Sujet Précédent Sujet Suivant

Probleme virus

Terhannor -  
geoffrey5 Messages postés 14008 Statut Contributeur sécurité -
Bonjour,

J'ai un problème de virus selon mon ordinateur qui m'affiche des pop-ups disant qu'il est infectéCependant, ce sont des fentres de windows security et non de l'anti-virus qui lui ne trouve rien. J'ai lancé ad-aware et ait éliminer pas mal de tracking cookies et d'autres fichiers non désirés... J'ai également sur mon bureau des icones qui apparaissent soit avec des images pornographiques soit d'autres images. Lorsque je les supprime elles reviennent dans les minutes qui suivent....

Merci de votre aide

Terhannor
A voir également:

62 réponses

Précédent
Réponse 21 / 62
Utilisateur anonyme
 
pour te montrer qu'en faisant une analyse au lieu d'un passage vite fait de l'oeil tu aurais du commencer par smitfraudfix :)
0
Réponse 22 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Salut tenshi !!

chaques choses en son temps ;)
0
Réponse 23 / 62
Terhannor
 
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 879

00:13:05 23/06/2008
mbam-log-6-23-2008 (00-13-05).txt

Type de recherche: Examen complet (D:\|)
Eléments examinés: 52431
Temps écoulé: 41 minute(s), 41 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 63
Fichier(s) infecté(s): 159

Processus mémoire infecté(s):
C:\Program Files\VAV\vav.exe (Rogue.VistaAntivirus2008) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\xvorfwbd.dll (Trojan.FakeAlert) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware370 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{49586bc7-f044-4ab4-9317-f87bfbccff7b} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{12ef5cdc-bfab-4334-8d12-0db4e738fc69} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webvideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0ffd6638-e9d2-4f0b-bc8e-7aac2f4ba497} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ffd6638-e9d2-4f0b-bc8e-7aac2f4ba497} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vrmdtneg.btbo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\vrmdtneg.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo (Trojan.Fakealert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Antivirus (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Antivirus (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xvorfwbd (Trojan.FakeAlert) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{12ef5cdc-bfab-4334-8d12-0db4e738fc69} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\bin (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\icons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_6 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_7 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_8 (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Paroles (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Recherche_de_musique (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Telechargement (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Starware370\Starware370Config.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\Starware370Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\bin\Starware370.dll (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\Starware370\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\4.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sex1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sex2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\VAV\vav.cpl (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Program Files\VAV\vav.exe (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Program Files\VAV\vav0.dat (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Program Files\VAV\vav1.dat (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\563_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\572_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\573_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_60.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_60.bmp_new (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_70.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_70.bmp_new (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_80.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\Button_80.bmp_new (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware370\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Itzel.NOM-EB85C523610\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_8\Button_8Options.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Button_8\Button_8Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Paroles\ParolesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Paroles\ParolesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Radio_FR\Radio_FROptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Radio_FR\Radio_FROptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Recherche_de_musique\Recherche_de_musiqueOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Telechargement\TelechargementOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Telechargement\TelechargementOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Propriétaire\Application Data\Starware370\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sex1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sex2.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vav.cpl (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\etc\hosts.prev (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\xvorfwbd.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\vrmdtneg.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\neltabxw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\ksendlbtobt.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Ricardo (non admin)\Bureau\Vista Antivirus 2008.lnk (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\carlton (Dialer) -> Quarantined and deleted successfully.
0
Réponse 24 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
ok...refais un hijackthis pour vérifier stp
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 62
мÄÐ
 
Pirates de comptes World Of Warcraft.
https://eu.battle.net/support/fr/games/wow

91.121.124.125 ; dédié ns6821.ovh.net chez OVH Paris.
http://www.ovh.com/fr/particulier/espaceclients/documents_legaux/contenu_illicite.cgi
0
Terhannor
 
je ne pirates pas de compte wow simplement je joue sur serveur offi et serveur privé en même temps ;)
0
Réponse 26 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
tu as refais un nouveau rapport hijackthis terhannor ??
0
Réponse 27 / 62
Terhannor
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:24:15, on 23/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\devnz\gbpvr\GBPVRRecordingService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\DOCUME~1\RICARD~1\LOCALS~1\Temp\Répertoire temporaire 5 pour HiJackThis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.neuf.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.124.125 eu.logon.worldofwarcraft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Fichiers communs\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GB-PVR Recording Service - - C:\Program Files\devnz\gbpvr\GBPVRRecordingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 28 / 62
Terhannor
 
ps: les icones du bureau ne se barrent toujours pas :s
0
Réponse 29 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
réessaye de les supprimer...

je ne vois plus d infections dans ton rapport, tu peux faire ceci :

relance hijackthis en cliquant sur scan only et coches ces lignes :

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

ensuite cliques sur fix checked.

ensuite :

Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques :

Télécharge le http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe sur ton Bureau.
* Double-clique sur ToolsCleaner2.bat et laisse le travailler
* Clique sur Recherche et laisse le scan se terminer.
* Clique sur Suppression pour finaliser.
* Tu peux, si tu le souhaites, te servir des Options facultatives.
* Clique sur Quitter, pour que le rapport puisse se créer.
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse
0
Réponse 30 / 62
Utilisateur anonyme
 
1/ telecharger :

http://siri.urz.free.fr/Fix/SmitfraudFix.php

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes.
0
Réponse 31 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
il n a plus d infections tenshi !
0
Réponse 32 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
Si elles ne veulent toujours pas se supprimer, essaye en mode sans échec
0
Réponse 33 / 62
Terhannor
 
je n'arrive pas à me servir de toolscleaner le programme arrête de répondre à chaque fois que je fais rechercher... :s
0
Réponse 34 / 62
Terhannor
 
sinon les icones sont partis :)
0
Réponse 35 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
:s bizarre...essais ceci :

Télécharge Clean:

-> http://www.malekal.com/download/clean.zip

-> Dézippe tout le contenu dans un dossier que tu auras cré au préalable (sur ton bureau par exemple). Double clic sur clean ou clean.cmd choisie l'option 1.

Un rapport va s'ouvrir, copie et colle le contenu sur le forum.
0
Réponse 36 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
tu as bien enregistré toolscleaner2 sur ton bureau ??

parce que je viens d essayer et il marche tres bien
0
Réponse 37 / 62
Terhannor
 
oui ...

le rapport me dit Veuillez svp envoyer le fichier X à l'adresse Y. Ce fichier peut contenir des fichiers infectieux collectés sur votre ordinatuer. Les fichiers mal détéctés seront envoyés aux éditeurs d'antivirus.
apres ils expliquent comment l'envoyer ce que j'ai fait.
0
Réponse 38 / 62
geoffrey5 Messages postés 14008 Statut Contributeur sécurité 10
 
y a pas un rapport qui s est affiché??

et est ce que tu as bien enregistré toolscleaner2 sur ton bureau ??

parce que je viens d essayer et il marche tres bien
0
Réponse 39 / 62
Terhannor
 
aucun rapport ne s'est affiché et oui j'ai bien toolscleaner sur mon bureau, je viens de réessayer et il ne répond pas lorsque je le met en route
0
Réponse 40 / 62
Utilisateur anonyme
 
https://www.malekal.com/supprimer-virus-desinfecter-pc/#mozTocId711944
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses