[Tuto] Hijackthis

Discussion dans 'Support informatique' créé par NoUnOuS, 11 Août 2007.

  1. NoUnOuS

    NoUnOuS Prepare to Die x____x

    J'aime reçus:
    33
    Points:
    0
    alssommiire :

    I-Almou9addimah
    II-Ach kay ydir had lprogramme
    III-Kayfiyat ta7dir, 2a2, lissti3mal
    IV-bghit nzid nfham
    V-alkhatimah !


    I –Almou9addima8888 :


    Koulla nhar kay tpostaw fhad la section bzzaf dyal les sujets kay ytalbo nnass fihom lmoussa3ada, (machi moussa3ada maliya [22h] ) moussa3ada bach i7ellou chi mouchkil 3andhom flpc, mouchkil b7alach ? kayan :
    • A 3ibad llah, ach had les pubs kay ykherjo liya
      [*]Ma 3raft mal lpc dyali walla t9iiiiiiiil
      [*]Mal les pages web kay yt3attlooo ?
      [*]Ila akhirihi …
    Bach n7allo b7al had lmachakil wa ghirha, kan nsta3mlo HIJACKTHIS, houwa ana fine ma kan n7ass blpc dyali machi houwa hadak kan ndrab lih tjfifa bih
    PS: Tssawar li f tuto, clickiw 3lihom bach tchoufoh flformat lkbira

    [COLOR=blue][FONT=Verdana]II- Ach kay ydir had lprogramme[/FONT][/COLOR][FONT=Verdana][/font]

    [COLOR=fuchsia][FONT=Verdana]Ach kay dir ? [/FONT][/COLOR][FONT=Verdana][/font]
    [FONT=Verdana]Kay ybi3 lbtata frass derb [22h]

    [FONT=Verdana]Nchoufo mol lbarnamaj ach kay gol 3la lbarnamaj dyalo

    [quote]
    [FONT=Verdana]HijackThis opens you a possibility to find and fix nasty entries on your computer easier.
    Therefore it will scan special parts in the registry and on your harddisk and compare them with the default settings. If there is some abnormality detected on your computer HijackThis will save them into a logfile. In order to find out what entries are nasty and what are installed by the user, you need some background information.
    A logfile is not so easy to analyze. Even for an advanced computer user. With the help of this automatic analyzer you are able to get some additional support. Just paste your complete logfile into the textbox at the bottom of this page.
    A cause de quelques malentendus, je précise que je développe seulement cette analyse en ligne et non l'utilitaire HijackThis.
    [/FONT][/quote][FONT=Verdana] [B][COLOR=fuchsia][FONT=Verdana]Ach kay ykharba9 3lina hada ?[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ma fhamtouch , kount 3arafha, 7amdollah machi gha bou7di li ma msakwalch [22h]
    [FONT=Verdana]Mouhim, bl3arbiya dyal ta3rabt had lbarnamaj mni kat tkhedmo kay ychemchem lpc dyalak, kay ychouf chnou kheddam fih, chnou tbeddal f registre.
    [FONT=Verdana]Hadchi wakha ma tfahmouhch ma 3andkom ma ddirou bih [17h]

    [B][U][COLOR=blue][FONT=Verdana]III- Kayfiyat ta7dir, 2a2, lissti3mal[/FONT][/COLOR][FONT=Verdana][/font][/U][FONT=Verdana][/font][/B][FONT=Verdana]

    [B][COLOR=red][FONT=Verdana]Awwalan wa 9abla koulli chay2, had lbarnamaj kay yt3amal m3a registre dyal lpc, o registre houwa lguide dyal lpc , o ila twaddar lguide, gha ytwaddar lpc, o ila twaddar lpc, ma b9ach gha yach3al, idan al7adar al7adar 3inda lissti3mal.[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]

    [FONT=Verdana]Ma 3linach, flbadya khass ntilicharjiw o ninstalliw had lbarnamaj
    [B][COLOR=fuchsia][FONT=Verdana]Mnin ntelecharjiwh ?[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]man [URL="http://download.hijackthis.eu/hijackthis_199.zip"]hna[/URL]

    [B][COLOR=fuchsia][FONT=Verdana]O man ba3d ?[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana] man ba3d dizippih, ila ma kata3rafch dizippi, tebba3 had almara7il :
    [FONT=Verdana]Khass ikoun 3andak lwinzip oula lwinrar (ila ma 3andakch jibo man[URL="http://www.clubic.com/telecharger-fiche9632-winrar.html"]HNA[/URL]

    [FONT=Verdana]1-[FONT=Verdana]mni gha telecharji logiciel gha tkoun 3andak une icône b7al hadi :
    [FONT=Verdana][URL="http://img530.imageshack.us/img530/4791/installation1js0.jpg"][IMG]http://img530.imageshack.us/img530/4791/installation1js0.jpg[/IMG][/URL]

    [FONT=Verdana]2-[FONT=Verdana]cliki blbotona limniya ( o gol bsmellah) o dezzipi lfichier fnafss dossier b7al hakka :
    [FONT=Verdana][URL="http://img372.imageshack.us/img372/5260/installation2pe7.jpg"][IMG]http://img372.imageshack.us/img372/5260/installation2pe7.jpg[/IMG][/URL][/url]

    [FONT=Verdana]3-[FONT=Verdana]Mabrok , t3allamti kifach dezippi
    [FONT=Verdana][URL="http://img47.imageshack.us/img47/6198/installation3sg9.jpg"][IMG]http://img47.imageshack.us/img47/6198/installation3sg9.jpg[/IMG][/URL]

    [B][COLOR=fuchsia][FONT=Verdana]Ya7lili, iwa o man ba3d ?[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Man ba3d cliki 3la dik l’icouna
    [FONT=Verdana]Gha takhroj lik wa7ad twichiya, cliki 3la Oui, wa safi 3la 7ssab gha cliki, tta malak ma baghich taya9 , wa kliki , safi klikiti ? hazzak lma

    [B][COLOR=fuchsia][FONT=Verdana]A 7tta nchaddak o nnnnnn .. nnnn[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]

    [FONT=Verdana]Ach nnn ?? raya7 llard, o tabba3 m3aya, rah sala da7k daba , ghadi tkhroj lik had la fenetre :

    [FONT=Verdana][URL="http://img54.imageshack.us/img54/9579/utilisation1iw5.jpg"][IMG]http://img54.imageshack.us/img54/9579/utilisation1iw5.jpg[/IMG][/URL]


    [FONT=Verdana]Clikiw 3la « do scan and save log » , ghadi dar chi twichiya , o man ba3d ghadi it7al likom wa7ad lfichier txt, hadak lfichier texte, ghadi dirou lih ctrl+A et ctrl+c, bima3na copier coller, o man ba3d gha tamchiw lhad site => [URL]http://www.hijackthis.de/fr[/URL] et ghadi tcolliwh wast dak lmorabba3 lbyad kif hakka :
    [FONT=Verdana][URL="http://img406.imageshack.us/img406/7688/utilisation3ge1.jpg"][IMG]http://img406.imageshack.us/img406/7688/utilisation3ge1.jpg[/IMG][/URL]

    [FONT=Verdana]O man ba3d klikiw 3la evaluer !

    [B][COLOR=fuchsia][FONT=Verdana]Ach hadchi khroj liya ?[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]

    [FONT=Verdana]Hadik hiya l’evaluation dyal chno tari flpc dyalak
    [FONT=Verdana]Wa daba sma3 liya mazyaaaan :
    [FONT=Verdana]- Fla colonne dyal « inscription » kayan smit dakchi li kheddam 3andak flpc,
    [FONT=Verdana]- fla colonne dyal « genre » : kayan atabi3a dyal dakchi li kheddam 3andak
    [FONT=Verdana]- fla colonne dyal « visitor chi stoun » : kayan no9at li 3tawhom nass li b7ali o b7alak
    [FONT=Verdana]-fla derniere colonne, kaynin ba3d lmola7adat

    [FONT=Verdana]Daba awal 7aja khass dir, katamchi la colonne « genre » et kaddrab wa7ad tella khfifa,

    [FONT=Verdana]Li kay yhemmna houma stoura li fihom croix 7amra, hadak houwa lkhatar li 3andak flpc,

    [FONT=Verdana]Ana chakhsiyan , mni kat ban liya chi croix 7amra, kan ncopie smiya dyal dak lbarnamaj li maktouba f « inscription » et kan ncolliha f google, et kan n9allab 3la chi 7al ldak lmouchkil,
    [B][FONT=Verdana]Ana li kan n9tara7, hiya li l9a chi mouchkil, iposti lina lfichier log dyalo fhad sujet, et n7awlo n9allbo lih 3la chi 7all[/FONT][/B][FONT=Verdana]

    [FONT=Verdana]Kayan tari9a taniya, hiya mni katchouf fsite dakchi li fih croix 7amra, katarja3 lhijackthis, kat tcoché 3la dakchi li bghiti tam7i (1) et man ba3d kliki 3la fix checked (2)
    [FONT=Verdana][URL="http://img116.imageshack.us/img116/807/utilisation4sq9.jpg"][IMG]http://img116.imageshack.us/img116/807/utilisation4sq9.jpg[/IMG][/URL]

    [FONT=Verdana]Gha tkhroj lik man ba3d wa7ad la fenetre de confimation[B][COLOR=red], ma tconfirmi 7tta tkoun mtya9an man dakchi li selectionniti, o 3aaaraf ach baghi ddir, la tassda9 ma7i chi fichier systeme,[/COLOR][/B] hadchi 3lach had tari9a taniya est deconseillée

    [B][U][COLOR=blue][FONT=Verdana]IV- bghit nzid nfham[/FONT][/COLOR][FONT=Verdana][/font][/U][FONT=Verdana][/font][/B][FONT=Verdana]

    [FONT=Verdana]Walayni fikom lfhama bezzaf , ma 3linach, ghadi nzidou nfessro hna koulla star man douk stoura li kay ykherjo f hijackthis :
    [B][COLOR=#993300][FONT=Verdana]R0, R1, R2, R3 – ssaf7a l2oula dyal internet explorer oula mou7arrikat[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana][B][COLOR=#993300][FONT=Verdana] lba7t dyalo[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila kounti kata3raf ladrissa li fllakhar dyal koulla star, ci bon, ila lla, cochiha bach tm7iha man ba3d
    [B][COLOR=#993300][FONT=Verdana]F0, F1 – lbaramij li kay yt7allo automatiki tomatiki, oula les fichier ini[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Les F0 dima fihom lmachakil, gha m7i
    [FONT=Verdana]Les F1 houma chi baramij 9daaaam, manaf3in fwalo, wakha tkhallihom
    [B][COLOR=#993300][FONT=Verdana]N1, N2, N3, N4 – hadou b7al les R walakin, khassine b mozilla oula firefox[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [B][COLOR=#993300][FONT=Verdana]O1 – hadou les redirections li flfichier host[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Hada kay rediriji lik les adresse dyawlik vers chi adresses wa7dakhra, ta9dar tcorriji hda lmachakil b cwsherdder.
    [B][COLOR=#993300][FONT=Verdana]O2 – baramij lmoussa3ada dyal les navigateurs[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Hadou houma les programmes d’aides, ila kan chi wa7ad machi nta li zaydou, cauchi8
    [B][COLOR=#993300][FONT=Verdana]O3 – toolbar dyal internet explorer[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Hadou houma les barres li kay ytzadou,(toolbar) ; chi wa7da ma kata3rafhach, cauchi8a
    [B][COLOR=#993300][FONT=Verdana]O4 – lbaramij li kay ydimarriw m3a lpc dyalak,[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila kan hna chi programme kay ydemarrilikom hijackthis ma ya9darch itfih, imma 9albo bgoogle 3la chi outil bach tam7iw, o fntidar tal9awh, sirou le gestionnaire des taches (ctrl+alt+suppr) et tfiwh man temma
    [B][COLOR=#993300][FONT=Verdana]O5 – baramij ma katbanch flpanneau de configuration[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Man ghir ila ma kountich nta li mkhebbih bach ma ybanch, cauchi la case dyalo
    [B][COLOR=#993300][FONT=Verdana]O6 – ila ma kountich ta9dar tdkhol les options dyal internet explorer[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kountich ta9dar tadkhol, cauchi la case dyal had star( man ghir ila kan l’administrateur dyalak houwa li m7ayad lik l’acces)
    [B][COLOR=#993300][FONT=Verdana]O7 – ila ma kountich ta9dar tdkhol lregedit[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kountich ta9dar tadkhol, cauchi la case dyal had star( man ghir ila kan l’administrateur dyalak houwa li m7ayad lik l’acces)
    [B][COLOR=#993300][FONT=Verdana]O8 – chnou kayakhroj lik mni katakliki 3la lbouton droit de la souris f internet explorer[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kountich 3araf smiyt douk stoura oula mnin jaw, cauchi la case dyalo
    [B][COLOR=#993300][FONT=Verdana]O9 – lbotonnat li zaydine f internet explorer[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kountich 3araf mnin jaw douk stoura oula douk lboutonnat, kouchi la case dyal dak star
    [B][COLOR=#993300][FONT=Verdana]O10 – piratage dyal Winsock[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ma 3arafch chnahouwa : D walakin man l2a7ssan sti3mal spybot bach tcorrijih, 7it hijackthis ma kaya9darch icorrijih
    [B][COLOR=#993300][FONT=Verdana]O11 – stora li zaydine f option > avancé dyal internet explorer[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Lpirate lwa7id li kay ya9dar izid stora dyalo houwa commonname, iwa fine ma iban likom commonname, cauchiw la case
    [B][COLOR=#993300][FONT=Verdana]O12 - Plugins dyal IE[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Fghalib l2a7yan raho mazyanin
    [B][COLOR=#993300][FONT=Verdana]O13 – piratage dyal prefixe par defaut dyal IE[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ma fihom nfa3, cauchiw ga3 stoura
    [B][COLOR=#993300][FONT=Verdana]O14 – piratage dyal « réinitialisation de la configuration Web »[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kantch l’adrissa li temma hiya dyal lfournisseur dyalkom dyal l’internet cauchi la case
    [B][COLOR=#993300][FONT=Verdana]O15 – almawa9i3 lghayr lmarghob fiha f la zone de confiance[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila kan chi site hna o machi nta li zaydo, cauchi la case dyal had star
    [B][COLOR=#993300][FONT=Verdana]O16 – lbaramij li mtelecharjiya m3a IE (oula msn)[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kountich 3araf lbarnamaj, cauchi la case dyal dak star
    [B][COLOR=#993300][FONT=Verdana]O17 – pirataw lik domaine [/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila ma kanch domaine houwa dyal ton FAI ( b7al menara) cauchi la case dyal dak star
    [B][COLOR=#993300][FONT=Verdana]O18 – piratage dyal les protocoles[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]9lil les pirates li y9adro ipiratiw les preotocoles kayan : 'cn' (CommonName), 'ayb' (Lop.com) et 'relatedlinks' (Huntbar), ila ban lik chi star fih hado coché dik la case
    ohouwa man l2a7ssan sti3mal spybot, houwa li kay ytkallaf bihom mazyan
    [B][COLOR=#993300][FONT=Verdana]O19 – tghyir fla feuille de style[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ila walla navigateur dyalak t9iiil oula bdaw kay ykherjou lik des popups, cauché les cases li fhad star
    [B][COLOR=#993300][FONT=Verdana]O20 – O21 – O22 registre => chnou kay ydemarri[/FONT][/COLOR][FONT=Verdana][/font][/B][FONT=Verdana]
    [FONT=Verdana]Ma na9darch ngol likom 3liha bezzaf, 7it 7ta ana ma fahamhach mazyan, lmohim ma tcauchiw la case dyalha 7tta tkouno sur mannha
    [B][COLOR=#993300]O23 - Services NT[/COLOR][/B]
    [FONT=Verdana]Hadou lbaramij li kheddamine flpc mais li ma tab3inch lmicrosoft, i9edrou ikouno fihom des virus oula chi cheval de trois, hijackthis ma kaya9darch irépari hadchi, man l2a7ssan t9allab 3la kolla barnamaj fihom fgoogle o tjib l’outil dyal sa suppression.

    [FONT=Verdana]Safi cochitou ? wa klikiw 3la fix chcked, et ma tconfirmiw 7ta tkouno suuuuuuuuur, rah ila tam7at chi twichiya kayakhdem biha chi program dyal lpc, rah ma ghayab9ach yakhdm likom , 8aaaaaaattanssio

    [B][U][COLOR=blue][FONT=Verdana]V-Alkhatima88888[/FONT][/COLOR][FONT=Verdana][/font][/U][FONT=Verdana][/font][/B][FONT=Verdana]


    [FONT=Verdana]Fl2akhir, bghit ngol likom, lli 3andou chi tassa2oul itar7o 3lina fhad topic, oula idir copier coller lson log o ipostih n7awlo nal9aw jmi3 chi 7el lmachakil li 3andou,

    [FONT=Verdana]Yallah, créyéw vos logs , gha tal9aw la3jab, khossossan ila ma kanch 3andkom chi antivirus et / oula chi anti spyware

    [FONT=Verdana]Wa choukran
    [FONT=Verdana]Choukran choukran
    [FONT=Verdana]Al2ayamou llati tadouzo [/FONT][/FONT][/FONT][/FONT][/FONT][/font][/FONT][/FONT][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/FONT][/font][/font][/FONT][/FONT][/font][/FONT][/font][/font][/FONT][/font][/FONT][/FONT][/FONT][/font][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/font][/FONT][/FONT][/FONT][/FONT][/FONT][/font][/FONT][/FONT][/font][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/FONT][/font][/FONT][/font][/FONT][/font][/font][/FONT][/FONT][/FONT][/font][/font][/FONT][/FONT]
     
  2. zbougz

    zbougz بــــابــــا عـــــروب Membre du personnel

    J'aime reçus:
    559
    Points:
    113
    choukrane khouya nounous 3la had tuto
    rah hijackthis mohim lwa7ed ykoun tya3ref lih mezyane
    ana kent tanste3mlo mais makentch 3aref hadchi dyal la 4éme partie kent tanchouf ghir dakchi li f site o tanebda nztem hhhh
    merci khouya :p
     
  3. sda3

    sda3 Matkhafch khouuk ana ri lwaqt li m....

    J'aime reçus:
    120
    Points:
    63
    bo kricha lah y7afdek winafdek wi khalina 7da fakhdek
    hada rah 3ziz 3lia had Hijackthis weld nasss o drafat
    i7afdek mera khera :)
     
    1 personne aime cela.
  4. Fanida

    Fanida OUM LYNA

    J'aime reçus:
    161
    Points:
    63
    [02c][45h] ana makentch 3arfa 8ad Hijackthis et franchement moi je trouve que t le meilleur pour l'instant chra7ti mezian les image baynin, en plus pas de copier coller c un travail personnel, et j'imagine que ca a pris beaucoup de temps.

    bravo encore et allah ye3tik se7a
     
  5. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0
    wach ghir hada safi? :-(
     
  6. NoUnOuS

    NoUnOuS Prepare to Die x____x

    J'aime reçus:
    33
    Points:
    0
    ah, voila notre premier malade,
    une premiere analyse avec hijackthis kaatbayan 3andak bezzaf dyal lcrwat en rouge, on va regler sa da99a da99a
     
  7. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0
    ok merci j'attend:)


    lah ychafi lpc dialiiiiiii[41h]
     
  8. NoUnOuS

    NoUnOuS Prepare to Die x____x

    J'aime reçus:
    33
    Points:
    0
    a premiere vue, les croix rouges tournent autour de My web search bar,
    c une bar qui s'ajoute f internet explorer et fiha des spyware, peut etre t'instllat lik quand tu as installé msgplus,
    mohim tu sui had les etapes :
    1/ ferme toutes les fenetres de internet explorer
    2/ demarrer => panneau de configuration => ajout/supp de programme => tu cherche temma mywebsearch bar et tu la desinstalle, ensuite tu redemarre le pc et fais a nouveau un scan avec hijackthis et envoi le rapport
     
  9. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0
    f ejouter/sprimer ma3andich chi 7aja smiytha mywebsearch bar :confused:
    nsuprimer lfichier dialha men program files?
     
  10. Saad.

    Saad. Accro

    J'aime reçus:
    99
    Points:
    48
    merci pour le tuto !!! ghir howa pour la dexieme solution ma khassch nass ibdaw issprimiw f 7aja li ma 3arfinhach
     
  11. NoUnOuS

    NoUnOuS Prepare to Die x____x

    J'aime reçus:
    33
    Points:
    0
    un truc du ganre :
    My Web Search
    My Way Speedbar
    Search Assistant - My Way
     
  12. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0


    non waaaaaaaaaaaaaaaaaalo makayench ri7t hadchi m3a les programme li m'instaliya mais kayen dossier dial mywebsearch fprogram files


    chno ndiiiiiiiiiiiiiiiiiiiiiiiiir
    [01m]
     
  13. NoUnOuS

    NoUnOuS Prepare to Die x____x

    J'aime reçus:
    33
    Points:
    0
    est ce que tu as installé msgplus ??
     
  14. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0
    oui installe
     
  15. NoUnOuS

    NoUnOuS Prepare to Die x____x

    J'aime reçus:
    33
    Points:
    0
    bon, tu va le desinstaller TOTALEMENT,
    tu redemarre le pc
    gha tlanci hijack this, tu va coché had les lignes ila kanou ba9yine:

    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL

    O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL

    O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S

    O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZJxdm150YYMA


    tu clik 3la fix checked

    ghatamchi lprogam files, et tam7i le dossier dyal mywebsearch

    tu réinstall msgplus, mais had lmarra fait attention, quand il demandera wach tu va installer le sponsor dit lui non

    diri un autre test avec hijackthis et poste le ici
     
  16. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0
    ok mon frere merci pr l'effort :)

    daba nposti test kif nsali
     
  17. khouzouza

    khouzouza Visiteur

    J'aime reçus:
    14
    Points:
    0
    voilaaaaaaaaaaaaaaa ca fonctionne [28h]
     
  18. Pe|i

    Pe|i Green heart ^.^

    J'aime reçus:
    501
    Points:
    113
    Merci NouNous pour le tuto :)
     
  19. milouky

    milouky ¤~.oOo.~¤

    J'aime reçus:
    256
    Points:
    83
    merchiiiiiiiiiiii pour le tuto c bien fait
     
  20. zbougz

    zbougz بــــابــــا عـــــروب Membre du personnel

    J'aime reçus:
    559
    Points:
    113
    ha li 3tani ana [21h]

    Code:
    Logfile of HijackThis v1.99.1
    Scan saved at 23:29:34, on 12/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
    C:\WINDOWS\VM_STI.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
    C:\Documents and Settings\Administrateur.ORDI-XPSP2.000\Bureau\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
    O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
    O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (VC0305)
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: http://www.google.fr
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://najwafrance.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-us.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AEC5BEC4-946A-4F8F-8F2D-C86CAE40D4C8}: NameServer = 212.217.1.4 212.217.0.14
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    
    
     

Partager cette page