Rapport Desinfection
FULL38
Messages postés
17
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
J'avais des virus sur mon pc et j'ai voulu le desinfecter en suivant ce tuto:
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
Et a la fin c'est ecrit de poster ses trois rapport je les poste donc pour que qqun puisse me dire si mon pc est encore infecté:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 13:58:11 24/07/2008
+ Résultat de l'analyse:
C:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP110\A0045552.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\Program Files\GTA SA - Tuning Édition\hlm-intro.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP100\A0041338.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP82\A0036874.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP87\A0038410.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP123\A0053130.exe -> Not-A-Virus.BadJoke.MSIL.Agent.s : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.55:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
D:\Documents and Settings\florian\Cookies\florian@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.61:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.54:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.59:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.44:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\florian\Cookies\florian@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.56:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.35:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.36:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.37:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.38:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.43:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.45:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.46:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.47:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Thu, Jul 24, 2008 - 16:00:06
Scan path: C:\;D:\;E:\;F:\;G:\;
Statistics
Time 01:58:52
Files 637170
Folders 11543
Boot Sectors 6
Archives 12751
Packed Files 30144
Results
Identified Viruses 7
Infected Files 13
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 12
Engines Info
Virus Definitions 1385230
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 43
Unpack plugins 7
E-mail plugins 6
System plugins 5
Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes
Scanned File Status
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP31\A0015824.exe Infected with: Trojan.Generic.366267
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP31\A0015824.exe Deleted
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Detected with: Adware.Generic.29279
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Disinfection failed
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Delete failed
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001 Detected with: Adware.Shopper.O
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001 Deleted
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o) Update failed
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047157.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047157.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047163.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047163.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o)=>lzma_nsis0001 Detected with: Adware.Shopper.O
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o)=>lzma_nsis0001 Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o) Update failed
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050314.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050314.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050315.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050315.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050338.dll Detected with: Adware.Zango.SI
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050338.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050339.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050339.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051655.dll Detected with: Adware.Zango.SI
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051655.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051656.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051656.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP18\A0006158.exe Detected with: Adware.Shopper.N
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP18\A0006158.exe Deleted
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:45, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\DNA\btdna.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: adzgalore - {0844d43f-9196-4c14-25a6-e1888cf96117} - D:\WINDOWS\system32\nsn21A.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: DNSEred - {4e3da8a6-8067-af5b-81ab-423acbca22c3} - D:\WINDOWS\system32\iednser.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sXe Injected] D:\Program Files\sXe Injected\sXe Injected.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "D:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - D:\Program Files\WinPcap\rpcapd.exe
J'avais des virus sur mon pc et j'ai voulu le desinfecter en suivant ce tuto:
http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
Et a la fin c'est ecrit de poster ses trois rapport je les poste donc pour que qqun puisse me dire si mon pc est encore infecté:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 13:58:11 24/07/2008
+ Résultat de l'analyse:
C:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP110\A0045552.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\Program Files\GTA SA - Tuning Édition\hlm-intro.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP100\A0041338.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP82\A0036874.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP87\A0038410.exe -> Backdoor.Hupigon.kg : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP123\A0053130.exe -> Not-A-Virus.BadJoke.MSIL.Agent.s : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.55:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
D:\Documents and Settings\florian\Cookies\florian@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.61:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.54:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.59:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.44:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\florian\Cookies\florian@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.56:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.35:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.36:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.37:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.38:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.43:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.45:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.46:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.47:D:\Documents and Settings\flo\Application Data\Mozilla\Firefox\Profiles\uvcx2hk0.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
BitDefender Online Scanner
Scan report generated at: Thu, Jul 24, 2008 - 16:00:06
Scan path: C:\;D:\;E:\;F:\;G:\;
Statistics
Time 01:58:52
Files 637170
Folders 11543
Boot Sectors 6
Archives 12751
Packed Files 30144
Results
Identified Viruses 7
Infected Files 13
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 12
Engines Info
Virus Definitions 1385230
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 43
Unpack plugins 7
E-mail plugins 6
System plugins 5
Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes
Scanned File Status
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP31\A0015824.exe Infected with: Trojan.Generic.366267
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP31\A0015824.exe Deleted
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Detected with: Adware.Generic.29279
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Disinfection failed
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll Delete failed
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001 Detected with: Adware.Shopper.O
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o)=>lzma_nsis0001 Deleted
D:\Program Files\ShoppingReport\Uninst.exe=>(NSIS o) Update failed
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047157.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047157.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047163.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP115\A0047163.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o)=>lzma_nsis0001 Detected with: Adware.Shopper.O
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o)=>lzma_nsis0001 Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP118\A0050240.exe=>(NSIS o) Update failed
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050314.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050314.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050315.exe Detected with: Adware.Generic.18739
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP119\A0050315.exe Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050338.dll Detected with: Adware.Zango.SI
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050338.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050339.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP120\A0050339.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051655.dll Detected with: Adware.Zango.SI
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051655.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051656.dll Detected with: Adware.Zango.AN
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP122\A0051656.dll Deleted
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP18\A0006158.exe Detected with: Adware.Shopper.N
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP18\A0006158.exe Deleted
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:45, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\DNA\btdna.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: adzgalore - {0844d43f-9196-4c14-25a6-e1888cf96117} - D:\WINDOWS\system32\nsn21A.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: DNSEred - {4e3da8a6-8067-af5b-81ab-423acbca22c3} - D:\WINDOWS\system32\iednser.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sXe Injected] D:\Program Files\sXe Injected\sXe Injected.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "D:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - D:\Program Files\WinPcap\rpcapd.exe
A voir également:
- Rapport Desinfection
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Acheter un rapport de stage - Forum Programmation
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
5 réponses
Salut,
Telecharge malwarebytes
-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Telecharge malwarebytes
-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
et voila mon rapport:
Malwarebytes' Anti-Malware 1.23
Version de la base de données: 986
Windows 5.1.2600 Service Pack 3
17:39:53 24/07/2008
mbam-log-7-24-2008 (17-39-53).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 168064
Temps écoulé: 47 minute(s), 53 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
D:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Adware.Agent) -> Delete on reboot.
D:\Program Files\Mozilla Firefox\components\nsdnser.dll (Adware.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalorednhelper (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0844d43f-9196-4c14-25a6-e1888cf96117} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0844d43f-9196-4c14-25a6-e1888cf96117} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e3da8a6-8067-af5b-81ab-423acbca22c3} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e3da8a6-8067-af5b-81ab-423acbca22c3} (Adware.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
D:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
D:\WINDOWS\system32\wvUoNETm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\mTENoUvw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\mTENoUvw.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP74\A0036198.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Adware.Agent) -> Delete on reboot.
D:\Program Files\Mozilla Firefox\components\nsdnser.dll (Adware.Agent) -> Delete on reboot.
D:\WINDOWS\system32\adzgalore-remove.exe (Adware.BHO) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\AdzgaloreDNHelper-uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\hgGyyvTj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\BMbf424b57.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\BMbf424b57.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\nsn21A.dll (Adware.BHO) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\iednser.dll (Adware.BHO) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.23
Version de la base de données: 986
Windows 5.1.2600 Service Pack 3
17:39:53 24/07/2008
mbam-log-7-24-2008 (17-39-53).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 168064
Temps écoulé: 47 minute(s), 53 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 35
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 22
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
D:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Adware.Agent) -> Delete on reboot.
D:\Program Files\Mozilla Firefox\components\nsdnser.dll (Adware.Agent) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalorednhelper (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0844d43f-9196-4c14-25a6-e1888cf96117} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0844d43f-9196-4c14-25a6-e1888cf96117} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e3da8a6-8067-af5b-81ab-423acbca22c3} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4e3da8a6-8067-af5b-81ab-423acbca22c3} (Adware.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
D:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Bin\2.5.0 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
D:\WINDOWS\system32\wvUoNETm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\mTENoUvw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\mTENoUvw.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{DDAB50C6-7FE5-4325-B1D6-A7FD92998F91}\RP74\A0036198.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Documents and Settings\florian\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
D:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Adware.Agent) -> Delete on reboot.
D:\Program Files\Mozilla Firefox\components\nsdnser.dll (Adware.Agent) -> Delete on reboot.
D:\WINDOWS\system32\adzgalore-remove.exe (Adware.BHO) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\AdzgaloreDNHelper-uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\hgGyyvTj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\BMbf424b57.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\BMbf424b57.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\nsn21A.dll (Adware.BHO) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\iednser.dll (Adware.BHO) -> Quarantined and deleted successfully.
redémarre le pc si ça n a pas été fait
réouvre malewarebyte
va sur quarantaine
supprime tout
post un nouveau rapport hijackthis et dis tes soucis stp
réouvre malewarebyte
va sur quarantaine
supprime tout
post un nouveau rapport hijackthis et dis tes soucis stp
le hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:49:59, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\DNA\btdna.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sXe Injected] D:\Program Files\sXe Injected\sXe Injected.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "D:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - D:\Program Files\WinPcap\rpcapd.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:49:59, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\DNA\btdna.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [sXe Injected] D:\Program Files\sXe Injected\sXe Injected.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "D:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - D:\Program Files\WinPcap\rpcapd.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
désinstal java car pas a jours et telecharge et instal cette version :
https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe
idem pour adobe reader :http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe
internet n est pas a jours (faille de sécurité) telecharge et instal la version 7 :
ftp://ftp.telecharger.com/01net/IE7Setup.exe
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/13198.html
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
https://www.avast.com/fr-fr/uninstall-utility
ensuite :
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-> L´installer.
-> Une fois installé et lancé :
Dans la colonne de gauche, click sur :
->"registre" :
Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.
ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.
->"nettoyeur"
quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.
-> Tutoriel en image :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
ensuite :
Télecharge et instal AVG anti spyware:
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
instal le et met le a jours
ensuite lance le scan et supprime
puis poste le rapport sur le forum stp
Tuto : https://kerio.probb.fr/t387-tuto-avg-anti-spyware-anti-spyware
ensuite :
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe
idem pour adobe reader :http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe
internet n est pas a jours (faille de sécurité) telecharge et instal la version 7 :
ftp://ftp.telecharger.com/01net/IE7Setup.exe
regarde ceci concernant avast :
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/13198.html
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
https://www.avast.com/fr-fr/uninstall-utility
ensuite :
-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-> L´installer.
-> Une fois installé et lancé :
Dans la colonne de gauche, click sur :
->"registre" :
Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.
ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.
->"nettoyeur"
quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.
-> Tutoriel en image :
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
ensuite :
Télecharge et instal AVG anti spyware:
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
instal le et met le a jours
ensuite lance le scan et supprime
puis poste le rapport sur le forum stp
Tuto : https://kerio.probb.fr/t387-tuto-avg-anti-spyware-anti-spyware
ensuite :
* pour supprimer les outils/fix utilisés :
Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
