pongonana
-
Compteur de contenus
32 -
Inscription
-
Dernière visite
Tout ce qui a été posté par pongonana
-
a l'aide (resolu)
pongonana a répondu à un(e) sujet de pongonana dans Analyses et éradication malwares
MERCI a Queruak ça y est tout semble mieux fonctionner c'est deja un gros soulagement vous deviez avoir raison c'est probablement parce que j'était connecté que les changements n'etaient pas pris en compte ... il reste cependant trois elements qui une fois fixé dans hijackthis ont disparus au scan suivant mais réaparaissent quand je redémarre mon ordinateur et c'est 3 x le meme voici : R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec....dll?c=2c99&lc= 080C&s=search je redemarre et je poste un log -
a l'aide (resolu)
pongonana a répondu à un(e) sujet de pongonana dans Analyses et éradication malwares
ok je vous répondre plus tard pour la suite dors et deja un tres grand merci pour votre temp et votre disponibilité ainsi que les différents conseils a + -
a l'aide (resolu)
pongonana a répondu à un(e) sujet de pongonana dans Analyses et éradication malwares
rerere, voila qui est fait , j'ai l'impression qu'il y a un mieux certains elements qui ont eté supprimé figurent toujours dans le log ??? le voici: Logfile of HijackThis v1.99.1 Scan saved at 16:33:03, on 6/06/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\MOUSE\SYSTEM\EM_EXEC.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE C:\COMPAQ\INTERNET\CISRVR.EXE C:\CPQS\BWTOOLS\SCCENTER.EXE C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE C:\PROGRAM FILES\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE C:\WINDOWS\MXOALDR.EXE C:\PROGRAM FILES\ALCATEL\SPEEDTOUCH USB\DRAGDIAG.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\FR\MSNAPPAU.EXE C:\PROGRAM FILES\VERISIGN\NAVI\NAVIAGENT.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE C:\PROGRAM FILES\VERISIGN\NAVI\NAVICLIENT.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\COMPAQ\ON-SCREEN DISPLAY\OSD.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\WINRAR\WINRAR.EXE C:\WINDOWS\TEMP\RAR$EX00.089\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...c=080C&s=search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirec...c=080C&s=search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...c=080C&s=search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.presario.net/scripts/redirec...&query=%s&i=enu R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file) O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe O4 - HKLM\..\Run: [systemTray] systray.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN O4 - HKLM\..\Run: [CISrvr Program] C:\COMPAQ\INTERNET\CISRVR.EXE O4 - HKLM\..\Run: [service Connection] c:\cpqs\bwtools\sccenter.exe O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [navi] "C:\Program Files\VeriSign\NAVI\naviagent.exe" uimode=agentupdate O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [HC Reminder] hc.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup O4 - HKCU\..\Run: [bestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup O4 - HKCU\..\Run: [spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\PROGRAM FILES\WINSOS\WINSOS.EXE" MINI O4 - Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - User Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - User Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL (file missing) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {D30CAFF0-087B-11D3-82D8-006094695CEC} (McAfee PC Clinic FaManager Class) - http://download.mcafee.com/molbin/Clinic/F...eck/mgfactl.cab O16 - DPF: {23047A90-8511-11D2-87A5-20C252C10000} (McAfee Clinic TreeView Class) - http://download.mcafee.com/molbin/Shared/MGTree.cab O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/ComCtl32.cab O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - http://download.mcafee.com/molbin/mcaeng/mcsmtshp.cab O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://gamekult.metaboli.fr/components/Metaboli.ocx O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://10151.kit.carpediem.fr/ParisVoyeur.exe O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab -
a l'aide (resolu)
pongonana a répondu à un(e) sujet de pongonana dans Analyses et éradication malwares
je l'entendait bien ainsi ne vous inquietez pas dans ce cas y a t'il une solution, un autre moyen de les desactiver afin que je puisse vous envoyer un rapport propre et que mon probleme puisse trouver sa solution -
a l'aide (resolu)
pongonana a répondu à un(e) sujet de pongonana dans Analyses et éradication malwares
sans vouloir vous contredire je vous assure que j'ai bien désinstaller la pluspart de ces utilitaires ils n'apparraissent plus dans ajout et suppression de programme ni dans la colone programme du menu demarer -
a l'aide (resolu)
pongonana a répondu à un(e) sujet de pongonana dans Analyses et éradication malwares
voila rebonjour , j'ai effectué toutes les etapes des preliminaire a effectuer avant d'utilisé hijackthis et voici le nouveau log Logfile of HijackThis v1.99.1 Scan saved at 14:15:55, on 6/06/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\MOUSE\SYSTEM\EM_EXEC.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE C:\COMPAQ\INTERNET\CISRVR.EXE C:\CPQS\BWTOOLS\SCCENTER.EXE C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE C:\PROGRAM FILES\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE C:\WINDOWS\MXOALDR.EXE C:\PROGRAM FILES\ALCATEL\SPEEDTOUCH USB\DRAGDIAG.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\FR\MSNAPPAU.EXE C:\PROGRAM FILES\VERISIGN\NAVI\NAVIAGENT.EXE C:\PROGRAM FILES\CHECKFLOW\SPY SHOOTER\4.5.0.1\FLOWSERVICE.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE C:\PROGRAM FILES\WINSOS\WINSOS.EXE C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\VERISIGN\NAVI\NAVICLIENT.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE C:\PROGRAM FILES\COMPAQ\ON-SCREEN DISPLAY\OSD.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\TEMP\RAR$EX00.188\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirec...c=080C&s=search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...c=080C&s=search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.presario.net/scripts/redirec...&query=%s&i=enu R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file) O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe O4 - HKLM\..\Run: [systemTray] systray.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN O4 - HKLM\..\Run: [CISrvr Program] C:\COMPAQ\INTERNET\CISRVR.EXE O4 - HKLM\..\Run: [service Connection] c:\cpqs\bwtools\sccenter.exe O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [navi] "C:\Program Files\VeriSign\NAVI\naviagent.exe" uimode=agentupdate O4 - HKLM\..\Run: [msxct] msxct.exe O4 - HKLM\..\Run: [FlowProtector2005] C:\PROGRAM FILES\CHECKFLOW\SPY SHOOTER\4.5.0.1\Flowservice -f O4 - HKLM\..\Run: [spySweeper] "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray O4 - HKLM\..\Run: [XoftSpy] C:\PROGRAM FILES\XOFTSPY\XoftSpy.exe -s O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [HC Reminder] hc.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup O4 - HKCU\..\Run: [bestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup O4 - HKCU\..\Run: [spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\PROGRAM FILES\WINSOS\WINSOS.EXE" MINI O4 - Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - User Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - User Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL (file missing) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {D30CAFF0-087B-11D3-82D8-006094695CEC} (McAfee PC Clinic FaManager Class) - http://download.mcafee.com/molbin/Clinic/F...eck/mgfactl.cab O16 - DPF: {23047A90-8511-11D2-87A5-20C252C10000} (McAfee Clinic TreeView Class) - http://download.mcafee.com/molbin/Shared/MGTree.cab O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/ComCtl32.cab O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - http://download.mcafee.com/molbin/mcaeng/mcsmtshp.cab O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://gamekult.metaboli.fr/components/Metaboli.ocx O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://10151.kit.carpediem.fr/ParisVoyeur.exe O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab -
Bonjour, cela fait pratiquement une semaine que je me bat avec des spyware que je n'arrive pas a enlever rien ne fonctionne correctement je doit avoir essayé a peu pres tout les programmes existant anti spyware comme ad-aware , spybot search en destroy , spy sweeper, xoftspy, x clean-micro , noadware, winsos, spycleaner, et j'en passe etc ...................... je n'arrive toujours pas a m'en débarrasser je crois que je frole la crise de nerf on m'a conseiller en désespoir de cause de telecharger le programme hijackthis et d'en poster le log ici c'est donc ce que je vais faire car je sature vraiment si quelqu'un pourrait m'aider je lui en serait vraiment reconnaissant je tourne encore sur windows 98 voici le log: Logfile of HijackThis v1.99.1 Scan saved at 10:36:21, on 6/06/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\MOUSE\SYSTEM\EM_EXEC.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE C:\COMPAQ\INTERNET\CISRVR.EXE C:\CPQS\BWTOOLS\SCCENTER.EXE C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE C:\PROGRAM FILES\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE C:\WINDOWS\MXOALDR.EXE C:\PROGRAM FILES\ALCATEL\SPEEDTOUCH USB\DRAGDIAG.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\FR\MSNAPPAU.EXE C:\PROGRAM FILES\VERISIGN\NAVI\NAVIAGENT.EXE C:\PROGRAM FILES\CHECKFLOW\SPY SHOOTER\4.5.0.1\FLOWSERVICE.EXE C:\PROGRAM FILES\WINSOS\WINSOS.EXE C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\NETFXUPDATE.EXE C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\VERISIGN\NAVI\NAVICLIENT.EXE C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE C:\PROGRAM FILES\COMPAQ\ON-SCREEN DISPLAY\OSD.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\NGEN.EXE C:\WINDOWS\SYSTEM\WINOA386.MOD C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\PROFILES\VINCENT\BUREAU\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.msn.fr/spbasic.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirec...c=080C&s=search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirec...c=080C&s=search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.presario.net/scripts/redirec...&query=%s&i=enu R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file) O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_5_7_0.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\FR\MSNTB.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe O4 - HKLM\..\Run: [systemTray] systray.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.exe O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN O4 - HKLM\..\Run: [CISrvr Program] C:\COMPAQ\INTERNET\CISRVR.EXE O4 - HKLM\..\Run: [service Connection] c:\cpqs\bwtools\sccenter.exe O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\MAXTOR\ONETOUCH\UTILS\ONETOUCH.EXE O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe" O4 - HKLM\..\Run: [navi] "C:\Program Files\VeriSign\NAVI\naviagent.exe" uimode=agentupdate O4 - HKLM\..\Run: [msxct] msxct.exe O4 - HKLM\..\Run: [FlowProtector2005] C:\PROGRAM FILES\CHECKFLOW\SPY SHOOTER\4.5.0.1\Flowservice -f O4 - HKLM\..\Run: [spySweeper] "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray O4 - HKLM\..\Run: [XoftSpy] C:\PROGRAM FILES\XOFTSPY\XoftSpy.exe -s O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [HC Reminder] hc.exe O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE O4 - HKLM\..\RunOnce: [NetFxUpdate_v1.1.4322] "C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\NETFXUPDATE.EXE" 0 v1.1.4322 GAC + NI NID O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup O4 - HKCU\..\Run: [bestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup O4 - HKCU\..\Run: [spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\PROGRAM FILES\WINSOS\WINSOS.EXE" MINI O4 - Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - User Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe O4 - User Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - User Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL (file missing) O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {D30CAFF0-087B-11D3-82D8-006094695CEC} (McAfee PC Clinic FaManager Class) - http://download.mcafee.com/molbin/Clinic/F...eck/mgfactl.cab O16 - DPF: {23047A90-8511-11D2-87A5-20C252C10000} (McAfee Clinic TreeView Class) - http://download.mcafee.com/molbin/Shared/MGTree.cab O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/ComCtl32.cab O16 - DPF: {CDB74794-A3BA-4733-B6F6-59BF16D6C15A} (McAfee Smart Shop - Update Class) - http://download.mcafee.com/molbin/mcaeng/mcsmtshp.cab O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://gamekult.metaboli.fr/components/Metaboli.ocx O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://10151.kit.carpediem.fr/ParisVoyeur.exe O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab