Gros probleme dordi
Forum Sécurité - Virus : Gros probleme dordi
coucou tout e monde
Beh voila mon ordinateur est tres lent et il y a enormemet de pubs cid qui s'ouvrent.
J'ai deja fait la manipulation hijackthis puis clean puis navilog puis vundofix etc
Sa ne fait strictement rien du tout les pubs sont toujours presentes et mon ordinateur est toujours aussi lent
Aidez moi silvouplait
LiiLiie
salut ,tu doit poster un log hijackthis ici et attendre l'aide d'un helper
bonsoir
faut pas utiliser d'outils au hasard. tu pourrais endommager ton pc.
Tu fais ce que te demande Itra:
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
puis
Télécharge Lop S&D.exe sur ton bureau
- Double-clique dessus pour lancer l'installation
- Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
- Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
- Patiente jusqu'à la fin du scan
- Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Coucou
voila mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:02, on 09/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing)
O4 - HKLM\..\Run: [The locks settings ante] C:\Documents and Settings\All Users\Application Data\Cool Eggs The Locks\Grey user.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ATOMSLOW] C:\DOCUME~1\TATAN\APPLIC~1\JOYPUR~1\Kind rdr debug.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 7951 bytes
Puis mon rapport Lop
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
[ USER : TATAN ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 09/08/2008 | 11:07:45,35 ] [ PC : JONATHAN ]
[ MAJ : 01-08-2008 | 01:40 ]
--------------------\\ Listing des dossiers dans APPLIC~1
[09/03/2008|19:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[18/03/2008|21:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[09/08/2008|10:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Cool Eggs The Locks
[16/09/2006|12:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
[03/03/2008|18:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/08/2008|19:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[02/03/2008|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[11/06/2008|15:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[18/03/2008|21:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
[17/04/2008|11:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[02/04/2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[02/04/2008|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[16/09/2006|12:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
[16/09/2006|11:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[16/09/2006|11:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[16/09/2006|11:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[09/03/2008|19:55] C:\DOCUME~1\TATAN\APPLIC~1\Adobe
[18/03/2008|21:28] C:\DOCUME~1\TATAN\APPLIC~1\Ahead
[18/03/2008|21:26] C:\DOCUME~1\TATAN\APPLIC~1\DeepBurner
[16/09/2006|12:42] C:\DOCUME~1\TATAN\APPLIC~1\desktop.ini
[18/06/2008|18:06] C:\DOCUME~1\TATAN\APPLIC~1\EoRezo
[04/03/2008|10:02] C:\DOCUME~1\TATAN\APPLIC~1\Google
[08/08/2008|19:02] C:\DOCUME~1\TATAN\APPLIC~1\Grisoft
[16/09/2006|12:01] C:\DOCUME~1\TATAN\APPLIC~1\Identities
[05/06/2008|16:07] C:\DOCUME~1\TATAN\APPLIC~1\InstallShield
[16/09/2006|14:43] C:\DOCUME~1\TATAN\APPLIC~1\InterVideo
[09/08/2008|10:49] C:\DOCUME~1\TATAN\APPLIC~1\Joy pure rule
[05/06/2008|16:22] C:\DOCUME~1\TATAN\APPLIC~1\LG Electronics
[30/07/2008|12:09] C:\DOCUME~1\TATAN\APPLIC~1\LimeWire
[03/03/2008|10:53] C:\DOCUME~1\TATAN\APPLIC~1\Macromedia
[01/04/2008|19:33] C:\DOCUME~1\TATAN\APPLIC~1\Microsoft
[02/04/2008|10:50] C:\DOCUME~1\TATAN\APPLIC~1\OpenArena
[09/08/2008|09:59] C:\DOCUME~1\TATAN\APPLIC~1\OpenOffice.org2
[29/03/2008|15:47] C:\DOCUME~1\TATAN\APPLIC~1\Sun
[16/09/2006|12:26] C:\DOCUME~1\TATAN\APPLIC~1\Symantec
[09/03/2008|23:22] C:\DOCUME~1\TATAN\APPLIC~1\vlc
[27/03/2008|14:14] C:\DOCUME~1\TATAN\APPLIC~1\WinRAR
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[09/08/2008 11:00][--ah-----] C:\WINDOWS\tasks\A6549B73918B1873.job
[09/08/2008 09:57][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
( A6549B73918B1873.job )=( c:\docume~1\tatan\applic~1\joypur~1\GREYONEINTRA.exe )
--------------------\\ Listing des dossiers dans C:\Program Files
[12/06/2008|16:40] C:\Program Files\Adobe
[17/04/2008|10:51] C:\Program Files\Alwil Software
[23/04/2008|18:59] C:\Program Files\Astonsoft
[02/03/2008|20:21] C:\Program Files\Circle Developement
[04/07/2008|23:48] C:\Program Files\Common Files
[16/09/2006|11:50] C:\Program Files\ComPlus Applications
[16/09/2006|14:37] C:\Program Files\Creative
[02/04/2008|10:36] C:\Program Files\CyberQix
[18/06/2008|18:06] C:\Program Files\EoRezo
[23/06/2008|18:41] C:\Program Files\Fichiers communs
[16/09/2006|20:16] C:\Program Files\Free.fr
[04/07/2008|23:46] C:\Program Files\GOA
[04/03/2008|09:56] C:\Program Files\Google
[08/08/2008|19:01] C:\Program Files\Grisoft
[23/06/2008|18:38] C:\Program Files\InstallShield Installation Information
[18/06/2008|18:17] C:\Program Files\InterActual
[12/07/2008|21:31] C:\Program Files\Internet Explorer
[16/09/2006|14:38] C:\Program Files\InterVideo
[09/07/2008|20:16] C:\Program Files\Java
[26/07/2008|14:58] C:\Program Files\Joy pure rule
[16/09/2006|21:06] C:\Program Files\Lavalys
[05/06/2008|16:12] C:\Program Files\LG Electronics
[05/06/2008|16:10] C:\Program Files\LG PC Suite 2
[02/03/2008|20:32] C:\Program Files\LimeWire
[06/03/2008|11:38] C:\Program Files\Messenger
[19/04/2008|15:56] C:\Program Files\Messenger Plus! Live
[05/04/2008|11:24] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[16/09/2006|11:54] C:\Program Files\microsoft frontpage
[21/06/2008|20:10] C:\Program Files\Mingjong
[16/09/2006|14:10] C:\Program Files\Movie Maker
[16/09/2006|11:49] C:\Program Files\MSN
[16/09/2006|11:49] C:\Program Files\MSN Gaming Zone
[16/09/2006|14:39] C:\Program Files\MSXML 4.0
[08/08/2008|20:12] C:\Program Files\Navilog1
[18/03/2008|21:21] C:\Program Files\Nero
[16/09/2006|14:06] C:\Program Files\NetMeeting
[18/04/2008|23:05] C:\Program Files\Norton AntiVirus 2005
[02/04/2008|12:59] C:\Program Files\Norton Security Scan
[09/07/2008|20:18] C:\Program Files\OpenOffice.org 2.4
[06/03/2008|11:26] C:\Program Files\Outlook Express
[23/06/2008|18:41] C:\Program Files\PC Camera
[16/09/2006|21:22] C:\Program Files\PDFCreator
[23/07/2008|20:25] C:\Program Files\PhotoFiltre
[16/09/2006|21:31] C:\Program Files\Realtek AC97
[12/07/2008|21:39] C:\Program Files\RomuSoft
[03/03/2008|12:59] C:\Program Files\Samsung
[16/09/2006|11:49] C:\Program Files\Services en ligne
[18/06/2008|18:11] C:\Program Files\Steam
[18/04/2008|23:10] C:\Program Files\Symantec
[02/04/2008|10:49] C:\Program Files\Tremulous
[09/08/2008|11:04] C:\Program Files\Trend Micro
[16/09/2006|12:01] C:\Program Files\Uninstall Information
[12/06/2008|16:25] C:\Program Files\VideoLAN
[02/04/2008|10:57] C:\Program Files\Windows Live
[21/06/2008|20:10] C:\Program Files\Windows Media Components
[06/03/2008|11:27] C:\Program Files\Windows Media Player
[16/09/2006|14:06] C:\Program Files\Windows NT
[16/09/2006|11:49] C:\Program Files\WindowsUpdate
[27/03/2008|14:14] C:\Program Files\WinRAR
[16/09/2006|11:54] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[12/06/2008|16:40] C:\Program Files\Fichiers communs\Adobe
[09/03/2008|19:48] C:\Program Files\Fichiers communs\Adobe Systems Shared
[18/03/2008|21:26] C:\Program Files\Fichiers communs\Ahead
[02/03/2008|20:17] C:\Program Files\Fichiers communs\InstallShield
[16/09/2006|14:39] C:\Program Files\Fichiers communs\InterVideo
[02/03/2008|20:29] C:\Program Files\Fichiers communs\Java
[02/03/2008|19:13] C:\Program Files\Fichiers communs\Microsoft Shared
[16/09/2006|11:51] C:\Program Files\Fichiers communs\MSSoap
[16/09/2006|12:42] C:\Program Files\Fichiers communs\ODBC
[23/06/2008|18:41] C:\Program Files\Fichiers communs\PCCamera
[16/09/2006|11:51] C:\Program Files\Fichiers communs\Services
[16/09/2006|12:42] C:\Program Files\Fichiers communs\SpeechEngines
[18/04/2008|23:10] C:\Program Files\Fichiers communs\Symantec Shared
[06/03/2008|11:26] C:\Program Files\Fichiers communs\System
[02/04/2008|10:58] C:\Program Files\Fichiers communs\WindowsLiveInstaller
--------------------\\ Process
( 41 Processus )
iexplore.exe ~ [1904]
iexplore.exe ~ [208]
iexplore.exe ~ [428]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\TATAN\APPLIC~1\joypur~1
C:\DOCUME~1\TATAN\APPLIC~1\joypur~1\bowsbagsdogbyte.exe
C:\DOCUME~1\TATAN\APPLIC~1\joypur~1\enkrrzae.exe
C:\DOCUME~1\TATAN\APPLIC~1\joypur~1\GREY ONE INTRA.exe
C:\DOCUME~1\TATAN\APPLIC~1\joypur~1\Kind rdr debug.exe
C:\DOCUME~1\TATAN\APPLIC~1\joypur~1\pusucpzq.exe
C:\Program Files\joypur~1
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\DOCUME~1\TATAN\Cookies\tatan@advertstream[2].txt
C:\DOCUME~1\TATAN\Cookies\tatan@32vegas[1].txt
C:\DOCUME~1\TATAN\Cookies\tatan@banner.32vegas[2].txt
C:\WINDOWS\Tasks\A6549B73918B1873.job
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATOMSLOW"="C:\\DOCUME~1\\TATAN\\APPLIC~1\\JOYPUR~1\\Kind rdr debug.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts MODIFIE
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD
-> 72 [ 70 ## added by CiD ]
/!\ 1 Not 127.0.0.1 !!
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-09 11:10:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:10][D:4]-> C:\DOCUME~1\TATAN\LOCALS~1\Temp
[F:93][D:0]-> C:\DOCUME~1\TATAN\Cookies
[F:12659][D:19]-> C:\DOCUME~1\TATAN\LOCALS~1\TEMPOR~1\content.IE5
--------------------\\ Fin du rapport a 11:12:12,95
bonjour
1
Relance Lop S&D
- Choisis cette fois ci l'Option 2 ( Suppression )
- Ne ferme pas la fenêtre lors de la suppression !
- Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
2
Télécharge Toolbar S&D de la Team IDN sur ton bureau.
- Double-clique dessus pour lancer l'installation.
- Accepte le contrat de licence.
- Puis double-clique sur le raccourci Toolbar S&D présent sur ton bureau.
- Sélectionne la langue souhaitée et valide par la touche entrée.
- Choisis l'option 1 ( Recherche ).
- Patiente jusqu'à la fin du scan.
- Poste le rapport généré. ( C:\TB.txt )
/!\Marre de la pub: Firefox sécurisé/!\
Répondre à Sham_Rock
Il y a 1156 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
