Msn Connection Fermé

Question

Bonjour,

Voilà de cela 2jours, mon msn ne veux plus ce connecté.Il me dit que la connexion a window live  a échoué car le service est temporairement innacessible...Code d'erreur 80048820 Anyway.Jai fait quelque recherche sur le net, et rien a faire, msn marche bien sur mon autre ordi, donc je me dit que sa vien d'ici...J'ai passé mon ordi au peigne fin avec Spybot/avast/Avg/Malwarebytes, mais rien a faire, ca ne marche...Et aussi, en meme temps, j'ai commencé a avoir des erreur de certificat dans firefox/internet explorer donc je ne sais aps trop pourquoi.Voila mon rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:46:38, on 2008-05-26
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
G:\WINDOWS\stsystra.exe
G:\Program Files\Microsoft IntelliPoint\ipoint.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\WINDOWS\system32
etdde.exe
G:\PROGRA~1\AVG\AVG8\avgtray.exe
G:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
G:\Program Files\DAEMON Tools Lite\daemon.exe
G:\Program Files\Peer2Me\Peer2Me.exe
G:\WINDOWS\system32\ctfmon.exe
G:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
G:\Program Files\DU Meter\DUMeterSvc.exe
G:\Program Files\USB TV\EM28XX\BDARemote.exe
G:\Program Files\Orbitdownloader\orbitdm.exe
G:\Program Files\Hotspot Shield\bin\openvpnas.exe
G:\PROGRA~1\AVG\AVG8\avgam.exe
G:\PROGRA~1\AVG\AVG8\avgrsx.exe
G:\Program Files\Orbitdownloader\orbitnet.exe
G:\PROGRA~1\AVG\AVG8\avgnsx.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Java\jre6\bin\jqs.exe
D:\Jeux\Mapple story
pkcmsvc.exe
G:\Program Files\AVG\AVG8\avgcsrvx.exe
G:\WINDOWS\system32\PnkBstrA.exe
G:\WINDOWS\system32\svchost.exe
G:\PROGRA~1\AVG\AVG8\avgemc.exe
G:\Program Files\AVG\AVG8\avgcsrvx.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\uTorrent\uTorrent.exe
G:\Program Files\Mozilla Firefox\firefox.exe
G:\Program Files\Windows Live\Messenger\msnmsgr.exe
G:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 75.152.52.202 L2authd.lineage2.com
O1 - Hosts: 75.152.52.202 L2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - G:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - G:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - G:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Pluginseg\VeohToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - G:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - G:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [XboxStat] "G:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [StartCCC] "G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NBKeyScan] "G:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [IntelliPoint] "G:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] G:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] G:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "G:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [msnmsgr] "G:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Peer2Me] "G:\Program Files\Peer2Me\Peer2Me.exe"
O4 - HKCU\..\Run: [DU Meter] G:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ctfmon.exe] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Notifier] G:\Documents and Settings\Tockson1\Local Settings\Application Data\Notifieur\Notifieur.exe
O4 - HKCU\..\Run: [spdetector3] G:\Program Files\Spyware Process Detector\spd315.exe TRAY
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = G:\Program Files\Hamachi\hamachi.exe
O4 - Global Startup: BDARemote.lnk = ?
O4 - Global Startup: Orbit.lnk = G:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://G:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://G:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://G:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://G:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - G:\Program Files\VisualRoute Lite Edition\vrie.dll
O9 - Extra 'Tools' menuitem: VisualRoute Trace - {04849C74-016E-4a43-8AA5-1F01DE57F4A1} - G:\Program Files\VisualRoute Lite Edition\vrie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {10ECCE17-29B5-4880-A8F5-EAD298611484} (ReiEngine Class) - http://cdnrep.reimage.com/reix1219.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {597F9140-0DC6-4657-A162-76EC0E7AEE81} (ActiveBroadcast Control) - http://www.meetstream.com/activex/28081/activebroadcast.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {BFD90062-6B5E-4F8F-87B1-5F022C14E32F} (ActiveReceiver Control) - http://www.meetstream.com/activex/28081/activereceiver.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FA30EC32-668B-4B60-B13C-4C84EB90C3C9} (ActiveID Control) - http://www.meetstream.com/activex/28081/activeid.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - G:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: iifdbYOg - iifdbYOg.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - G:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - G:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - G:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Boonty Games - BOONTY - G:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - G:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - G:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - G:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - G:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - G:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - G:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - D:\Jeux\Mapple story
pkcmsvc.exe
O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - G:\Program Files\WinPcappcapd.exe

Utilisateur anonyme · Answer

Bonsoir

Télécharge SmitfraudFix (de de S!Ri, balltrap34 et moe31) : http://www.geekstogo.com/forum/files/file/6-smitfraudfix/ 

- Enregistres-le sur le bureau 

- Double-clique sur SmitfraudFix.exe et choisis l'option 1 puis Entrée 

- Un rapport sera généré, poste-le dans ta prochaine réponse.

NB: SmitFraudFix utilise process.exe qui est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

^^Marie^^ · Answer

Salut

.MSN Code d'erreur 80048820

++

tockson · Answer

Bon la bonne nouvelle est que je suis cpable de me connecté via window web liver(ou qqchose comme ça, via le lien que marie ma donné...Mais pas sur window live messenger:P


Voila le rapport de smith

SmitFraudFix v2.382

Rapport fait à 15:24:04,98, 2008-05-26
Executé à partir de G:\Documents and Settings\Tockson1\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
G:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
G:\WINDOWS\stsystra.exe
G:\Program Files\Microsoft IntelliPoint\ipoint.exe
G:\Program Files\HP\HP Software Update\HPWuSchd2.exe
G:\WINDOWS\system32
etdde.exe
G:\PROGRA~1\AVG\AVG8\avgtray.exe
G:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
G:\Program Files\DAEMON Tools Lite\daemon.exe
G:\Program Files\Peer2Me\Peer2Me.exe
G:\WINDOWS\system32\ctfmon.exe
G:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
G:\Program Files\DU Meter\DUMeterSvc.exe
G:\Program Files\USB TV\EM28XX\BDARemote.exe
G:\Program Files\Orbitdownloader\orbitdm.exe
G:\Program Files\Hotspot Shield\bin\openvpnas.exe
G:\PROGRA~1\AVG\AVG8\avgam.exe
G:\PROGRA~1\AVG\AVG8\avgrsx.exe
G:\Program Files\Orbitdownloader\orbitnet.exe
G:\PROGRA~1\AVG\AVG8\avgnsx.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Java\jre6\bin\jqs.exe
D:\Jeux\Mapple story
pkcmsvc.exe
G:\Program Files\AVG\AVG8\avgcsrvx.exe
G:\WINDOWS\system32\PnkBstrA.exe
G:\WINDOWS\system32\svchost.exe
G:\PROGRA~1\AVG\AVG8\avgemc.exe
G:\Program Files\AVG\AVG8\avgcsrvx.exe
G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
G:\Program Files\Alwil Software\Avast4\ashWebSv.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\uTorrent\uTorrent.exe
G:\Program Files\Mozilla Firefox\firefox.exe
G:\Program Files\Windows Live\Messenger\msnmsgr.exe
G:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Rhon\RohanBotEn1.0.29c\Rohanbot.exe
G:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» G:\


»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» G:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» G:\Documents and Settings\Tockson1


»»»»»»»»»»»»»»»»»»»»»»»» D:\TEMP


»»»»»»»»»»»»»»»»»»»»»»»» G:\Documents and Settings\Tockson1\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» G:\DOCUME~1\Tockson1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» G:\Program Files 


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
 

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="G:\WINDOWS\system32\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/100 VE Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.0.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{B62C3A42-7559-48F2-BA69-7CCEE31777C8}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B62C3A42-7559-48F2-BA69-7CCEE31777C8}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{B62C3A42-7559-48F2-BA69-7CCEE31777C8}: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

Msn Connection

3 réponses

Discussions similaires