macatomax
-
Compteur de contenus
6 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par macatomax
-
pub intempestive adxtend...RESOLU !!!!!
macatomax a répondu à un(e) sujet de macatomax dans Analyses et éradication malwares
A priori plus de pub Merci encore pour tout çà, j'ai pas compris grand chose mais l'essentiel est le resultat !! Bravo encore pour l'implication et le professionnalisme Je ne pense pas apporter grand chose à ce forum au vue de mes connaissances très limitées, mais je le garde en favori avec grand plaisir.... Un grand bravo -
pub intempestive adxtend...RESOLU !!!!!
macatomax a répondu à un(e) sujet de macatomax dans Analyses et éradication malwares
Nouveau rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:56:04, on 14/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Users\FELIX\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://www.boomerangtv.fr/" O4 - Startup: Sommaire de OneNote.onetoc2 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://82.231.215.53/cab/OCXChecker_8310.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...NPUpldfr-fr.cab O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Service Google Update (gupdate1ca085aec172faa) (gupdate1ca085aec172faa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: lxct_device - - C:\Windows\system32\lxctcoms.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8706 bytes A priori, pour l'instant plus de pub, je refais un redemmarrage et je regarde çà -
pub intempestive adxtend...RESOLU !!!!!
macatomax a répondu à un(e) sujet de macatomax dans Analyses et éradication malwares
Voili voilou All processes killed ========== PROCESSES ========== ========== FILES ========== C:\bucks.exe moved successfully. ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Firefox deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: FELIX ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 223324634 bytes ->Java cache emptied: 40770442 bytes ->Google Chrome cache emptied: 6664388 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 99215 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 647080 bytes RecycleBin emptied: 2599080 bytes Total Files Cleaned = 261,00 mb OTM by OldTimer - Version 3.1.8.0 log created on 02142010_173708 Files moved on Reboot... Registry entries deleted on Reboot... -
pub intempestive adxtend...RESOLU !!!!!
macatomax a répondu à un(e) sujet de macatomax dans Analyses et éradication malwares
Bonjour, Ci joint le lien pour senduit.com : *** Lien Expiré *** Pour le rapport Malware: Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3732 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 13/02/2010 11:50:44 mbam-log-2010-02-13 (11-50-44).txt Type de recherche: Examen rapide Eléments examinés: 106427 Temps écoulé: 7 minute(s), 34 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) C'est bizarre, hier pas de pub et aujourd'hui il y en a plein.... Merci pour l'aide -
pub intempestive adxtend...RESOLU !!!!!
macatomax a répondu à un(e) sujet de macatomax dans Analyses et éradication malwares
Bonsoir et merci pour les infos detaillées Suite à l'analyse, ci joint les resultats Fichier bucks.exe reçu le 2010.02.12 17:36:40 (UTC)Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.02.12 - AhnLab-V3 5.0.0.2 2010.02.12 - AntiVir 7.9.1.160 2010.02.12 - Antiy-AVL 2.0.3.7 2010.02.11 - Authentium 5.2.0.5 2010.02.12 - Avast 4.8.1351.0 2010.02.12 - AVG 9.0.0.730 2010.02.12 - BitDefender 7.2 2010.02.12 - CAT-QuickHeal 10.00 2010.02.12 - ClamAV 0.96.0.0-git 2010.02.12 - Comodo 3912 2010.02.12 - DrWeb 5.0.1.12222 2010.02.12 - eSafe 7.0.17.0 2010.02.11 - eTrust-Vet 35.2.7299 2010.02.12 - F-Prot 4.5.1.85 2010.02.12 - F-Secure 9.0.15370.0 2010.02.12 - Fortinet 4.0.14.0 2010.02.12 - GData 19 2010.02.12 - Ikarus T3.1.1.80.0 2010.02.12 - Jiangmin 13.0.900 2010.02.08 - K7AntiVirus 7.10.971 2010.02.11 - Kaspersky 7.0.0.125 2010.02.12 - McAfee 5889 2010.02.11 - McAfee+Artemis 5889 2010.02.11 - McAfee-GW-Edition 6.8.5 2010.02.12 - Microsoft 1.5406 2010.02.12 - NOD32 4861 2010.02.12 - Norman 6.04.08 2010.02.12 - nProtect 2009.1.8.0 2010.02.12 - Panda 10.0.2.2 2010.02.12 - PCTools 7.0.3.5 2010.02.12 - Prevx 3.0 2010.02.12 - Rising 22.34.01.03 2010.02.11 - Sophos 4.50.0 2010.02.12 - Sunbelt 5671 2010.02.11 - Symantec 20091.2.0.41 2010.02.12 - TheHacker 6.5.1.3.190 2010.02.12 - TrendMicro 9.120.0.1004 2010.02.12 - VBA32 3.12.12.2 2010.02.12 - ViRobot 2010.2.12.2184 2010.02.12 - VirusBuster 5.0.21.0 2010.02.12 - Information additionnelle File size: 90112 bytes MD5...: 52ba0be41c086035241c4ccb6526ae41 SHA1..: 3861bb86c2866a5f8f2ce5192fc54e611f129c94 SHA256: e99a12a20799710e514d2642fc7090ac09d229d45efd097142ed01a0c1e0150f ssdeep: 1536:Xxdbul6fNgRwPY5W5C7QPI3KZygKxCU/R+NjaGU:BNCW54A3yl8jU<BR> PEiD..: - PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x16abe<BR>timedatestamp.....: 0x4b448515 (Wed Jan 06 12:41:57 2010)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x2000 0x14ac4 0x14c00 6.08 2672865b233a0715cd656721faf3104b<BR>.sdata 0x18000 0x5b 0x200 1.31 4d570fd3bda58ad2f5e380f0d8d5943a<BR>.rsrc 0x1a000 0xa50 0xc00 3.66 3f8614c6c9e59be1c45009602afb1fee<BR>.reloc 0x1c000 0xc 0x200 0.10 64486924e503cee72270e139a32b7580<BR><BR>( 1 imports ) <BR>> mscoree.dll: _CorExeMain<BR><BR>( 0 exports ) <BR> RDS...: NSRL Reference Data Set<BR>- pdfid.: - trid..: Generic CIL Executable (.NET, Mono, etc.) (79.2%)<BR>Windows Screen Saver (14.1%)<BR>Win16/32 Executable Delphi generic (2.2%)<BR>Generic Win/DOS Executable (2.1%)<BR>DOS Executable Generic (2.1%) sigcheck:<BR>publisher....: n/a<BR>copyright....: Copyright © 2009<BR>product......: WindowsApplication1<BR>description..: WindowsApplication1<BR>original name: bucks.exe<BR>internal name: bucks.exe<BR>file version.: 1.0.0.0<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.50 2010.02.12 - AhnLab-V3 5.0.0.2 2010.02.12 - AntiVir 7.9.1.160 2010.02.12 - Antiy-AVL 2.0.3.7 2010.02.11 - Authentium 5.2.0.5 2010.02.12 - Avast 4.8.1351.0 2010.02.12 - AVG 9.0.0.730 2010.02.12 - BitDefender 7.2 2010.02.12 - CAT-QuickHeal 10.00 2010.02.12 - ClamAV 0.96.0.0-git 2010.02.12 - Comodo 3912 2010.02.12 - DrWeb 5.0.1.12222 2010.02.12 - eSafe 7.0.17.0 2010.02.11 - eTrust-Vet 35.2.7299 2010.02.12 - F-Prot 4.5.1.85 2010.02.12 - F-Secure 9.0.15370.0 2010.02.12 - Fortinet 4.0.14.0 2010.02.12 - GData 19 2010.02.12 - Ikarus T3.1.1.80.0 2010.02.12 - Jiangmin 13.0.900 2010.02.08 - K7AntiVirus 7.10.971 2010.02.11 - Kaspersky 7.0.0.125 2010.02.12 - McAfee 5889 2010.02.11 - McAfee+Artemis 5889 2010.02.11 - McAfee-GW-Edition 6.8.5 2010.02.12 - Microsoft 1.5406 2010.02.12 - NOD32 4861 2010.02.12 - Norman 6.04.08 2010.02.12 - nProtect 2009.1.8.0 2010.02.12 - Panda 10.0.2.2 2010.02.12 - PCTools 7.0.3.5 2010.02.12 - Prevx 3.0 2010.02.12 - Rising 22.34.01.03 2010.02.11 - Sophos 4.50.0 2010.02.12 - Sunbelt 5671 2010.02.11 - Symantec 20091.2.0.41 2010.02.12 - TheHacker 6.5.1.3.190 2010.02.12 - TrendMicro 9.120.0.1004 2010.02.12 - VBA32 3.12.12.2 2010.02.12 - ViRobot 2010.2.12.2184 2010.02.12 - VirusBuster 5.0.21.0 2010.02.12 - Information additionnelle File size: 90112 bytes MD5...: 52ba0be41c086035241c4ccb6526ae41 SHA1..: 3861bb86c2866a5f8f2ce5192fc54e611f129c94 SHA256: e99a12a20799710e514d2642fc7090ac09d229d45efd097142ed01a0c1e0150f ssdeep: 1536:Xxdbul6fNgRwPY5W5C7QPI3KZygKxCU/R+NjaGU:BNCW54A3yl8jU<BR> PEiD..: - PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x16abe<BR>timedatestamp.....: 0x4b448515 (Wed Jan 06 12:41:57 2010)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x2000 0x14ac4 0x14c00 6.08 2672865b233a0715cd656721faf3104b<BR>.sdata 0x18000 0x5b 0x200 1.31 4d570fd3bda58ad2f5e380f0d8d5943a<BR>.rsrc 0x1a000 0xa50 0xc00 3.66 3f8614c6c9e59be1c45009602afb1fee<BR>.reloc 0x1c000 0xc 0x200 0.10 64486924e503cee72270e139a32b7580<BR><BR>( 1 imports ) <BR>> mscoree.dll: _CorExeMain<BR><BR>( 0 exports ) <BR> RDS...: NSRL Reference Data Set<BR>- pdfid.: - trid..: Generic CIL Executable (.NET, Mono, etc.) (79.2%)<BR>Windows Screen Saver (14.1%)<BR>Win16/32 Executable Delphi generic (2.2%)<BR>Generic Win/DOS Executable (2.1%)<BR>DOS Executable Generic (2.1%) sigcheck:<BR>publisher....: n/a<BR>copyright....: Copyright © 2009<BR>product......: WindowsApplication1<BR>description..: WindowsApplication1<BR>original name: bucks.exe<BR>internal name: bucks.exe<BR>file version.: 1.0.0.0<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> Merci encore pour l'implication -
pub intempestive adxtend...RESOLU !!!!!
macatomax a posté un sujet dans Analyses et éradication malwares
Bonjour à tous Nouveau sur ce forum je poste ce message ici ( à deplacer si ce n'est pas la bonne section J'ai bcp de pubs sur mon Pc et j'arrive pas à les virer j'ai vu qu'il fallait lancer hijack truc machin mais je n'y comprend pas grand chose Merci de me donner si possbile des trucs pour virer tout çà car je crois que mon PC va finir par la fenetre encore merci pour l'aide et bien le bonjour aux gars du fofo Ci joint le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:18:02, on 11/02/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\bucks.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Users\FELIX\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/def...://fr.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Firefox] C:\Bucks.exe O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://www.boomerangtv.fr/" O4 - Startup: Sommaire de OneNote.onetoc2 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://82.231.215.53/cab/OCXChecker_8310.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photo...NPUpldfr-fr.cab O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe O23 - Service: Service Google Update (gupdate1ca085aec172faa) (gupdate1ca085aec172faa) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: lxct_device - - C:\Windows\system32\lxctcoms.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8664 bytes