Aller au contenu

Sujets conseillés

Posté

Bonjour

Je suis nouveau sur ce forum et je voudrais obtenir des conseils pr me debarasser de spyware.J'ai lu la publication sur ce site, ai lance adware et spybot (qui ne reconnaissent plus de spy) mais j'ai tjrs l'impression d'en avoir a cause d'un avertissement de mon ordi qui dit: critical systme errors et en substance prenez un antispyware pr vous en debarasser.

J'ai alors fait un logfile sur hijack ms c vrai que ca commence a devenir trop technique pour moi.

Le voici

Logfile of HijackThis v1.99.1Scan saved at 12:08:17, on 20/11/2006Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\Program Files\Internet\FileZilla Server\FileZilla Server.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\System32\TPSMain.exeC:\Program Files\Toshiba\Toshiba Applet\thotkey.exeC:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exeC:\Program Files\TOSHIBA\PadTouch\PadExe.exeC:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exeC:\Program Files\ltmoh\Ltmoh.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Internet\FileZilla Server\FileZilla Server Interface.exeC:\WINDOWS\System32\TPSBattM.exeC:\Program Files\Fichiers communs\Real\Update_OB\realsched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\WINDOWS\System32\wuauclt.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\WinRAR\WinRAR.exeC:\DOCUME~1\FOULON~1\LOCALS~1\Temp\Rar$EX00.657\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.fr/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://proxy.ec-lyon.fr :3128R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = LiensO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: (no name) - {755bbd1a-aa59-456c-afeb-b4c42c4dcb6f} - C:\WINDOWS\System32\ixt0.dll (file missing)O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exeO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [TPSMain] TPSMain.exeO4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exeO4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exeO4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exeO4 - HKLM\..\Run: [TFncKy] TFncKy.exeO4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\Internet\FileZilla Server\FileZilla Server Interface.exe"O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe"  -osbootO4 - HKLM\..\Run: [KAVPersonal50] C:\Program Files\Internet\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimizeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUPO4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /autoO4 - HKLM\..\RunServices: [http://www.lienvandekelder.be] LienVandeKelder.exeO4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exeO4 - HKCU\..\Run: [RealPlayer] "C:\PROGRA~1\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBootO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.htmlO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\BUREAU~1\MICROS~1\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dllO9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dllO9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\BUREAU~1\MICROS~1\OFFICE11\REFIEBAR.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dllO12 - Plugin for žæ: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dllO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0745c9e2d235ad...RdxIE601_fr.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)O21 - SSODL: amaranthaceous - {4fc003c3-87a0-489c-85cd-878246eb2d18} - C:\WINDOWS\System32\oebxpba.dllO23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeO23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeO23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\Internet\FileZilla Server\FileZilla Server.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: kavsvc - Kaspersky Labs - C:\Program Files\Internet\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

Voila, j'espere que qqun pourra m'eclairer sur le sujet;

Merci beaucoup

Veuillez vous connecter pour commenter

Vous pourrez laisser un commentaire après vous êtes connecté.



Connectez-vous maintenant
×
×
  • Créer...