[Résolu] Rapport hijackthis
Dernière réponse : dans Sécurité
Bonsoir à tous,
j'ai des problème pour me connecter sur internet, je n'y arrive pas dutout même!!!
C'est pourquoi j'ai fais un scan hijackthis, mais j'arrive pas à touver ce qui ne joue pas et qui pourrait avoir un lien avec mon problème de connexion.
Si quelqu'un arriverait à me dire si le scan comporte des anormlalies ^^
Merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 22:55:41, on 06.05.2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Mélissa\Bureau\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.ch/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/uk/WebInstall.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
j'ai des problème pour me connecter sur internet, je n'y arrive pas dutout même!!!
C'est pourquoi j'ai fais un scan hijackthis, mais j'arrive pas à touver ce qui ne joue pas et qui pourrait avoir un lien avec mon problème de connexion.
Si quelqu'un arriverait à me dire si le scan comporte des anormlalies ^^
Merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 22:55:41, on 06.05.2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Mélissa\Bureau\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.ch/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/uk/WebInstall.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Autres pages sur : resolu rapport hijackthis
Lassé par la pub ? Créez un compte
Bonjour,
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
---> Il faut mettre à jour Windows.
Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
Citation :
Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
---> Il faut mettre à jour Windows.
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Voila le résultat du scan:
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1945
Windows 5.1.2600 Service Pack 1
07.05.2009 00:11:40
mbam-log-2009-05-07 (00-11-40).txt
Type de recherche: Examen rapide
Eléments examinés: 63346
Temps écoulé: 9 minute(s), 16 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 89
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0494d0d0-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d4-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d6-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0da-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0dc-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Comet (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Comet\Install\Temp\addremove.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\angel.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\armask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\arskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\autosrch.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\band.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\brbho12a.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cc3.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\CC_42_1x.inf (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\close.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsdown.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsmask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsover.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cnfmgr.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\comet.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\comutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\context.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\controlpanel.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\core.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csapputil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\CSBand.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csbho.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csbrange.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cscore.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csctx.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cseng.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csietb.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csinst.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csres.dat (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\czlink.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\def_arr.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\fclnk.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\fileutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\friend.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\help.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\instcore.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\intro.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\license.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\logging.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\luiclient.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\MasterConfig.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mcc2.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccmask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccoff.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\nletter.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\onlinecheck.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\orbitz.xsl (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\pcursor.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\pix.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\refbutton.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.xsl (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\scr_mcc.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\scr_wait.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\skinui.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\strip.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\supdate.cab (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\supdate.cab.di (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\tbmgr.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\tbproducts.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\title.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\titlelabel_ar.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\title_arui.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\toolbar.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\travel.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\travel_context.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\unins.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_autosearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_errorsearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_funbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_funcursors.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_platform.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_refbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_relatedsearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_searchassist.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_shopbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_travel.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_travelbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_webbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_webcursors.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\update.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\utillauncher.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\vdivider.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\winutil.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWay) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1945
Windows 5.1.2600 Service Pack 1
07.05.2009 00:11:40
mbam-log-2009-05-07 (00-11-40).txt
Type de recherche: Examen rapide
Eléments examinés: 63346
Temps écoulé: 9 minute(s), 16 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 89
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0494d0d0-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d4-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d6-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0da-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0dc-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Comet (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Comet\Install\Temp\addremove.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\angel.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\armask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\arskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\autosrch.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\band.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\brbho12a.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cc3.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\CC_42_1x.inf (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\close.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsdown.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsmask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsover.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cnfmgr.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\comet.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\comutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\context.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\controlpanel.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\core.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csapputil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\CSBand.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csbho.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csbrange.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cscore.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csctx.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cseng.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csietb.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csinst.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csres.dat (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\czlink.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\def_arr.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\fclnk.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\fileutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\friend.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\help.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\instcore.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\intro.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\license.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\logging.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\luiclient.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\MasterConfig.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mcc2.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccmask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccoff.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\nletter.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\onlinecheck.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\orbitz.xsl (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\pcursor.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\pix.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\refbutton.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.xsl (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\scr_mcc.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\scr_wait.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\skinui.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\strip.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\supdate.cab (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\supdate.cab.di (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\tbmgr.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\tbproducts.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\title.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\titlelabel_ar.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\title_arui.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\toolbar.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\travel.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\travel_context.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\unins.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_autosearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_errorsearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_funbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_funcursors.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_platform.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_refbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_relatedsearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_searchassist.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_shopbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_travel.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_travelbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_webbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_webcursors.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\update.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\utillauncher.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\vdivider.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\winutil.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWay) -> Quarantined and deleted successfully.
re-bonjour
d'acco d'acc, je télécharge et ensute je l'installerai (en arrivant à la casa ce soir)
En attendant, faudra-t-il que je fasse une autre manipulation suite à l'installation du service pack 2 ?
Merci Destrio5
Bonne journée à ce soir ^^
Destrio5 a dit :
Je vais bien.C'est quoi comme modem ?
C'est le Zyxel Prestige 660 ME
http://www.acanta.ch/computer/news1.html
[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]
Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Il va te demander d'installer la console de récupération : accepte.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Destrio5 a dit :
[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Re^^
j'ai regardé avec mon fournisseur d'accès internet, et il va me renvoyer un nouveau modem routeur d'ici peu.
Je te tiens au courant après que je l'ai reçu
a tanto
Re-salut Destrio,
en ce qui concernet mon problème, c'est résolu![:bounce:]( ":bounce:")
Après avoir reçu le nouveau routeur/modem, j'ai remplacé la carte réseau et, ajouté un fichier qui apparament était manquant dans le dossier :
C:\WINDOWS\system32
Il s'agissait du fichier "dhcpcsvc.dll", pour l'adresse IP.
(http://www.dll-files.com/dllindex/dll-files.shtml?dhcpc...)
Ensuite l'installation s'est fait sans problèmes![:)]( ":)")
Encore merci pour ton aide ^^
A tanto
en ce qui concernet mon problème, c'est résolu
Après avoir reçu le nouveau routeur/modem, j'ai remplacé la carte réseau et, ajouté un fichier qui apparament était manquant dans le dossier :
C:\WINDOWS\system32
Il s'agissait du fichier "dhcpcsvc.dll", pour l'adresse IP.
(http://www.dll-files.com/dllindex/dll-files.shtml?dhcpc...)
Ensuite l'installation s'est fait sans problèmes
Encore merci pour ton aide ^^
A tanto
.Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumRapport hijackthis joint - help
- ForumRapport hijackthis -virus
- ForumVirus rapport hijackthis
- ForumAi-je un virus rapport hijackthis
- ForumOrdinateur qui rame rapport hijackthis
- ForumRapport hijackthis a analyser.
- ForumPc infecte - rapport hijackthis
- ForumInterpretation d'un rapport hijackthis
- ForumRapport hijackthis.
- ForumRapport hijackthis. besoin d'analyse
- Voir plus
