Sujet Précédent Sujet Suivant

Désinstallation de XP antivirus 2008

Fermé
thekhilha Messages postés 13 Date d'inscription samedi 6 septembre 2008 Statut Membre Dernière intervention 7 septembre 2008 - 6 sept. 2008 à 11:23
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 - 7 sept. 2008 à 15:02
Bonjour,

Un mauvais clic, et me voila depuis un mois harcelé quotidiennement par ce pseudo antivirus qu'est XP antivirus 2008.

Ayant des capacités proches de celles de la quiche pour soulager mon ordi de ce mal qui le ronge, (et moi avec), pourriez vous me donner les étapes à suivre pour me débarrasser définitivement de cet encombrant protecteur.

Merci à tous
A voir également:

24 réponses

Précédent
  • 1
  • 2
Réponse 21 / 24
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
7 sept. 2008 à 03:36
Salut !!

Tu es vraiment infesté en voyant ton rapport de malwarebytes :s

Tu n as aplliqué d action : No action taken

vas dans la quarantaine de malwarebytes et supprimes tout ce qu il y a dedans..

ensuite refais un nouveau rapport hijackthis
0
Réponse 22 / 24
thekhilha Messages postés 13 Date d'inscription samedi 6 septembre 2008 Statut Membre Dernière intervention 7 septembre 2008
7 sept. 2008 à 12:55
bonjour geoffrey, voici le rapport de malaware :

Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1119
Windows 5.1.2600 Service Pack 2

07/09/2008 12:54:13
mbam-log-2008-09-07 (12-54-13).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 212081
Temps écoulé: 1 hour(s), 53 minute(s), 0 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 78
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 27
Fichier(s) infecté(s): 99

Processus mémoire infecté(s):
C:\Program Files\ISTsvc\istsvc.exe (Adware.ISTBar) -> Unloaded process successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe (Rogue.XPAntivirus) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\msvbcr40.dll (Trojan.BHO) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\browserhelperobject.bahelper (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{d0288a41-9855-4a9b-8316-babe243648da} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{339d8aff-0b42-4260-ad82-78ce605a9543} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3fdd654-a057-4971-9844-4ed8e67dbbb8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a3fdd654-a057-4971-9844-4ed8e67dbbb8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browserhelperobject.bahelper.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dyfuca_bh.bhobj (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cea206e8-8057-4a04-ace9-ff0d69a92297} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dyfuca_bh.bhobj.1 (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dyfuca_bh.sinkobj (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dyfuca_bh.sinkobj.1 (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\labelcommand.labelcommand.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sidefind.finder (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{58634367-d62b-4c2c-86be-5aac45cdb671} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a36a5936-cfd9-4b41-86bd-319a1931887f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8cba1b49-8144-4721-a7b1-64c578c9eed7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{8cba1b49-8144-4721-a7b1-64c578c9eed7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sidefind.finder.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\windows.windows (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\windows.windows.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2ab289ae-4b90-4281-b2ae-1f4bb034b647} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{86227d9c-0efe-4f8a-aa55-30386a3f5686} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0494d0d0-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d4-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d6-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0da-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0dc-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{014da6cd-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494d0d1-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d2-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d3-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d5-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d7-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0494d0db-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00000010-6f7d-442c-93e3-4a4827c2e4c8} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000010-6f7d-442c-93e3-4a4827c2e4c8} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7} (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8} (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{10e42047-deb9-4535-a118-b3f6ec39b807} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SideFind (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Casino Tropez (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ISTsvc (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Sidefind (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SideFind (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IST (Trojan.ISTBar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\LoaderX.EXE (Adware.Winad) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SoftLand Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\saap (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSEM Update (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879fa4-4790-461c-a1cc-4ec4de4ca483} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{59879fa4-4790-461c-a1cc-4ec4de4ca483} (Adware.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2756bad7-2f9f-47ef-ae6d-8d39cceb396f} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0494d0d9-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\saap (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ist service (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\s9201 (Rogue.XPAntivirus) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\180solutions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Data (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Downloads (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Incomplete (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\bak (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\FLEOK (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\ParisVoyeur (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\ISTsvc (Adware.ISTBar) -> Delete on reboot.
C:\Program Files\ISTsvc\bak (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\SideFind (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\SideFind\update (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\YourSiteBar (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\BASE (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\DELETED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\SAVED (Rogue.XPAntivirus) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\MDM.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\SideFind\sfbho.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\wsem303.dll (Adware.NetOptimizer) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\services\services.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\SideFind\sidefind.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msvbcr40.dll (Trojan.BHO) -> Delete on reboot.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\nem220.dll (Adware.NetOptimizer) -> Quarantined and deleted successfully.
C:\Program Files\Media Access\MediaAccess.exe (Adware.Winad) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP628\A0275669.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP628\A0276676.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP628\A0276687.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP628\A0276694.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP628\A0276704.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP628\A0276711.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP629\A0276715.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP629\A0276725.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP630\A0276741.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP630\A0276748.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP631\A0277749.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP631\A0277757.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP632\A0277829.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP632\A0277906.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F52AFF6A-D3C5-474B-930A-91214A130311}\RP632\A0277916.EXE (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ide21201.vxd (Adware.Winad) -> Quarantined and deleted successfully.
C:\Program Files\180solutions\sais.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\180solutions\sais.log (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Data\SearchKeys.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Downloads\dont forget me.mp3 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Downloads\Pink - Just Like A Pill.zip (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Downloads\Rolling Stones - angie.mp3 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Incomplete\dont forget me.mp3 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Incomplete\Pink - Just Like A Pill.zip (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Incomplete\Rolling Stones - angie.mp3 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\saap.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\saap.log (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\saapau.dat (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\saaphook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\saap_gdf.dat (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\saap_kyf.dat (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\2 find mp3\Partner\bak\saap.exe (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\14.03399 (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\ParisVoyeur\ParisVoyeur.exe (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\Montorgueil\ParisVoyeur\ParisVoyeur.ico (Dialer) -> Quarantined and deleted successfully.
C:\Program Files\ISTsvc\istsvc.exe (Adware.ISTBar) -> Delete on reboot.
C:\Program Files\SideFind\sfexd001 (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\SideFind\update\sidefind.exe (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\YourSiteBar\imagemap_normal.bmp (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\YourSiteBar\version.txt (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\YourSiteBar\yoursitebar.xml (Adware.ISTBar) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYWAYPLUGINPROXY.CLASS (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER.BMP (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER2.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER3.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER4.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER5.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\PARTNER6.DAT (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00167CB6 (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\006891A7 (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\0074B820 (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\009776C7 (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00A053A3.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00A05578.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\00A056C0.bin (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Cache\files.ini (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\History\search (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\av2008xp.exe (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080815125435512.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080816105756093.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080816114625484.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080816154331062.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080816170256906.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080817122855468.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080817160200281.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080818101833843.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080818104606218.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080818130853234.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080902192242000.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080903181403390.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080904101927796.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080904135409156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080905015548765.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080905102603140.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080906104600937.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080906123653156.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080906133130953.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080906135342593.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080906141537859.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080907020009671.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SoftLand Ltd\Antivirus 2008 XP\LOG\20080907105255531.log (Rogue.XPAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\osmim.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okshook.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\WINDOWS\SVCHOST.INI (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
0
Réponse 23 / 24
thekhilha Messages postés 13 Date d'inscription samedi 6 septembre 2008 Statut Membre Dernière intervention 7 septembre 2008
7 sept. 2008 à 13:08
et voici le rapport de hijack apres redémarrage de mon ordi, une fois purifié de toutes ses impuretés :

(je pense que ca a marché, depuis, je n'ai plus aucune ouverture intempestive de fenetre ou d'antivirus XP qui s'ouvre toutes les 5 sec., mille merci cher geoffrey pour tous ces judicieux conseils donnés et ce temps passé à m'aider ; si un jour je peux te rendre la pareil, ce sera avec grand plaisir, bonne journée)




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:05:04, on 07/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\NICOLAS\Bureau\test.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - C:\Program Files\iMesh\iMesh5\iMeshBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [itafenmb] C:\WINDOWS\itafenmb.exe
O4 - HKLM\..\Run: [OSS] c:\windows\system32\rk.exe -boot
O4 - HKLM\..\Run: [Cr2er] C:\WINDOWS\eakmo.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Xjrekh] C:\Program Files\Qfrf\Fnprhd.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Á³#  L"h'þ9Óœð3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\eakmo.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Á³#  G"h'þ9Óœû3rÅWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\eakmo.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://ecpase-preso.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: bw+0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {AB837804-30B8-4262-8706-5A4D45897FF4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - AppInit_DLLs:
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\nvc\BIN\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\NVC\BIN\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\nvc\BIN\NVCSCHED.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
0
Réponse 24 / 24
geoffrey5 Messages postés 13732 Date d'inscription dimanche 20 mai 2007 Statut Contributeur sécurité Dernière intervention 21 mai 2010 10
7 sept. 2008 à 15:02
Salut !!

mais de rien, c est avec plaisir que je t aide ;-)

c est déjà bien que tu n as plus de pubs mais ton pc est encore infesté en voyant ton rapport...

fais ceci stp :

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau à cette adresse :

(c est le numéro 6 en bas de la page) : https://www.androidworld.fr/


* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses