Aller au contenu

tasnass

Membres
  • Compteur de contenus

    10
  • Inscription

  • Dernière visite

Réputation sur la communauté

0 Neutral

À propos de tasnass

  • Rang
    Junior Member
  1. merci pour votre iade très efficace pas de reponse depuis un mois un être deseperé
  2. voila 1) j'ai viré flashget 2) voila le rapport regsearch REGEDIT4 ; Registry Search by Bobbi Flekman ; Version: 1.0.2.1 ; Results at 10/12/2005 21:44:14 for strings: ; 'adchannel' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... et lez rapport ewido ewido security suite - Rapport de scan --------------------------------------------------------- + Créé le: 07:14:29, 10/12/2005 + Somme de contrôle: 917F8D37 + Résultats du scan: C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][1].txt -> Spyware.Cookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][2].txt -> Spyware.Cookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][1].txt -> Spyware.Cookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][1].txt -> Spyware.Cookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\chico.NONE.001\Cookies\[email protected][1].txt -> Spyware.Cookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\none\Menu Démarrer\Programmes\Power Scan -> Spyware.PowerScan : Nettoyer et sauvegarder C:\Documents and Settings\none\Menu Démarrer\Programmes\Power Scan\Power Scan.lnk -> Spyware.PowerScan : Nettoyer et sauvegarder C:\RECYCLER\S-1-5-21-2025429265-343818398-725345543-1003\Dc68\setupneoaudio.exe -> Spyware.BargainBuddy.a : Nettoyer et sauvegarder ::Fin du rapport
  3. ci-dessus mon rapport panda cordialement, thierry
  4. Incident Status Location Spyware:spyware/cydoor No disinfected C:\WINDOWS\SYSTEM32\AdCache Spyware:Spyware/Apropos No disinfected C:\Documents and Settings\none\Local Settings\Temp\AutoUpdate0\setup.inf Spyware:Spyware/Apropos No disinfected C:\Documents and Settings\none\Local Settings\Temporary Internet Files\Content.IE5\27X7EGP9\auto_update[1] Virus:Bck/IRCbot.DO No disinfected C:\NASS FAMILY\thierry\logiciels\Hearts Of Iron 2 French Crack-Alliance.rar[Hearts.Of.Iron.2.FRENCH.CRACK-ALLiANCE.exe] Adware:Adware/TopMoxie No disinfected C:\NASS FAMILY\thierry\logiciels\setupneoaudio.exe Adware:Adware/WinTools No disinfected C:\program files\AI - Series\insthlp.dat Virus:Eicar.Mod No disinfected C:\program files\PestPatrol\Help.chm[HowCanITestDetection.html] Adware:Adware/TopMoxie No disinfected C:\RECYCLER\S-1-5-21-2025429265-343818398-725345543-1003\Dc68\setupneoaudio.exe
  5. je lance panda au fait qui y at'il de plus sur que shareaza pour le telechargement svp
  6. et voila Logfile of HijackThis v1.99.1 Scan saved at 08:35:54, on 17/11/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\program files\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\program files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MimBoot] C:\program files\Musicmatch\Musicmatch Jukebox\mimboot.exe O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [PestPatrol Control Center] c:\PROGRA~1\PESTPA~1\PPControl.exe O4 - HKLM\..\Run: [PPMemCheck] c:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] c:\PROGRA~1\PESTPA~1\CookiePatrol.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [shareaza] "C:\program files\Shareaza\Shareaza.exe" -tray O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [a-squared] "C:\Program Files\a-squared\a2guard.exe" O4 - Global Startup: DSLMON.lnk = C:\program files\SAGEM\SAGEM [email protected] 800-908\dslmon.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Microsoft Office.lnk = C:\program files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: ZoneAlarm Pro.lnk = C:\program files\Zone Labs\ZoneAlarm\zapro.exe O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\program files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger avec FlashGet - C:\program files\FlashGet\jc_link.htm O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\program files\FlashGet\jc_all.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O15 - Trusted Zone: *.musicmatch.com O15 - Trusted Zone: *.musicmatch.com (HKLM) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1120477665421 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  7. BOnjour à tous, voilà mon pb j'ai une peste dans mon pc aprs un scan par 10 antivirus en ligne total virus voila le résultat : Antivirus Version Update Result AntiVir 6.32.0.6 11.15.2005 Worm/IRCBot.90112 Avast 4.6.695.0 11.15.2005 Win32:Trojan-gen. {Other} AVG 718 11.15.2005 BackDoor.Ircbot.6.BQ Avira 6.32.0.6 11.15.2005 Worm/IRCBot.90112 BitDefender 7.2 11.15.2005 Backdoor.IRCBot.O CAT-QuickHeal 8.00 11.15.2005 no virus found ClamAV devel-20051108 11.15.2005 no virus found DrWeb 4.33 11.15.2005 BackDoor.IRC.Distro eTrust-Iris 7.1.194.0 11.14.2005 no virus found eTrust-Vet 11.9.1.0 11.15.2005 no virus found Fortinet 2.48.0.0 11.15.2005 W32/IRCBot.O-bdr F-Prot 3.16c 11.15.2005 security risk named W32/Backdoor.CUE Ikarus 0.2.59.0 11.14.2005 no virus found Kaspersky 4.0.2.24 11.15.2005 Backdoor.Win32.IRCBot.o McAfee 4627 11.14.2005 BackDoor-CNZ.dll NOD32v2 1.1286 11.15.2005 Win32/IRCBot.O Norman 5.70.10 11.15.2005 W32/SDBot.JUT Panda 8.02.00 11.15.2005 Bck/IRCbot.DO Sophos 3.99.0 11.15.2005 no virus found Symantec 8.0 11.15.2005 Backdoor.Trojan TheHacker 5.9.1.035 11.15.2005 no virus found VBA32 3.10.5 11.14.2005 no virus found merci de votre aide
  8. Bonjour à tous, voilà je viens d'installer xp pro sur mon nouveau pc et pb de popup internet qui envoie en continue au taquet réception très mauvaise après utilisation de norton il localise adware.cdt j'ai essayé ad aware, spybot , spysweeper, regseeker et finalement je m'en remet à vous rien ne marche suivnats les logiciels on trouve blazefind cmd.exe inetpub coolwwwsearch.toolband adware.cdt et j'ai des fenetre qui s'ouvre avec winrar ou nen dos + des page angelfire, animallis ou blank.html enfin voici ma dernière chance avant une réinstallation complète voici ce que me dit hijack 1.9.9.1 Logfile of HijackThis v1.99.1 Scan saved at 13:57:13, on 16/03/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.687\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [Microsoft Development Debugger] C:\WINDOWS\system32\msdev.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [security Patch] scmss.exe O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [winservit] cassl.exe O4 - HKLM\..\Run: [Windows Service Pack Auto Update] C:\Documents and Settings\chico\removeme.exe O4 - HKLM\..\Run: [MS Unix Binary] hypertrm.exe O4 - HKLM\..\Run: [sYSTRAY] C:\UNMT.EXE O4 - HKLM\..\RunServices: [Microsoft Development Debugger] C:\WINDOWS\system32\msdev.exe O4 - HKLM\..\RunServices: [security Patch] scmss.exe O4 - HKLM\..\RunServices: [winservit] cassl.exe O4 - HKLM\..\RunServices: [MS Unix Binary] hypertrm.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-908\dslmon.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971C.../bridge-c11.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Promise Array Message Server (RAIDmSvr) - Unknown owner - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe merci de votre aide je ne sais pas comment me débarasser de cette m....
×
×
  • Créer...