Pub cdi - Page 2

Résolu
Précédent
  • 1
  • 2
  1. plm69 Messages postés 532 Statut Membre 17
     
    Ta supprimé tout les virus que mbam a trouvé^^
    0
    1. kuster Messages postés 378 Statut Membre 1
       
      merci plm69,je ne c'est pas si chiquitine es encore la je doit reconaitre qui a de la patience avec moi
      0
  2. Utilisateur anonyme
     
    réouvre malewarebyte
    va sur quarantaine
    supprime tout

    refais un scan hijackthis (do a system scan and save a logfile) et post le rapport
    0
    1. kuster Messages postés 378 Statut Membre 1
       
      Malwarebytes' Anti-Malware 1.23
      Version de la base de données: 1000
      Windows 5.1.2600 Service Pack 2

      10:42:30 28/07/2008
      mbam-log-7-28-2008 (10-42-30).txt

      Type de recherche: Examen complet (C:\|D:\|)
      Eléments examinés: 101397
      Temps écoulé: 27 minute(s), 16 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 30
      Valeur(s) du Registre infectée(s): 4
      Elément(s) de données du Registre infecté(s): 1
      Dossier(s) infecté(s): 30
      Fichier(s) infecté(s): 61

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ca356d79-679b-4b4c-8e49-5af97014f4c1} (Adware.Starware) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Dossier(s) infecté(s):
      C:\Program Files\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354 (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\contexts (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354 (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Configurator (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Manager (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\RecipeSearch_Foreign (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Recipes_Foreign (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\gmmuowcc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\ccwoummg.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\jwyehypm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\mpyheywj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
      C:\VundoFix Backups\ytjjkori.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes.png (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.png (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
      C:\Documents and Settings\lolo\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
      0
  3. Utilisateur anonyme
     
    refais un scan hijackthis et post le rapport stp

    c est a dire :

    double clic sur hijackthis

    clic sur do a system scan and save a logfile

    copie colle le rapport dans ta prochaine reponse
    0
    1. kuster Messages postés 378 Statut Membre 1
       
      je t'assure que c'est ce que j'ai fait mais quand je copie colle il met autre rapport!!!!
      0
    2. kuster Messages postés 378 Statut Membre 1
       
      es ce que j'ai reussie?
      0
  4. kuster Messages postés 378 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:11:03, on 28/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\windows\System32\smss.exe
    C:\windows\system32\winlogon.exe
    C:\windows\system32\services.exe
    C:\windows\system32\lsass.exe
    C:\windows\system32\svchost.exe
    C:\windows\System32\svchost.exe
    C:\windows\system32\spoolsv.exe
    C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
    C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
    C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
    C:\windows\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\windows\system32\nvsvc32.exe
    C:\windows\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
    C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
    C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\windows\system32\ctfmon.exe
    C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
    C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\lolo\Bureau\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://account.live.com/ResetPassword.aspx?mkt=FR-FR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: NavigationEnhancer - {391C0909-C026-3B63-FFDB-93FFF4E81675} - C:\Program Files\NavigationEnhancer\NavigationEnhancer-2.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Search - ?p=ZN
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb103\res\DealioSearch.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    réouvre hijckthis
    fais scan only
    coches ces lignes :

    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u1-windows-­i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/s­wflash.cab

    tu les coches et tu clic sur fix checked

    ensuite désinstal java car pas a jours et telecharge et instal cette version :

    https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe

    désinstal adobe reader car pas a jours et telecharge et instal cette version :

    http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe

    ensuite :

    > Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

    -> L´installer.

    -> Une fois installé et lancé :

    Dans la colonne de gauche, click sur :

    ->"registre" :

    Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

    ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

    ->"nettoyeur"

    quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

    -> Tutoriel en image :

    https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

    ensuite :

    * pour supprimer les outils/fix utilisés :

    Télécharge ToolsCleaner sur ton bureau.
    -->
    ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
    http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    http://pc-system.fr/

    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    0
    1. kuster Messages postés 378 Statut Membre 1
       
      je scane avec tools cleaner
      0
    2. kuster Messages postés 378 Statut Membre 1
       
      -->- Recherche:

      C:\Lop SD: trouvé !
      C:\Vundofix backups: trouvé !
      C:\Documents and Settings\lolo\Bureau\HijackThis.exe: trouvé !
      C:\Documents and Settings\lolo\Recent\HijackThis.lnk: trouvé !
      C:\Program Files\Navilog1: trouvé !
      C:\Program Files\Navilog1\Navilog1.bat: trouvé !

      ---------------------------------
      -->- Suppression:

      C:\Documents and Settings\lolo\Bureau\HijackThis.exe: supprimé !
      C:\Documents and Settings\lolo\Recent\HijackThis.lnk: supprimé !
      C:\Program Files\Navilog1\Navilog1.bat: supprimé !
      C:\Lop SD: supprimé !
      C:\Vundofix backups: supprimé !
      C:\Program Files\Navilog1: supprimé !
      0
  7. Utilisateur anonyme
     
    oui c est parfait

    toujours des soucis ou c est bon
    0
    1. kuster Messages postés 378 Statut Membre 1
       
      pour l'instant ça va je te remercie en attendant pour ton temps et ta patience ,je trouve super ce que vous faites pour nous aider,merci encore a tous en particulier a toi chiquitine29
      0
  8. Utilisateur anonyme
     
    ok de rien pas de soucis

    met résolu stp
    0
  9. kuster Messages postés 378 Statut Membre 1
     
    MERCI kuster
    0
Précédent
  • 1
  • 2