Aller au contenu

M dia

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    3

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par M dia

  1. M dia
    merci pour ce que tu as fait, j'attendrais la réponse patiemment^^
  2. M dia
    c'est bon cela à fonctionner, je vs donne le rapport juste après l'opération donc je vois pas trop les effets (mais bon je suppose que sa va pas tarder^^), merci comme même: Malwarebytes' Anti-Malware 1.17 Version de la base de données: 846 00:13:13 17/06/2008 mbam-log-6-17-2008 (00-13-13).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 155082 Temps écoulé: 36 minute(s), 26 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 9 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 7 Fichier(s) infecté(s): 27 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\892267\892267.dll (Trojan.BHO) -> Unloaded module successfully. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{25e0128d-aafc-49ff-ab11-1f12c2fcc391} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25e0128d-aafc-49ff-ab11-1f12c2fcc391} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\e404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\e404.e404mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\E404.e404mgr (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Fichiers communs\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully. C:\Program Files\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\XPSecurityCenter (Rogue.XPSecurityCenter) -> Quarantined and deleted successfully. C:\Program Files\XPSecurityCenter\data (Rogue.XPSecurityCenter) -> Quarantined and deleted successfully. C:\WINDOWS\system32\892267 (Trojan.BHO) -> Quarantined and deleted successfully. C:\Documents and Settings\tubery\Application Data\DriveCleaner Free (Rogue.DriveCleaner) -> Quarantined and deleted successfully. C:\Documents and Settings\tubery\Application Data\DriveCleaner Free\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\892267\892267.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\Documents and Settings\tubery\Local Settings\Temp\winCP0ofbVCc3.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP53\A0006191.exe (Worm.Socks) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP56\A0006388.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP59\A0007542.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP59\A0007561.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP59\A0007577.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP59\A0007578.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP61\A0007615.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP61\A0007624.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP62\A0007634.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP62\A0007651.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{4FD41D57-09AF-4122-AB88-80CBC52C0EE2}\RP62\A0007725.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\WINDOWS\admgcx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\bdmanager.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\cru629.dat (Trojan.Proxy) -> Quarantined and deleted successfully. C:\WINDOWS\dmdvpnsop.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\emotigt.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\fsxloqf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cru629.dat (Trojan.Proxy) -> Quarantined and deleted successfully. C:\WINDOWS\system32\univrs32.dat (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully. C:\Program Files\NetProject\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\NetProject\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully. C:\Program Files\XPSecurityCenter\data\daily.cvd (Rogue.XPSecurityCenter) -> Quarantined and deleted successfully. C:\WINDOWS\system32\basevxns32.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
  3. M dia
    voila mon rapport hijackthis, est-ce que quelqu'un pourrait m'indiquer, qu'est-ce que je peux enlever avec hijackthis pour que mon ordinateur fonctionne correctement (le maximum de petit truc à cocher svp) comme je ne suis pas un doué de l'informatique... je vous demande humblement votre aide^^ voila le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:04:21, on 15/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\FSGK32.EXE C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fssm32.exe C:\Program Files\Securitoo\av_fw\Common\FSMB32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Securitoo\av_fw\Common\FCH32.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsqh.exe C:\Program Files\Securitoo\av_fw\Common\FAMEH32.EXE C:\Program Files\Securitoo\av_fw\Anti-Virus\fsrw.exe C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe C:\Program Files\Securitoo\av_fw\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe C:\WINDOWS\system32\JMRaidTool.exe C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Prg\CLEANS~1\csta.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\SECURI~1\av_fw\ANTI-S~1\fsaw.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe C:\Program Files\Securitoo\av_fw\FSGUI\fsguidll.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Wanadoo\EspaceWanadoo.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\tubery\Mes documents\Mes fichiers reçus\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: 892267 helper - {25E0128D-AAFC-49FF-AB11-1F12C2FCC391} - C:\WINDOWS\system32\892267\892267.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKCU\..\Run: [sysW8] C:\Prg\CLEANS~1\csta.exe startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "c:\program files\steam\steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Outil de détection de support de Cyber-shot Viewer.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\Securitoo\av_fw\backweb\7431218\Program\fspex.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Securitoo\av_fw\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Securitoo\av_fw\Anti-Spyware\ieshield.dll O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{36841125-99DA-43CE-923C-B442BE1D0C90}: NameServer = 80.10.246.1 81.253.149.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{36841125-99DA-43CE-923C-B442BE1D0C90}: NameServer = 80.10.246.1 81.253.149.2 O23 - Service: Antivirus Firewall (BackWeb Plug-in - 7431218) - Securitoo Portal - C:\PROGRA~1\SECURI~1\av_fw\backweb\7431218\Program\SERVIC~1.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Securitoo\av_fw\backweb\7431218\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe -- End of file - 8370 bytes merci d'avance
×
×
  • Créer...