Aller au contenu

mikus

Membres
  • Compteur de contenus

    35
  • Inscription

  • Dernière visite

Tout ce qui a été posté par mikus

  1. salut bruce.la manip na pas tet sans mal.je t'envoi le rapport ewido 10/01/06 19:31:19 [info]: BlackLight Engine 1.0.47 initialized 10/01/06 19:31:19 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/01/06 19:31:20 [Note]: 7019 4 10/01/06 19:31:20 [Note]: 7005 0 10/01/06 19:31:23 [Note]: 7006 0 10/01/06 19:31:23 [Note]: 7011 1436 10/01/06 19:31:23 [Note]: 7026 0 10/01/06 19:31:23 [Note]: 7026 0 10/01/06 19:31:23 [Note]: 7024 3 10/01/06 19:31:23 [info]: Hidden process: C:\windows\system32\vcdbxjmsy.exe 10/01/06 19:31:23 [Note]: FSRAW library version 1.7.1020 10/01/06 19:32:14 [info]: Hidden file: c:\WINDOWS\system32\vcdbxjmsy_nav.dat 10/01/06 19:32:14 [Note]: 10002 1 10/01/06 19:32:14 [info]: Hidden file: c:\WINDOWS\system32\vcdbxjmsy.dat 10/01/06 19:32:14 [Note]: 10002 1 10/01/06 19:32:14 [info]: Hidden file: C:\windows\system32\vcdbxjmsy.exe 10/01/06 19:32:14 [Note]: 10002 1 10/01/06 19:32:15 [info]: Hidden file: c:\WINDOWS\system32\vcdbxjmsy_navps.dat 10/01/06 19:32:15 [Note]: 10002 1 10/01/06 19:33:35 [Note]: 7007 0 et je t'envoi le rapport hijackthis Logfile of HijackThis v1.99.1 Scan saved at 21:09:17, on 02/10/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Micro Application\MediaDICO\MediaDICO.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\AMI MOUSE 250SP WIRELESS OPTICAL\lwbwheel.exe O4 - HKLM\..\Run: [vcdbxjmsy] c:\windows\system32\vcdbxjmsy.exe vcdbxjmsy O4 - HKLM\..\Run: [TrustInstaller] K:\Setup.exe O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\MediaDICO\MediaDICO.exe Lancement O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1D662740-F81B-4BD1-80C4-C5B759910B3F}: NameServer = 84.103.237.144 86.64.145.144 O17 - HKLM\System\CS1\Services\Tcpip\..\{1D662740-F81B-4BD1-80C4-C5B759910B3F}: NameServer = 84.103.237.144 86.64.145.144 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe voila bruce et maintenant?tine moi au courant stp .je vais surfer un peu voir si revienne ou pas.a++
  2. salut bruce .merci de ton aide.je t'envoi le rapport du sc10/01/06 19:31:19 [info]: BlackLight Engine 1.0.47 initialized 10/01/06 19:31:19 [info]: OS: 5.1 build 2600 (Service Pack 2) 10/01/06 19:31:20 [Note]: 7019 4 10/01/06 19:31:20 [Note]: 7005 0 10/01/06 19:31:23 [Note]: 7006 0 10/01/06 19:31:23 [Note]: 7011 1436 10/01/06 19:31:23 [Note]: 7026 0 10/01/06 19:31:23 [Note]: 7026 0 10/01/06 19:31:23 [Note]: 7024 3 10/01/06 19:31:23 [info]: Hidden process: C:\windows\system32\vcdbxjmsy.exe 10/01/06 19:31:23 [Note]: FSRAW library version 1.7.1020 10/01/06 19:32:14 [info]: Hidden file: c:\WINDOWS\system32\vcdbxjmsy_nav.dat 10/01/06 19:32:14 [Note]: 10002 1 10/01/06 19:32:14 [info]: Hidden file: c:\WINDOWS\system32\vcdbxjmsy.dat 10/01/06 19:32:14 [Note]: 10002 1 10/01/06 19:32:14 [info]: Hidden file: C:\windows\system32\vcdbxjmsy.exe 10/01/06 19:32:14 [Note]: 10002 1 10/01/06 19:32:15 [info]: Hidden file: c:\WINDOWS\system32\vcdbxjmsy_navps.dat 10/01/06 19:32:15 [Note]: 10002 1 10/01/06 19:33:35 [Note]: 7007 0 an
  3. salut bruce .dsl d'etre impatient mais sa va aller je t'envoi le rapport merciLogfile of HijackThis v1.99.1 Scan saved at 18:45:17, on 30/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Micro Application\MediaDICO\MediaDICO.exe C:\program files\mailskinner\mailskinner.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\AMI MOUSE 250SP WIRELESS OPTICAL\lwbwheel.exe O4 - HKLM\..\Run: [TrustInstaller] K:\Setup.exe O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\MediaDICO\MediaDICO.exe Lancement O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1D662740-F81B-4BD1-80C4-C5B759910B3F}: NameServer = 86.64.145.142 84.103.237.142 O17 - HKLM\System\CS1\Services\Tcpip\..\{1D662740-F81B-4BD1-80C4-C5B759910B3F}: NameServer = 86.64.145.142 84.103.237.142 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
  4. bonjour,j'ai fait un scan avec ewido voici le rapport.--------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: Mike and Family 13:46:26 30/09/2006 + Scan result: C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken. C:\Documents and Settings\Administrateur\Cookies\administrateur@estat[1].txt -> TrackingCookie.Estat : No action taken. C:\Documents and Settings\Administrateur\Cookies\administrateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken. C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[1].txt -> TrackingCookie.Weborama : No action taken. C:\Documents and Settings\Administrateur\Cookies\administrateur@zedo[2].txt -> TrackingCookie.Zedo : No action taken. ::Report end merci de me tenir au courant
  5. salut me revoila.y'a t'il quelqu'un pour resoudre mon probleme?
  6. bruce est ce que ca va t'aider ?a tu trouver quelque chose d'anormal a++
  7. SmitFraudFix v2.102 Rapport fait à 21:38:49,42, 29/09/2006 Executé à partir de C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  8. re bruce ,dsl pour le temps mais je l'ai dezipper,j'ai fait comme tu ma dis et il me repond fichier process exe absent. j'ai hijack this veut tu le rapport?CA VA TRE DUR CETTE AFFAIRE.merci
  9. salut bruce lee.merci de ta rapidite .je suis debutant dans les manipulation sur le net alors ca va prendre du temps. a tout a l'heure
  10. bonjour,je vien de m'insrire sur le forum car j'ai un probleme avec mon pc.voila le probleme.quand je surf sur ie,j'ai des pubs qui s'affiche en me disant que mon pc ete peut etre infecte et de telecharger systeme doctor.ce que je n'ai pa fait et d'autre cookie traceur.j'ai avast .spybot, ad aware et rien n'y fait malgrer les scan et les suppression .qu'elqun pourrait t'il m'eclaircir? MERCI D4AVANCE
×
×
  • Créer...