Sujet Précédent Sujet Suivant

Probleme publicités mobiswing ect

Fermé
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008 - 9 nov. 2008 à 19:57
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008 - 10 nov. 2008 à 18:45
Bonjour a tous,

Je vous demande un peu d'aide svp car j'ai déja réaliser plein de rapport hijackthis et malwarebytes et j'ai toujours ce probleme itempestif de publicité mobiswing... et htpp404 ainsi que des programmes d'erreur ect...
ma dernière analyse de maintenant hijackthis est la suivante:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:44:43, on 09/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Secured IE\secp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\romain\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtor1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: torrent_search Toolbar - {f14b0ccd-aa41-4406-ab68-c5de9d85b4a3} - C:\Program Files\torrent_search\tbtor1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\SECURE~1\secp.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\TVCenter Pro\LaunchList2.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\Hide IP Platinum\hideippla.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: ENJOY Plus!.lnk = C:\Program Files\ENJOY Plus!\ENJOY Plus!.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPO\TempoSVC.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:

32 réponses

  • 1
  • 2
Réponse 1 / 32
Utilisateur anonyme
9 nov. 2008 à 20:00
Salut,

installe NAVILOG1


Remarque concernant la détection de Navilog1 par certains programmes de sécurités :

Certains fichiers de Navilog1.exe peuvent être considérés comme dangereux et donc supprimés ou neutralisés par certains programmes de sécurités. Ce sont des faux positifs et dans certains cas, vous serez amener à désactiver votre protection le temps du téléchargement/utilisation de Navilog1.
/ !\ Déconnecte toi du net et désactive ton antivirus et antispyware résident pour que Navilog1 puisse s'exécuter normalement. / !\

Utilisateurs de Windows Vista :

* Afin que Navilog1 puisse fonctionner correctement, il est recommandé de désactiver l'UAC pendant l'utilisation de Navilog1 (Installation, Utilisation). N'oubliez pas dès l'utilisation de Navilog1 terminé à réactiver l'UAC sur votre Ordinateur.
comment faire pour désactiver l'UAC

* A chaque fois que vous êtes amené à exécuter Navilog1.bat ou Navilog1.exe pour l'installation, ne double-cliquez pas sur le fichier ou raccourci mais faites un clic droit dessus et dans le menu contextuel choisssez "Exécuter en tant qu'administrateur".

Le lancement de l'installation de Navilog1 se fait en exécutant Navilog1.exe

(Si vous avez téléchargé navilog1.zip, Veuillez auparavant décompresser ce fichier)

Une fois l'installation terminé, pour lancer le fix :

- en utilisant le raccourci crée sur le bureau : Navilog1
- Via le poste de travail, en exécutant le fichier Navilog1.bat se trouvant dans %program files%Navilog1

Après le choix de la langue et les messages d'avertissement, le menu s'affiche.

Faite le choix 1

Effectue la vérification du système à la recherche de l'adware. Un scan avec catchme de GMER est également éffectué pour Windows XP. Cette analyse peut durer une dizaine de minutes. Patientez alors jusqu'au message «Analyse terminée le ....». Appuyez sur une touche comme demandé et le bloc note va souvrir , Enregistrez-le sur votre disque. Puis Ouvrez-le et Copiez-Collez l'intégralité de ce rapport sur le forum qui vous l'auras demandé.

(si le bloc-note ne s'ouvre pas : Rendez-vous dans votre poste de travail, à la racine du disque C vous trouverez le rapport sous le nom de fixnavi.txt)

Attention : Ne lancez-pas la partie désinfection (choix 2, 3 ou 4) sans l'avis/accord express de l'Helper qui vous as pris en charge sur le forum d'aide ou vous aurez exposer votre problème.

==>>Tutoriel Navilog1
0
Réponse 2 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 20:19
La voici!!

Search Navipromo version 3.6.9 commencé le 09/11/2008 à 20:08:05,92

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "romain"

Mise à jour le 05.11.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16757
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\users\romain\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\romain\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\romain\AppData\Roaming" ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\romain\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\romain\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\romain\AppData\Local" *



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\romain\AppData\Local\Microsoft" :


* Dans "C:\Users\romain\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\romain\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 09/11/2008 à 20:17:29,90 ***
0
Réponse 3 / 32
Utilisateur anonyme
9 nov. 2008 à 20:22
Re,

Essai avec celui la on verras bien:

Télécharge Lop S&D ici :

https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Double-clique dessus pour lancer l'installation

Puis double-clique [b]sur le raccourci Lop S&D/b présent sur ton bureau

Séléctionne la langue souhaitée , puis choisis [b]l'Option 1/b ( Recherche )

Patiente jusqu'à la fin du scan

Poste le rapport généré ( C:lopR.txt )
0
Réponse 4 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 20:31
Ok merci de m'aider car c'est vraiment la misère!et j'ai pas envie de rebouter mon pc...


--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz )
BIOS : Ver 1.00PARTTBL
USER : romain ( Administrator )
BOOT : Normal boot
Antivirus : ESET Smart Security 3.0 3.0 (Activated)
Firewall : AntiVirus Firewall 7.00 7.00 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:149 Go (Free:148 Go)
F:\ (Local Disk) - NTFS - Total:73 Go (Free:64 Go)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 09/11/2008|20:29 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[30/07/2008|17:22] C:\Users\romain\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150010}
[11/12/2007|20:29] C:\Users\romain\AppData\Local\Adobe
[30/06/2008|14:03] C:\Users\romain\AppData\Local\Ahead
[11/12/2007|18:59] C:\Users\romain\AppData\Local\Apple
[26/10/2008|20:27] C:\Users\romain\AppData\Local\Apple Computer
[11/12/2007|18:30] C:\Users\romain\AppData\Local\Application Data
[11/12/2007|18:34] C:\Users\romain\AppData\Local\ATI
[26/05/2008|19:01] C:\Users\romain\AppData\Local\Conduit
[04/08/2008|21:51] C:\Users\romain\AppData\Local\d3d9caps.dat
[08/11/2008|09:06] C:\Users\romain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26/10/2008|20:13] C:\Users\romain\AppData\Local\ESET
[23/12/2007|17:48] C:\Users\romain\AppData\Local\GDIPFONTCACHEV1.DAT
[11/12/2007|18:30] C:\Users\romain\AppData\Local\Historique
[09/11/2008|19:23] C:\Users\romain\AppData\Local\IconCache.db
[11/12/2007|20:07] C:\Users\romain\AppData\Local\IsolatedStorage
[09/11/2008|20:17] C:\Users\romain\AppData\Local\Microsoft
[15/01/2008|16:55] C:\Users\romain\AppData\Local\Microsoft Games
[09/06/2008|18:29] C:\Users\romain\AppData\Local\Mozilla
[11/12/2007|20:32] C:\Users\romain\AppData\Local\Pinnacle
[24/08/2008|18:17] C:\Users\romain\AppData\Local\Shareaza
[18/08/2008|20:24] C:\Users\romain\AppData\Local\Steek
[09/11/2008|20:29] C:\Users\romain\AppData\Local\Temp
[11/12/2007|18:30] C:\Users\romain\AppData\Local\Temporary Internet Files
[24/08/2008|15:12] C:\Users\romain\AppData\Local\torrent_search
[17/12/2007|10:52] C:\Users\romain\AppData\Local\Toshiba
[26/12/2007|17:52] C:\Users\romain\AppData\Local\VirtualStore
[16/12/2007|19:23] C:\Users\romain\AppData\Local\Windows Live Writer

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/11/2008 00:00][--a------] C:\Windows\tasks\Scheduled scanning task.job
[15/12/2007 20:24][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[09/11/2008 11:35][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{0D4A5B5E-89EA-40E3-82E4-87DFFB929DDE}.job
[09/11/2008 19:25][--ah-----] C:\Windows\tasks\SA.DAT
[09/11/2008 19:24][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[01/09/2008|18:44] C:\ProgramData\.zreglib
[14/10/2008|16:57] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[18/04/2007|08:04] C:\ProgramData\Adobe
[11/12/2007|18:59] C:\ProgramData\Apple
[11/12/2007|19:00] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[11/12/2007|17:19] C:\ProgramData\Atheros
[11/12/2007|18:34] C:\ProgramData\ATI
[02/09/2008|08:55] C:\ProgramData\BMf9d15570.txt
[02/09/2008|08:55] C:\ProgramData\BMf9d15570.xml
[11/12/2007|18:26] C:\ProgramData\Bureau
[23/04/2008|18:04] C:\ProgramData\CR2007
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[18/08/2008|11:24] C:\ProgramData\EmailNotifier
[06/10/2008|17:22] C:\ProgramData\eMule
[26/10/2008|20:57] C:\ProgramData\ENJOY Plus!
[26/10/2008|19:46] C:\ProgramData\ESET
[11/12/2007|18:26] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[09/11/2008|12:26] C:\ProgramData\FreeDownloadManager.ORG
[11/03/2008|21:58] C:\ProgramData\F-Secure
[18/03/2008|11:47] C:\ProgramData\fssg
[12/12/2007|19:42] C:\ProgramData\IsolatedStorage
[13/12/2007|19:02] C:\ProgramData\LogiShrd
[13/12/2007|19:03] C:\ProgramData\Logitech
[09/11/2008|13:28] C:\ProgramData\Malwarebytes
[18/08/2008|11:24] C:\ProgramData\Megaupload
[11/12/2007|18:26] C:\ProgramData\Menu D‚marrer
[28/01/2008|20:00] C:\ProgramData\Microsoft
[11/12/2007|18:26] C:\ProgramData\ModŠles
[30/06/2008|12:39] C:\ProgramData\Nero
[11/12/2007|19:36] C:\ProgramData\Pinnacle
[11/12/2007|19:15] C:\ProgramData\Pinnacle Studio
[02/09/2008|08:48] C:\ProgramData\pskt.ini
[25/06/2008|21:31] C:\ProgramData\pure coal bone thunk
[01/09/2008|14:56] C:\ProgramData\SlySoft
[11/12/2007|19:20] C:\ProgramData\SmartSound Software Inc
[09/11/2008|20:01] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[24/08/2008|13:30] C:\ProgramData\Symantec
[16/09/2008|19:22] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[15/10/2007|19:02] C:\ProgramData\Toshiba
[11/12/2007|18:30] C:\ProgramData\ToshibaEurope
[14/12/2007|19:26] C:\ProgramData\UDL
[10/07/2007|15:49] C:\ProgramData\Ulead Systems
[10/07/2007|15:36] C:\ProgramData\Vista64
[16/06/2008|22:34] C:\ProgramData\WLInstaller
[10/07/2007|15:36] C:\ProgramData\XP
[14/12/2007|17:58] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[01/09/2008|18:40] C:\Program Files\12Ghosts
[14/12/2007|19:24] C:\Program Files\ABBYY FineReader 5.0 Sprint
[18/04/2007|08:04] C:\Program Files\Adobe
[01/09/2008|15:15] C:\Program Files\adslTV
[02/09/2008|11:05] C:\Program Files\Alwil Software
[24/08/2008|12:17] C:\Program Files\Apple Software Update
[14/12/2007|19:23] C:\Program Files\ArcSoft
[11/12/2007|17:19] C:\Program Files\Atheros
[11/12/2007|17:12] C:\Program Files\ATI
[11/12/2007|17:14] C:\Program Files\ATI Technologies
[12/12/2007|21:02] C:\Program Files\AVIcodec
[24/08/2008|15:52] C:\Program Files\AxBx
[01/09/2008|19:22] C:\Program Files\BitDefender
[26/05/2008|19:34] C:\Program Files\BitTorrent Fastest Tool
[07/10/2008|16:33] C:\Program Files\Bonjour
[11/12/2007|17:15] C:\Program Files\Camera Assistant Software for Toshiba
[01/09/2008|19:12] C:\Program Files\Common Files
[26/05/2008|19:00] C:\Program Files\Conduit
[11/12/2007|19:18] C:\Program Files\DivX
[24/12/2007|18:33] C:\Program Files\Ediser
[23/12/2007|17:35] C:\Program Files\Encarta
[26/10/2008|20:57] C:\Program Files\ENJOY Plus!
[14/12/2007|19:26] C:\Program Files\EPSON
[26/10/2008|19:46] C:\Program Files\ESET
[11/12/2007|18:26] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[09/11/2008|12:26] C:\Program Files\Free Download Manager
[18/04/2007|08:08] C:\Program Files\IDM
[07/10/2008|16:44] C:\Program Files\InstallShield Installation Information
[11/12/2007|18:33] C:\Program Files\Intel
[16/10/2008|03:08] C:\Program Files\Internet Explorer
[10/07/2007|15:49] C:\Program Files\InterVideo
[12/12/2007|17:13] C:\Program Files\Inventel
[14/10/2008|16:56] C:\Program Files\iPod
[14/10/2008|16:57] C:\Program Files\iTunes
[30/07/2008|17:23] C:\Program Files\Java
[13/12/2007|19:06] C:\Program Files\K-Lite Codec Pack
[08/03/2008|23:12] C:\Program Files\LG Electronics
[08/03/2008|23:12] C:\Program Files\LG PC Suite 2
[08/10/2008|17:22] C:\Program Files\LimeWire
[13/12/2007|19:09] C:\Program Files\Logitech
[15/10/2007|18:48] C:\Program Files\ltmoh
[09/11/2008|13:28] C:\Program Files\Malwarebytes' Anti-Malware
[07/10/2008|16:44] C:\Program Files\Megaupload
[23/12/2007|17:38] C:\Program Files\Microsoft AutoRoute
[13/12/2007|17:57] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[17/12/2007|09:28] C:\Program Files\Microsoft FrontPage
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[23/12/2007|17:28] C:\Program Files\Microsoft Office
[13/12/2007|19:18] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2007|09:28] C:\Program Files\Microsoft Visual Studio
[23/12/2007|17:29] C:\Program Files\Microsoft Works
[23/12/2007|17:22] C:\Program Files\Microsoft Works Suite 2005
[02/11/2006|13:42] C:\Program Files\Movie Maker
[09/11/2008|15:38] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[10/07/2007|14:49] C:\Program Files\MSXML 4.0
[18/04/2007|07:14] C:\Program Files\My Company Name
[18/04/2007|08:08] C:\Program Files\myphotobook
[09/11/2008|20:18] C:\Program Files\Navilog1
[30/06/2008|12:39] C:\Program Files\Nero
[20/08/2008|01:20] C:\Program Files\PC Inspector File Recovery
[04/08/2008|22:30] C:\Program Files\PhotoFiltre
[23/12/2007|17:33] C:\Program Files\Picture It! Premium 10
[11/12/2007|19:24] C:\Program Files\Pinnacle
[14/10/2008|16:55] C:\Program Files\QuickTime
[15/10/2007|18:40] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[24/08/2008|12:25] C:\Program Files\Safari
[26/05/2008|19:32] C:\Program Files\Secured IE
[09/08/2008|19:30] C:\Program Files\securedie
[06/07/2008|20:54] C:\Program Files\Securitoo
[24/08/2008|18:17] C:\Program Files\Shareaza
[01/09/2008|14:55] C:\Program Files\SlySoft
[14/12/2007|19:22] C:\Program Files\Smart Panel
[11/12/2007|19:19] C:\Program Files\SmartSound Software
[09/11/2008|20:01] C:\Program Files\Spybot - Search & Destroy
[18/08/2008|00:23] C:\Program Files\Steek
[14/08/2008|01:47] C:\Program Files\Sunbelt Software
[01/09/2008|14:38] C:\Program Files\Super Internet TV
[11/12/2007|17:19] C:\Program Files\Synaptics
[24/08/2008|14:58] C:\Program Files\torrent_search
[15/10/2007|19:09] C:\Program Files\TOSHIBA
[12/12/2007|19:42] C:\Program Files\Toshiba TEMPO
[25/06/2008|21:17] C:\Program Files\Trend Micro
[10/07/2007|15:46] C:\Program Files\Ulead Systems
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[19/08/2008|20:20] C:\Program Files\VideoLAN
[04/08/2008|10:33] C:\Program Files\Wanadoo
[15/12/2007|18:28] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[10/07/2007|15:08] C:\Program Files\Windows Defender
[02/11/2006|13:42] C:\Program Files\Windows Journal
[27/05/2008|17:15] C:\Program Files\Windows Live
[15/12/2007|20:24] C:\Program Files\Windows Live Favorites
[15/12/2007|20:24] C:\Program Files\Windows Live Toolbar
[16/10/2008|03:08] C:\Program Files\Windows Mail
[18/04/2007|07:46] C:\Program Files\Windows Media Components
[13/12/2007|21:41] C:\Program Files\Windows Media Player
[11/12/2007|18:26] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|22:39] C:\Program Files\Windows Sidebar
[12/12/2007|21:03] C:\Program Files\WinRAR
[01/07/2008|20:00] C:\Program Files\WordBiz
[13/12/2007|19:09] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[18/04/2007|08:04] C:\Program Files\Common Files\Adobe
[14/10/2008|16:54] C:\Program Files\Common Files\Apple
[01/09/2008|19:22] C:\Program Files\Common Files\BitDefender
[17/12/2007|09:28] C:\Program Files\Common Files\Designer
[18/04/2007|07:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|06:44] C:\Program Files\Common Files\Java
[01/09/2008|19:14] C:\Program Files\Common Files\Logishrd
[01/09/2008|19:13] C:\Program Files\Common Files\Logitech
[26/12/2007|03:02] C:\Program Files\Common Files\microsoft shared
[30/06/2008|12:46] C:\Program Files\Common Files\Nero
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[24/08/2008|13:32] C:\Program Files\Common Files\Symantec Shared
[17/12/2007|09:28] C:\Program Files\Common Files\System
[10/07/2007|15:49] C:\Program Files\Common Files\Ulead Systems
[12/12/2007|18:51] C:\Program Files\Common Files\WindowsLiveInstaller
[12/12/2007|19:41] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 108 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\pure coal bone thunk
C:\Users\romain\AppData\Local\Temp\nsx9619.tmp
C:\Program Files\BitTorrent Fastest Tool
C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
C:\Program Files\BitTorrent Fastest Tool\BitP.exe
C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-09 20:29:35
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 488

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\romain\AppData\Roaming\Microsoft\Windows\Recent\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen.rar.lnk
C:\Users\romain\Desktop\programmes d'installations logiciels\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen.rar
C:\Users\romain\Desktop\programmes d'installations logiciels\avast pro\Keygen
C:\Users\romain\Desktop\programmes d'installations logiciels\avast pro\Keygen\KeyMaker.exe
C:\Users\romain\Desktop\telechargements\Metadata\(Crack) nero show time plugins hd by CORE [Techno].zip.xml
C:\Users\romain\Desktop\telechargements\Metadata\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen.rar.xml


[F:301][D:45]-> C:\Users\romain\AppData\Local\Temp
[F:119][D:1]-> C:\Users\romain\AppData\Roaming\MICROS~1\Windows\Cookies
[F:135][D:9]-> C:\Users\romain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5365][D:716]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/11/2008|20:30 - Option : [1]

--------------------\\ Fin du rapport a 20:30:17
[ UAC => 1 ]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
Utilisateur anonyme
9 nov. 2008 à 20:34
Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 ( Suppression )

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré ( C:\lopR.txt )

( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr, Onglet Fichier,

Nouvelle tâche, tape explorer.exe et valide )
0
Réponse 6 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 20:52
--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz )
BIOS : Ver 1.00PARTTBL
USER : romain ( Administrator )
BOOT : Normal boot
Antivirus : ESET Smart Security 3.0 3.0 (Activated)
Firewall : AntiVirus Firewall 7.00 7.00 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:149 Go (Free:148 Go)
F:\ (Local Disk) - NTFS - Total:73 Go (Free:64 Go)
G:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [2] ( 09/11/2008|20:50 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Users\romain\AppData\Local\Temp\nsx9619.tmp
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\BitP.exe
Supprime! - C:\Program Files\BitTorrent Fastest Tool\INSTALL.LOG
Supprime! - C:\ProgramData\pure coal bone thunk
Supprime! - C:\Program Files\BitTorrent Fastest Tool
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans Local

[30/07/2008|17:22] C:\Users\romain\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150010}
[11/12/2007|20:29] C:\Users\romain\AppData\Local\Adobe
[30/06/2008|14:03] C:\Users\romain\AppData\Local\Ahead
[11/12/2007|18:59] C:\Users\romain\AppData\Local\Apple
[26/10/2008|20:27] C:\Users\romain\AppData\Local\Apple Computer
[11/12/2007|18:30] C:\Users\romain\AppData\Local\Application Data
[11/12/2007|18:34] C:\Users\romain\AppData\Local\ATI
[26/05/2008|19:01] C:\Users\romain\AppData\Local\Conduit
[04/08/2008|21:51] C:\Users\romain\AppData\Local\d3d9caps.dat
[08/11/2008|09:06] C:\Users\romain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[26/10/2008|20:13] C:\Users\romain\AppData\Local\ESET
[23/12/2007|17:48] C:\Users\romain\AppData\Local\GDIPFONTCACHEV1.DAT
[11/12/2007|18:30] C:\Users\romain\AppData\Local\Historique
[09/11/2008|19:23] C:\Users\romain\AppData\Local\IconCache.db
[11/12/2007|20:07] C:\Users\romain\AppData\Local\IsolatedStorage
[09/11/2008|20:17] C:\Users\romain\AppData\Local\Microsoft
[15/01/2008|16:55] C:\Users\romain\AppData\Local\Microsoft Games
[09/06/2008|18:29] C:\Users\romain\AppData\Local\Mozilla
[11/12/2007|20:32] C:\Users\romain\AppData\Local\Pinnacle
[24/08/2008|18:17] C:\Users\romain\AppData\Local\Shareaza
[18/08/2008|20:24] C:\Users\romain\AppData\Local\Steek
[09/11/2008|20:50] C:\Users\romain\AppData\Local\Temp
[11/12/2007|18:30] C:\Users\romain\AppData\Local\Temporary Internet Files
[24/08/2008|15:12] C:\Users\romain\AppData\Local\torrent_search
[17/12/2007|10:52] C:\Users\romain\AppData\Local\Toshiba
[26/12/2007|17:52] C:\Users\romain\AppData\Local\VirtualStore
[16/12/2007|19:23] C:\Users\romain\AppData\Local\Windows Live Writer

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[08/11/2008 00:00][--a------] C:\Windows\tasks\Scheduled scanning task.job
[15/12/2007 20:24][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[09/11/2008 11:35][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{0D4A5B5E-89EA-40E3-82E4-87DFFB929DDE}.job
[09/11/2008 19:25][--ah-----] C:\Windows\tasks\SA.DAT
[09/11/2008 19:24][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[01/09/2008|18:44] C:\ProgramData\.zreglib
[14/10/2008|16:57] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[18/04/2007|08:04] C:\ProgramData\Adobe
[11/12/2007|18:59] C:\ProgramData\Apple
[11/12/2007|19:00] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[11/12/2007|17:19] C:\ProgramData\Atheros
[11/12/2007|18:34] C:\ProgramData\ATI
[02/09/2008|08:55] C:\ProgramData\BMf9d15570.txt
[02/09/2008|08:55] C:\ProgramData\BMf9d15570.xml
[11/12/2007|18:26] C:\ProgramData\Bureau
[23/04/2008|18:04] C:\ProgramData\CR2007
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[18/08/2008|11:24] C:\ProgramData\EmailNotifier
[06/10/2008|17:22] C:\ProgramData\eMule
[26/10/2008|20:57] C:\ProgramData\ENJOY Plus!
[26/10/2008|19:46] C:\ProgramData\ESET
[11/12/2007|18:26] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[09/11/2008|12:26] C:\ProgramData\FreeDownloadManager.ORG
[11/03/2008|21:58] C:\ProgramData\F-Secure
[18/03/2008|11:47] C:\ProgramData\fssg
[12/12/2007|19:42] C:\ProgramData\IsolatedStorage
[13/12/2007|19:02] C:\ProgramData\LogiShrd
[13/12/2007|19:03] C:\ProgramData\Logitech
[09/11/2008|13:28] C:\ProgramData\Malwarebytes
[18/08/2008|11:24] C:\ProgramData\Megaupload
[11/12/2007|18:26] C:\ProgramData\Menu D‚marrer
[28/01/2008|20:00] C:\ProgramData\Microsoft
[11/12/2007|18:26] C:\ProgramData\ModŠles
[30/06/2008|12:39] C:\ProgramData\Nero
[11/12/2007|19:36] C:\ProgramData\Pinnacle
[11/12/2007|19:15] C:\ProgramData\Pinnacle Studio
[02/09/2008|08:48] C:\ProgramData\pskt.ini
[01/09/2008|14:56] C:\ProgramData\SlySoft
[11/12/2007|19:20] C:\ProgramData\SmartSound Software Inc
[09/11/2008|20:01] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|14:02] C:\ProgramData\Start Menu
[24/08/2008|13:30] C:\ProgramData\Symantec
[16/09/2008|19:22] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[15/10/2007|19:02] C:\ProgramData\Toshiba
[11/12/2007|18:30] C:\ProgramData\ToshibaEurope
[14/12/2007|19:26] C:\ProgramData\UDL
[10/07/2007|15:49] C:\ProgramData\Ulead Systems
[10/07/2007|15:36] C:\ProgramData\Vista64
[16/06/2008|22:34] C:\ProgramData\WLInstaller
[10/07/2007|15:36] C:\ProgramData\XP
[14/12/2007|17:58] C:\ProgramData\Yahoo! Companion

--------------------\\ Listing des dossiers dans C:\Program Files

[01/09/2008|18:40] C:\Program Files\12Ghosts
[14/12/2007|19:24] C:\Program Files\ABBYY FineReader 5.0 Sprint
[18/04/2007|08:04] C:\Program Files\Adobe
[01/09/2008|15:15] C:\Program Files\adslTV
[02/09/2008|11:05] C:\Program Files\Alwil Software
[24/08/2008|12:17] C:\Program Files\Apple Software Update
[14/12/2007|19:23] C:\Program Files\ArcSoft
[11/12/2007|17:19] C:\Program Files\Atheros
[11/12/2007|17:12] C:\Program Files\ATI
[11/12/2007|17:14] C:\Program Files\ATI Technologies
[12/12/2007|21:02] C:\Program Files\AVIcodec
[24/08/2008|15:52] C:\Program Files\AxBx
[01/09/2008|19:22] C:\Program Files\BitDefender
[07/10/2008|16:33] C:\Program Files\Bonjour
[11/12/2007|17:15] C:\Program Files\Camera Assistant Software for Toshiba
[01/09/2008|19:12] C:\Program Files\Common Files
[26/05/2008|19:00] C:\Program Files\Conduit
[11/12/2007|19:18] C:\Program Files\DivX
[24/12/2007|18:33] C:\Program Files\Ediser
[23/12/2007|17:35] C:\Program Files\Encarta
[26/10/2008|20:57] C:\Program Files\ENJOY Plus!
[14/12/2007|19:26] C:\Program Files\EPSON
[26/10/2008|19:46] C:\Program Files\ESET
[11/12/2007|18:26] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[09/11/2008|12:26] C:\Program Files\Free Download Manager
[18/04/2007|08:08] C:\Program Files\IDM
[07/10/2008|16:44] C:\Program Files\InstallShield Installation Information
[11/12/2007|18:33] C:\Program Files\Intel
[16/10/2008|03:08] C:\Program Files\Internet Explorer
[10/07/2007|15:49] C:\Program Files\InterVideo
[12/12/2007|17:13] C:\Program Files\Inventel
[14/10/2008|16:56] C:\Program Files\iPod
[14/10/2008|16:57] C:\Program Files\iTunes
[30/07/2008|17:23] C:\Program Files\Java
[13/12/2007|19:06] C:\Program Files\K-Lite Codec Pack
[08/03/2008|23:12] C:\Program Files\LG Electronics
[08/03/2008|23:12] C:\Program Files\LG PC Suite 2
[08/10/2008|17:22] C:\Program Files\LimeWire
[13/12/2007|19:09] C:\Program Files\Logitech
[15/10/2007|18:48] C:\Program Files\ltmoh
[09/11/2008|13:28] C:\Program Files\Malwarebytes' Anti-Malware
[07/10/2008|16:44] C:\Program Files\Megaupload
[23/12/2007|17:38] C:\Program Files\Microsoft AutoRoute
[13/12/2007|17:57] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[17/12/2007|09:28] C:\Program Files\Microsoft FrontPage
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[23/12/2007|17:28] C:\Program Files\Microsoft Office
[13/12/2007|19:18] C:\Program Files\Microsoft SQL Server Compact Edition
[17/12/2007|09:28] C:\Program Files\Microsoft Visual Studio
[23/12/2007|17:29] C:\Program Files\Microsoft Works
[23/12/2007|17:22] C:\Program Files\Microsoft Works Suite 2005
[02/11/2006|13:42] C:\Program Files\Movie Maker
[09/11/2008|15:38] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[10/07/2007|14:49] C:\Program Files\MSXML 4.0
[18/04/2007|07:14] C:\Program Files\My Company Name
[18/04/2007|08:08] C:\Program Files\myphotobook
[09/11/2008|20:18] C:\Program Files\Navilog1
[30/06/2008|12:39] C:\Program Files\Nero
[20/08/2008|01:20] C:\Program Files\PC Inspector File Recovery
[04/08/2008|22:30] C:\Program Files\PhotoFiltre
[23/12/2007|17:33] C:\Program Files\Picture It! Premium 10
[11/12/2007|19:24] C:\Program Files\Pinnacle
[14/10/2008|16:55] C:\Program Files\QuickTime
[15/10/2007|18:40] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[24/08/2008|12:25] C:\Program Files\Safari
[26/05/2008|19:32] C:\Program Files\Secured IE
[09/08/2008|19:30] C:\Program Files\securedie
[06/07/2008|20:54] C:\Program Files\Securitoo
[24/08/2008|18:17] C:\Program Files\Shareaza
[01/09/2008|14:55] C:\Program Files\SlySoft
[14/12/2007|19:22] C:\Program Files\Smart Panel
[11/12/2007|19:19] C:\Program Files\SmartSound Software
[09/11/2008|20:01] C:\Program Files\Spybot - Search & Destroy
[18/08/2008|00:23] C:\Program Files\Steek
[14/08/2008|01:47] C:\Program Files\Sunbelt Software
[01/09/2008|14:38] C:\Program Files\Super Internet TV
[11/12/2007|17:19] C:\Program Files\Synaptics
[24/08/2008|14:58] C:\Program Files\torrent_search
[15/10/2007|19:09] C:\Program Files\TOSHIBA
[12/12/2007|19:42] C:\Program Files\Toshiba TEMPO
[25/06/2008|21:17] C:\Program Files\Trend Micro
[10/07/2007|15:46] C:\Program Files\Ulead Systems
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[19/08/2008|20:20] C:\Program Files\VideoLAN
[04/08/2008|10:33] C:\Program Files\Wanadoo
[15/12/2007|18:28] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[10/07/2007|15:08] C:\Program Files\Windows Defender
[02/11/2006|13:42] C:\Program Files\Windows Journal
[27/05/2008|17:15] C:\Program Files\Windows Live
[15/12/2007|20:24] C:\Program Files\Windows Live Favorites
[15/12/2007|20:24] C:\Program Files\Windows Live Toolbar
[16/10/2008|03:08] C:\Program Files\Windows Mail
[18/04/2007|07:46] C:\Program Files\Windows Media Components
[13/12/2007|21:41] C:\Program Files\Windows Media Player
[11/12/2007|18:26] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[09/01/2008|22:39] C:\Program Files\Windows Sidebar
[12/12/2007|21:03] C:\Program Files\WinRAR
[01/07/2008|20:00] C:\Program Files\WordBiz
[13/12/2007|19:09] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[18/04/2007|08:04] C:\Program Files\Common Files\Adobe
[14/10/2008|16:54] C:\Program Files\Common Files\Apple
[01/09/2008|19:22] C:\Program Files\Common Files\BitDefender
[17/12/2007|09:28] C:\Program Files\Common Files\Designer
[18/04/2007|07:47] C:\Program Files\Common Files\InstallShield
[18/04/2007|06:44] C:\Program Files\Common Files\Java
[01/09/2008|19:14] C:\Program Files\Common Files\Logishrd
[01/09/2008|19:13] C:\Program Files\Common Files\Logitech
[26/12/2007|03:02] C:\Program Files\Common Files\microsoft shared
[30/06/2008|12:46] C:\Program Files\Common Files\Nero
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[24/08/2008|13:32] C:\Program Files\Common Files\Symantec Shared
[17/12/2007|09:28] C:\Program Files\Common Files\System
[10/07/2007|15:49] C:\Program Files\Common Files\Ulead Systems
[12/12/2007|18:51] C:\Program Files\Common Files\WindowsLiveInstaller
[12/12/2007|19:41] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 110 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-09 20:50:38
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 488

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\romain\AppData\Roaming\Microsoft\Windows\Recent\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen.rar.lnk
C:\Users\romain\Desktop\programmes d'installations logiciels\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen.rar
C:\Users\romain\Desktop\programmes d'installations logiciels\avast pro\Keygen
C:\Users\romain\Desktop\programmes d'installations logiciels\avast pro\Keygen\KeyMaker.exe
C:\Users\romain\Desktop\telechargements\Metadata\(Crack) nero show time plugins hd by CORE [Techno].zip.xml
C:\Users\romain\Desktop\telechargements\Metadata\Avast.Antivirus.Pro.v4.8.1169.FR.Incl-Keygen.rar.xml


[F:300][D:44]-> C:\Users\romain\AppData\Local\Temp
[F:119][D:1]-> C:\Users\romain\AppData\Roaming\MICROS~1\Windows\Cookies
[F:144][D:9]-> C:\Users\romain\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5365][D:716]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 09/11/2008|20:30 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 09/11/2008|20:51 - Option : [2]

--------------------\\ Fin du rapport a 20:51:18
[ UAC => 1 ]

hop je comprend rien a tout ça...
0
Réponse 7 / 32
Utilisateur anonyme
9 nov. 2008 à 20:56
Re,

-Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte

- Mets le à jour

---
- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's
0
Réponse 8 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:00
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1375
Windows 6.0.6000

09/11/2008 15:38:01
mbam-log-2008-11-09 (15-38-01).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 164626
Temps écoulé: 1 hour(s), 31 minute(s), 15 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 8
Fichier(s) infecté(s): 13

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bho_myjavacore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{63334394-3da3-4b29-a041-03535909d361} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e4a04a1-a24d-45ae-aca4-949778400813} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{80ef304a-b1c4-425c-8535-95ab6f1eefb8} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{ff46f4ab-a85f-487e-b399-3f191ac0fe23} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BHO_MyJavaCore.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\testCPV6.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{d6aeeadc-7733-4aa6-9cc3-2a0415f73416} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmf9d15570 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fae266ec (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Malware.Trace) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mjcore (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Users\romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Webtools\webtools.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Users\romain\smss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\romain\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\romain\services.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\romain\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.


c'est celui de cet aprem!tu vois quelque chose d'anormal ou pas??
merci en tout cas..j'ai tout supprimé aussi!j"en ai relancé une quand même!
0
Réponse 9 / 32
Utilisateur anonyme
9 nov. 2008 à 21:03
Re,

Fait moi un nouveau hijackthis.

merci
0
Réponse 10 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:06
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:43, on 09/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Secured IE\secp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Users\romain\Desktop\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\TVCenter Pro\LaunchList2.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\Hide IP Platinum\hideippla.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: ENJOY Plus!.lnk = C:\Program Files\ENJOY Plus!\ENJOY Plus!.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Securitoo\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Common\FSMA32.EXE
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPO\TempoSVC.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 11 / 32
Utilisateur anonyme
9 nov. 2008 à 21:10
Re,

Connais tu;

http://www.amazon.fr/http://www.webtip.ch//http://rover.ebay.com/rover/

?
0
Réponse 12 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:11
Pourquoi aussi je ne vois pas trop le rapport??
0
Réponse 13 / 32
Utilisateur anonyme
9 nov. 2008 à 21:13
Re,

Ben pour savoir si je peut te donner à supprimer ?

voilà tout.

@+
0
Réponse 14 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:14
Re,désolé j'ai pas compris..
0
Réponse 15 / 32
Utilisateur anonyme
9 nov. 2008 à 21:17
Re,

Relance hijack et clique sur "Do a system scan only"
Ensuite recherche ces lignes et coches les cases

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Fait la manip avec ces lignes si tu connais pas:(fait celle au dessus de cette phrase)

O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)

O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)

O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)

Ensuite clique sur "Fix checked"


Merci.
0
Réponse 16 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:18
En fait j'ai toujours ces pages ci:http://www.mobiswing.com/search.cgi?q=dossier%20gep%20bac%20pro%20commerce

voilou
0
Réponse 17 / 32
Utilisateur anonyme
9 nov. 2008 à 21:20
Re,

Ben en fait sa c'est un peut normal d'avoir des code404,c'est a cause que la page web n'existe plus ou le serveur qui merdouille.

Sinon,tu n'as plus rien de méchant.

Sinon refait un scan malwarebyte.
0
Réponse 18 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:23
HTTP/1.1 404 Object Not Found cela m'ouvre un message d'erreur et une page internet,je crois que le problème vient de la!!

comment faire aussi....
0
Réponse 19 / 32
Utilisateur anonyme
9 nov. 2008 à 21:29
Re,

installe [- Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe smitfraudfix]



Option:1 => Recherche:

* Double cliquer sur SmitfraudFix.exe

* Sélectionner 1 et pressez =>Entrée dans le menu pour créer

un rapport des fichiers responsables de l'infection. Le rapport se trouve à la racine du disque

système

C:\rapport.txt

==>et colle le rapport génèrer sur le forum.

*=>Ne pas faire l'option 2 sans un avis d'une personne compétente*<=


==>Tutoriel Smitfraudix
0
Réponse 20 / 32
romaindu59 Messages postés 19 Date d'inscription dimanche 9 novembre 2008 Statut Membre Dernière intervention 11 novembre 2008
9 nov. 2008 à 21:35
SmitFraudFix v2.373

Scan done at 21:31:45,42, 09/11/2008
Run from C:\Program Files\Free Download Manager\SmitfraudFix
OS: Microsoft Windows [version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Securitoo\Common\FSMA32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Securitoo\Common\FSMB32.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Securitoo\Common\FCH32.EXE
C:\Program Files\Securitoo\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Anti-Virus\fsqh.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Securitoo\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\FWES\Program\fsdfwd.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Securitoo\FSAUA\program\fsus.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Secured IE\secp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Securitoo\FSGUI\fsguidll.exe
C:\Program Files\Securitoo\Anti-Virus\fsav32.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehRecvr.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\romain


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\romain\AppData\Local\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\romain\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\romain\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000000


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,"


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Atheros AR5008X Wireless Network Adapter
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{916B5EBD-8BC7-4E20-92CC-CD7B60E3271E}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{916B5EBD-8BC7-4E20-92CC-CD7B60E3271E}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{916B5EBD-8BC7-4E20-92CC-CD7B60E3271E}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End


voici,comment ai-je fait pour avoir ces problèmes???
0

Discussions similaires

Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
Impossible de créer un compte Facebook Business Manager
Lely -
Malkii -

35 réponses
Publicité s'ouvre toute seule ! ?
RRD91 -
Vinz -

52 réponses
Pub intempestive sur smartphone Android.
Camitte -
Yoyo -

31 réponses
Dailymotion sans désactiver l'Adblocker, possible ?
Vitamine -
HelpiOS -

5 réponses