} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4fdf7b4-ead1-4872-a3f7-20fd86d6e798} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Service (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Secure Browsing (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Web Application (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinSpywareProtect (ver. 5.1) (Rogue.MalWarrior) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\Wallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\OriginalWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\ConvertedWallpaper (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\566828 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\SAVED (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\DELETED (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\BASE (Rogue.MalWarrior) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\apsagy.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\wamdl.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A6AAB5CB-D156-44A8-913D-28B82ED69165}\RP249\A0046863.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A6AAB5CB-D156-44A8-913D-28B82ED69165}\RP251\A0046935.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ctfmonb.bmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\blackster.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\Local Settings\Temp\zfe4.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\Desktop\c-setup.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\scu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\sbun.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\waun.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\NetProject\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080524004331733.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\WinSpywareProtect\LOG\20080524031238824.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\My Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jan Lafleche\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\Online Security Guide.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url (Rogue.Link) -> Quarantined and deleted successfully.
ort next lollllllll
0
Réponse 8 / 16
Utilisateur anonyme
25 mai 2008 à 00:14
réouvre malewarebyte
va sur quarantaine
supprime tout

Télécharge Clean:

-> http://www.malekal.com/download/clean.zip

-> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.

Un rapport va s'ouvrir, copie et colle le contenu sur le forum.

-> pour ceux ou celles qui auraient un doute sur comment deziper un fichier :

http://www.tutopat.com/viewtopic.php?t=933&sid=34215b238376bfb22ef9e8eca9995914
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 00:31
C:\WINDOWS\System32\wpa.dbl -->2008-05-24 03:13:00
C:\WINDOWS\System32\LVCOMSX.LOG -->2008-05-23 22:11:42
C:\WINDOWS\System32\lsdelete.exe -->2008-05-16 11:58:04
C:\WINDOWS\System32\MRT.exe -->2008-05-09 14:35:04
C:\WINDOWS\System32\FNTCACHE.DAT -->2008-04-08 16:18:54
C:\WINDOWS\System32\msjint40.dll -->2008-03-27 01:12:54
C:\WINDOWS\System32\mswdat10.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\msxbde40.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\mswstr10.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\mstext40.dll -->2008-03-24 21:50:56
C:\WINDOWS\System32\msrepl40.dll -->2008-03-24 21:50:52
C:\WINDOWS\System32\msrd3x40.dll -->2008-03-24 21:50:50
C:\WINDOWS\System32\msrd2x40.dll -->2008-03-24 21:50:48
C:\WINDOWS\System32\mspbde40.dll -->2008-03-24 21:50:46
C:\WINDOWS\System32\msltus40.dll -->2008-03-24 21:50:44
C:\WINDOWS\System32\msjter40.dll -->2008-03-24 21:50:42
C:\WINDOWS\System32\msjtes40.dll -->2008-03-24 21:50:42
C:\WINDOWS\System32\msjetoledb40.dll -->2008-03-24 21:50:40
C:\WINDOWS\System32\msjet40.dll -->2008-03-24 21:50:34
C:\WINDOWS\System32\msexcl40.dll -->2008-03-24 21:50:30
C:\WINDOWS\System32\msexch40.dll -->2008-03-24 21:50:28
C:\WINDOWS\System32\win32k.sys -->2008-03-19 02:47:00
C:\WINDOWS\System32\mshtml.dll -->2008-03-01 18:36:30
C:\WINDOWS\System32\wininet.dll -->2008-03-01 06:06:32
C:\WINDOWS\System32\pngfilt.dll -->2008-03-01 06:06:30

C:\WINDOWS\mozver.dat -->2008-05-24 11:27:20
C:\WINDOWS\nsreg.dat -->2008-05-24 11:23:48
C:\WINDOWS\WindowsUpdate.log -->2008-05-24 07:52:26
C:\WINDOWS\wiadebug.log -->2008-05-24 03:12:16
C:\WINDOWS\0.log -->2008-05-24 03:12:00
C:\WINDOWS\bootstat.dat -->2008-05-24 03:11:06
C:\WINDOWS\SchedLgU.Txt -->2008-05-24 03:10:12
C:\WINDOWS\wiaservc.log -->2008-05-24 03:10:08
C:\WINDOWS\KB950749.log -->2008-05-24 03:04:26
C:\WINDOWS\imsins.log -->2008-05-24 03:04:26
C:\WINDOWS\ocmsn.log -->2008-05-24 03:04:26
C:\WINDOWS\tsoc.log -->2008-05-24 03:04:26
C:\WINDOWS\ntdtcsetup.log -->2008-05-24 03:04:26
C:\WINDOWS\comsetup.log -->2008-05-24 03:04:26
C:\WINDOWS\iis6.log -->2008-05-24 03:04:26

C:\WINDOWS\System32\wpa.dbl -->2008-05-24 03:13:00
C:\WINDOWS\System32\LVCOMSX.LOG -->2008-05-23 22:11:42
C:\WINDOWS\System32\lsdelete.exe -->2008-05-16 11:58:04
C:\WINDOWS\System32\MRT.exe -->2008-05-09 14:35:04
C:\WINDOWS\System32\FNTCACHE.DAT -->2008-04-08 16:18:54
C:\WINDOWS\System32\msjint40.dll -->2008-03-27 01:12:54
C:\WINDOWS\System32\mswdat10.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\msxbde40.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\mswstr10.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\mstext40.dll -->2008-03-24 21:50:56
C:\WINDOWS\System32\msrepl40.dll -->2008-03-24 21:50:52
C:\WINDOWS\System32\msrd3x40.dll -->2008-03-24 21:50:50
C:\WINDOWS\System32\msrd2x40.dll -->2008-03-24 21:50:48
C:\WINDOWS\System32\mspbde40.dll -->2008-03-24 21:50:46
C:\WINDOWS\System32\msltus40.dll -->2008-03-24 21:50:44
C:\WINDOWS\System32\msjter40.dll -->2008-03-24 21:50:42
C:\WINDOWS\System32\msjtes40.dll -->2008-03-24 21:50:42
C:\WINDOWS\System32\msjetoledb40.dll -->2008-03-24 21:50:40
C:\WINDOWS\System32\msjet40.dll -->2008-03-24 21:50:34
C:\WINDOWS\System32\msexcl40.dll -->2008-03-24 21:50:30
C:\WINDOWS\System32\msexch40.dll -->2008-03-24 21:50:28
C:\WINDOWS\System32\win32k.sys -->2008-03-19 02:47:00
C:\WINDOWS\System32\mshtml.dll -->2008-03-01 18:36:30
C:\WINDOWS\System32\wininet.dll -->2008-03-01 06:06:32
C:\WINDOWS\System32\pngfilt.dll -->2008-03-01 06:06:30

C:\WINDOWS\mozver.dat -->2008-05-24 11:27:20
C:\WINDOWS\nsreg.dat -->2008-05-24 11:23:48
C:\WINDOWS\WindowsUpdate.log -->2008-05-24 07:52:26
C:\WINDOWS\wiadebug.log -->2008-05-24 03:12:16
C:\WINDOWS\0.log -->2008-05-24 03:12:00
C:\WINDOWS\bootstat.dat -->2008-05-24 03:11:06
C:\WINDOWS\SchedLgU.Txt -->2008-05-24 03:10:12
C:\WINDOWS\wiaservc.log -->2008-05-24 03:10:08
C:\WINDOWS\KB950749.log -->2008-05-24 03:04:26
C:\WINDOWS\imsins.log -->2008-05-24 03:04:26
C:\WINDOWS\ocmsn.log -->2008-05-24 03:04:26
C:\WINDOWS\tsoc.log -->2008-05-24 03:04:26
C:\WINDOWS\ntdtcsetup.log -->2008-05-24 03:04:26
C:\WINDOWS\comsetup.log -->2008-05-24 03:04:26
C:\WINDOWS\iis6.log -->2008-05-24 03:04:26

C:\WINDOWS\System32\wpa.dbl -->2008-05-24 03:13:00
C:\WINDOWS\System32\LVCOMSX.LOG -->2008-05-23 22:11:42
C:\WINDOWS\System32\lsdelete.exe -->2008-05-16 11:58:04
C:\WINDOWS\System32\MRT.exe -->2008-05-09 14:35:04
C:\WINDOWS\System32\FNTCACHE.DAT -->2008-04-08 16:18:54
C:\WINDOWS\System32\msjint40.dll -->2008-03-27 01:12:54
C:\WINDOWS\System32\mswdat10.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\msxbde40.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\mswstr10.dll -->2008-03-24 21:50:58
C:\WINDOWS\System32\mstext40.dll -->2008-03-24 21:50:56
C:\WINDOWS\System32\msrepl40.dll -->2008-03-24 21:50:52
C:\WINDOWS\System32\msrd3x40.dll -->2008-03-24 21:50:50
C:\WINDOWS\System32\msrd2x40.dll -->2008-03-24 21:50:48
C:\WINDOWS\System32\mspbde40.dll -->2008-03-24 21:50:46
C:\WINDOWS\System32\msltus40.dll -->2008-03-24 21:50:44
C:\WINDOWS\System32\msjter40.dll -->2008-03-24 21:50:42
C:\WINDOWS\System32\msjtes40.dll -->2008-03-24 21:50:42
C:\WINDOWS\System32\msjetoledb40.dll -->2008-03-24 21:50:40
C:\WINDOWS\System32\msjet40.dll -->2008-03-24 21:50:34
C:\WINDOWS\System32\msexcl40.dll -->2008-03-24 21:50:30
C:\WINDOWS\System32\msexch40.dll -->2008-03-24 21:50:28
C:\WINDOWS\System32\win32k.sys -->2008-03-19 02:47:00
C:\WINDOWS\System32\mshtml.dll -->2008-03-01 18:36:30
C:\WINDOWS\System32\wininet.dll -->2008-03-01 06:06:32
C:\WINDOWS\System32\pngfilt.dll -->2008-03-01 06:06:30

C:\WINDOWS\mozver.dat -->2008-05-24 11:27:20
C:\WINDOWS\nsreg.dat -->2008-05-24 11:23:48
C:\WINDOWS\WindowsUpdate.log -->2008-05-24 07:52:26
C:\WINDOWS\wiadebug.log -->2008-05-24 03:12:16
C:\WINDOWS\0.log -->2008-05-24 03:12:00
C:\WINDOWS\bootstat.dat -->2008-05-24 03:11:06
C:\WINDOWS\SchedLgU.Txt -->2008-05-24 03:10:12
C:\WINDOWS\wiaservc.log -->2008-05-24 03:10:08
C:\WINDOWS\KB950749.log -->2008-05-24 03:04:26
C:\WINDOWS\imsins.log -->2008-05-24 03:04:26
C:\WINDOWS\ocmsn.log -->2008-05-24 03:04:26
C:\WINDOWS\tsoc.log -->2008-05-24 03:04:26
C:\WINDOWS\ntdtcsetup.log -->2008-05-24 03:04:26
C:\WINDOWS\comsetup.log -->2008-05-24 03:04:26
C:\WINDOWS\iis6.log -->2008-05-24 03:04:26

voii les deux rapports prochaine etape
0
Réponse 9 / 16
Utilisateur anonyme
25 mai 2008 à 00:33
réouvre clean

passe l option 2

puis envoi le rapport + un rapport hiajckthis

pour cela

Télécharge HijackThis ici :

-> https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

Tutoriel d´instalation : (Merci a Balltrap34 pour cette réalisation)

-> http://pageperso.aol.fr/balltrap34/Hijenr.gif

Tutoriel d´utilisation (video) : (Merci a Balltrap34 pour cette réalisation)

-> http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

Post le rapport généré ici stp... + le rapport de clean option 2
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 00:42
Clean will delete all those files and folders which are known to be malware.

Environment variable It is recommended, to apply this option after instruction o
f an expert of one the following not defined
Environment variable https://www.malwareremoval.com/ not defined
Environment variable http://www.geekstogo.com/forum/index.php not defined
Environment variable http://ww25.forums.spywareinfo.com/ not defined

This will last some time. Please be patient and wait until you get the message t
hat it's finished.

Press any key to continue . . .

Script executed in Normal Mode
You try to execute the script in Normal Mode, Safe Mode is required.
Press any key to continue . . .

Option 2, Enter

PsKill v1.11 - Terminates processes on local or remote systems
Copyright (C) 1999-2005 Mark Russinovich
Sysinternals - www.sysinternals.com

Unable to kill process C:\WINDOWS\rdt.ini:
Process does not exist.
Deleted file - C:\WINDOWS\rdt.ini
tentative de suppression de C:\WINDOWS\rdt.ini
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
tentative de suppression de "C:\Program Files\GameHouse\"
The directory name is invalid.
tentative de suppression de "C:\Program Files\Uninstall.exe"
tentative de suppression de "C:\Program Files\WareOut\"

Deletion of the registry keys....

Merci de lire ce qui suit
--------------------------

Veuillez svp envoyer le fichier C:\upload_moi_JCL-RG.tar.gz a l'adresse
http://upload.malekal.com
Ce fichier peut contenir des fichiers infectieux collectes sur votre ordinateur
Les fichiers mal detectes seront envoyes aux editeurs d'antivirus

Lorsque vous allez appuyer sur une touche, le site d'envoi de fichiers s'ouvira
Cliquez alors sur le bouton parcourir, selectionner le fichier C:\upload_moi_JCL
-RG.tar.gz (Poste de travail / Disque C / upload_moi.Zip
Cliquez sur le bouton "Envoyer le fichier"

Merci!
Press any key to continue . . .
je continu
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011 > laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 00:47
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:44:33, on 2008-05-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jan Lafleche\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: iCu2 Toolbar - {0a65b163-1d7b-434c-86dd-4afb5d3ba3b4} - C:\Program Files\iCu2\tbiCu1.dll
O2 - BHO: iCu2 Toolbar - {0a65b163-1d7b-434c-86dd-4afb5d3ba3b4} - C:\Program Files\iCu2\tbiCu1.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: iCu2 Toolbar - {0a65b163-1d7b-434c-86dd-4afb5d3ba3b4} - C:\Program Files\iCu2\tbiCu1.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O18 - Protocol: bw+0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {25FAADD8-59D5-4E75-AD3E-B74A8F5A1202} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 10 / 16
Utilisateur anonyme
25 mai 2008 à 00:43
OUI continue
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 00:49
wow c des rapport ca lollllllll
0
Réponse 11 / 16
Utilisateur anonyme
25 mai 2008 à 00:50
MERCI LOGITECH ;;;...........

ferme hijackthis

réouvre le
fais scan only
coches toute les lignes 016 et 018

clic sur fix checked

ensuite refais un scan do a system scan and save a logfile

puis post le nouveau rapport
0
Réponse 12 / 16
Utilisateur anonyme
25 mai 2008 à 00:50
cf post 20
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 01:06
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:55, on 2008-05-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jan Lafleche\Desktop\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ca.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: iCu2 Toolbar - {0a65b163-1d7b-434c-86dd-4afb5d3ba3b4} - C:\Program Files\iCu2\tbiCu1.dll
O2 - BHO: iCu2 Toolbar - {0a65b163-1d7b-434c-86dd-4afb5d3ba3b4} - C:\Program Files\iCu2\tbiCu1.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: iCu2 Toolbar - {0a65b163-1d7b-434c-86dd-4afb5d3ba3b4} - C:\Program Files\iCu2\tbiCu1.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 13 / 16
Utilisateur anonyme
25 mai 2008 à 01:12
ton pc n est plus infecté

supprime lignes inutiles aussi

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')


ensuite suis cette procédure :

Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.


? Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.


http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

? Double clique sur ToolsCleaner2.exe >
? Clique sur .Recherche
? puis sur Suppression quand la liste est trouvée.
? Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau

Tuto : https://www.commentcamarche.net/list 8341 toolscleaner suppression des fix de force brute ( merci espion3004 )
0
Réponse 14 / 16
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 01:15
dis moi avons nous terminer si oui un gros gros merci a toi tu es super chiquitine
0
Réponse 15 / 16
Utilisateur anonyme
25 mai 2008 à 01:16
oui c est fini

il te reste toolcleaner a faire pour supprimer les fix
0
laigre2002 Messages postés 76 Date d'inscription lundi 6 août 2007 Statut Membre Dernière intervention 21 juillet 2011
25 mai 2008 à 01:29
-->- Recherche:

C:\Documents and Settings\All Users\Desktop\Navilog1.lnk: trouvé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1: trouvé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Jan Lafleche\Desktop\Clean.zip: trouvé !
C:\Documents and Settings\Jan Lafleche\Desktop\Navilog1.exe: trouvé !
C:\Documents and Settings\Jan Lafleche\Desktop\HijackThis.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Desktop\Navilog1.lnk: supprimé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Jan Lafleche\Desktop\Clean.zip: supprimé !
C:\Documents and Settings\Jan Lafleche\Desktop\Navilog1.exe: supprimé !
C:\Documents and Settings\Jan Lafleche\Desktop\HijackThis.exe: ERREUR DE SUPPRESSION !!
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Documents and Settings\All Users\Start Menu\Programs\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !

voila le rapport dis moi en meme temps quelle logiciel est le meilleur et que j'ai besoin pour proteger mon pc et qu'est que tu me conseil s.v.p merciiiiiiii
0
Réponse 16 / 16
Utilisateur anonyme
25 mai 2008 à 01:31
j ete conseil de garder malewarebyte

de désisnatller norton

pour le désinstaller proprement utiise cet outil

http://www.commentcamarche.net/faq/sujet 7367 desinstaller proprement liens et astuces

et instal antivir

telecharge et instales l'antivirus Antivir Personal Edition Classic :

->https://www.malekal.com/avira-free-security-antivirus-gratuit/

https://www.avira.com/en/prime

http://mickael.barroux.free.fr/securite/antivir.php
http://speedweb1.free.fr/frames2.php?page=tuto5


Si tu es satisfait de mon intervention

et que tu n as plus de probleme

change le statut du sujet en résolu stp

pour cela va en haut sur ta premiere question et la tu as le choix
0