Fenetre surgissante

Résolu
alex3796 -  
XaTon Messages postés 2160 Statut Membre -
Bonjour,
Exist-il un logiciel contre les fenetre surgissante ?

Merci !

Alex.
Configuration: Windows XP
Firefox 3.5.2

17 réponses

  2.
    XaTon Messages postés 2160 Statut Membre 208
     
    Bonjour ,

    Tu parle des fenêtre Pop up

    Normalement     , tu doit pas en avoir ...

    Si des fenêtres surgisse intempestivement sur internet , tu est surement infecté
    0
  3. alex3796
     
    Oui mais defois ya des fenetre publicitaire (ca arrive) qui s'ouvre derriere notre fenetre actuelle (sit u vois ce que je veux dire...)
    0
  4. XaTon Messages postés 2160 Statut Membre 208
     
    Si tu veut que l'ont regarde si tu est infecté ,

    Fait ceci

    ~~~~~~~~~~~~~~~> Hijack This <~~~~~~~~~~~~~~~~~~~

    - Telecharger Hijack
    >http://www.infos-du-net.com/telecharger/HijackThis.html

    Une fois Hijack installer, exécuter le :
    - Cliquer sur "Do a system scan and save a logfile"

    - Un fichier texte s'ouvre, si ce n'est pas le cas celui-ci se trouve dans le même dossier que hijackthis.exe .
    - Faire édition / sélectionner tout
    - Clic droit / copier

    - Poste moi le rapport entier

    0

  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. alex3796
     
    Mais je ne suis pas infecter , je viens de formater mon ordi ya quelque semaines !
    Je suis sur que sur tout les ordi ça fait ça !
    0
  7. XaTon Messages postés 2160 Statut Membre 208
     
    Non

    Lol

    Est ce que ce sont des sites sur OuPah ?
    0
  8. alex3796
     
    Bon voila si tu veux :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:31:29, on 28/08/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\FixCamera.exe
    C:\WINDOWS\tsnpstd3.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
    C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Documents and Settings\Alexandre\Mes documents\Application\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.76.22.110:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
    O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWiFiService.exe (file missing)
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    0
  9. XaTon Messages postés 2160 Statut Membre 208
     
    Je pense que tu est bien Infecté

    Fait ceci :

    ~~~~~~~~~~~~~~~~> Virustotal <~~~~~~~~~~~~~~~~~~~

    - Rends toi sur ce site :

    > https://www.virustotal.com/gui/

    - Clique sur parcourir et cherche ce fichier :C:\WINDOWS\tsnpstd3.exe

    - Clique sur Send File.

    - Un rapport va s'élaborer ligne à ligne.

    - Attends la fin. Il doit comprendre la taille du fichier envoyé.

    - Sauvegarde le rapport avec le bloc-note.

    - Copie le dans ta réponse.

    - Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant.
    0
  10. alex3796
     
    voila

    Information additionnelle
    File size: 270336 bytes
    MD5 : 09b5359e63ef3202d22f2f60349e29fb
    SHA1 : 2f717fac698875e56ab0513f54394efdcd6040a1
    SHA256: 6e71fd8bcb5a8d6844f13e32420dba5b28118683992657b9803b306e6c766c8d
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0xCA50
    timedatestamp.....: 0x46296ABC (Sat Apr 21 03:37:00 2007)
    machinetype.......: 0x14C (Intel I386)

    ( 4 sections )
    name viradd virsiz rawdsiz ntrpy md5
    .text 0x1000 0x24F9B 0x25000 6.60 9a2c52c4743fca24dc5ec60a8283e760
    .rdata 0x26000 0x96FE 0xA000 4.61 8ee0670a8953fb5aaf1157542ac0fa64
    .data 0x30000 0x8528 0x5000 2.25 088c33d0e2fc72be89257d228a4b3760
    .rsrc 0x39000 0xCE60 0xD000 5.33 a0bc0b3a525b1b410d65a817f550cab5

    ( 12 imports )

    > advapi32.dll: RegCloseKey, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA
    > comctl32.dll: ImageList_Destroy, -
    > comdlg32.dll: GetFileTitleA
    > gdi32.dll: ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, SetViewportExtEx, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetMapMode, DPtoLP, GetTextColor, GetBkColor, LPtoDP, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
    > kernel32.dll: HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, HeapAlloc, GetProfileStringA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, ExitProcess, RtlUnwind, FormatMessageA, GetFileTime, GetFileSize, GetFileAttributesA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, MulDiv, SetLastError, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, lstrlenA, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, CreateMutexA, IsBadWritePtr, GetLastError
    > ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
    > oleaut32.dll: -, -, -, -, -, -, -, -, -
    > oledlg.dll: -
    > olepro32.dll: -, -
    > shell32.dll: Shell_NotifyIconA
    > user32.dll: MessageBeep, InvalidateRect, CharUpperA, RegisterClipboardFormatA, PostThreadMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetMenuItemID, TrackPopupMenu, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetWindowLongA, OffsetRect, IntersectRect, GetNextDlgGroupItem, IsIconic, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, PtInRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, CopyRect, GetClientRect, GetDC, ReleaseDC, GetMenuCheckMarkDimensions, GetMenuState, ModifyMenuA, CheckMenuItem, GetFocus, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, RegisterWindowMessageA, SetTimer, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, SendMessageA, EnableWindow, LoadMenuA, GetSubMenu, GetCursorPos, LoadBitmapA, SetRect, CopyAcceleratorTableA, CharNextA, InflateRect, SystemParametersInfoA, GetSysColorBrush, RemoveMenu, EnableMenuItem, SetMenuItemBitmaps, SetForegroundWindow, LoadImageA, DestroyIcon, LoadStringA, FindWindowA, KillTimer, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetClassNameA, GetDesktopWindow, LoadCursorA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, DestroyMenu, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, IsDlgButtonChecked, GetSysColor, UpdateWindow, SendDlgItemMessageA, GetNextDlgTabItem, SetWindowContextHelpId, MapWindowPoints, LoadIconA
    > winspool.drv: ClosePrinter, DocumentPropertiesA, OpenPrinterA

    ( 0 exports )
    TrID : File type identification
    Win32 Executable MS Visual C++ (generic) (53.1%)
    Windows Screen Saver (18.4%)
    Win32 Executable Generic (12.0%)
    Win32 Dynamic Link Library (generic) (10.6%)
    Generic Win/DOS Executable (2.8%)
    ThreatExpert: https://www.symantec.com?md5=09b5359e63ef3202d22f2f60349e29fb
    0
  11. XaTon Messages postés 2160 Statut Membre 208
     
    Il manque la partie principale du rapport
    0
  12. alex3796
     
    Je remet tout :D

    a-squared 4.5.0.24 2009.08.28 -
    AhnLab-V3 5.0.0.2 2009.08.27 -
    AntiVir 7.9.1.7 2009.08.28 -
    Antiy-AVL 2.0.3.7 2009.08.24 -
    Authentium 5.1.2.4 2009.08.28 -
    Avast 4.8.1335.0 2009.08.27 -
    AVG 8.5.0.406 2009.08.27 -
    BitDefender 7.2 2009.08.28 -
    CAT-QuickHeal 10.00 2009.08.27 -
    ClamAV 0.94.1 2009.08.28 -
    Comodo 2116 2009.08.28 -
    DrWeb 5.0.0.12182 2009.08.28 -
    eSafe 7.0.17.0 2009.08.27 -
    eTrust-Vet 31.6.6705 2009.08.27 -
    F-Prot 4.5.1.85 2009.08.27 -
    F-Secure 8.0.14470.0 2009.08.28 -
    Fortinet 3.120.0.0 2009.08.28 -
    GData 19 2009.08.28 -
    Ikarus T3.1.1.68.0 2009.08.28 -
    Jiangmin 11.0.800 2009.08.28 -
    K7AntiVirus 7.10.829 2009.08.27 -
    Kaspersky 7.0.0.125 2009.08.28 -
    McAfee 5722 2009.08.27 -
    McAfee+Artemis 5722 2009.08.27 -
    McAfee-GW-Edition 6.8.5 2009.08.28 -
    Microsoft 1.5005 2009.08.28 -
    NOD32 4375 2009.08.28 -
    Norman 2009.08.27 -
    nProtect 2009.1.8.0 2009.08.27 -
    Panda 10.0.2.2 2009.08.28 -
    PCTools 4.4.2.0 2009.08.27 -
    Prevx 3.0 2009.08.28 -
    Rising 21.44.11.00 2009.08.25 -
    Sophos 4.45.0 2009.08.28 -
    Sunbelt 3.2.1858.2 2009.08.27 -
    Symantec 1.4.4.12 2009.08.28 -
    TheHacker 6.3.4.3.389 2009.08.27 -
    TrendMicro 8.950.0.1094 2009.08.28 -
    VBA32 3.12.10.10 2009.08.28 -
    ViRobot 2009.8.28.1906 2009.08.28 -
    VirusBuster 4.6.5.0 2009.08.28 -
    Information additionnelle
    File size: 270336 bytes
    MD5...: 09b5359e63ef3202d22f2f60349e29fb
    SHA1..: 2f717fac698875e56ab0513f54394efdcd6040a1
    SHA256: 6e71fd8bcb5a8d6844f13e32420dba5b28118683992657b9803b306e6c766c8d
    ssdeep: 3072:6qKYVaQzwF/e7iWeeKfI2xQZEqUgq4YsBrx4ena4vQp98+v0/tocDJSM76K
    FAd:Q7eKfgEL4YsBr3ip9SUMeT
    PEiD..: -
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0xca50
    timedatestamp.....: 0x46296abc (Sat Apr 21 01:37:00 2007)
    machinetype.......: 0x14c (I386)

    ( 4 sections )
    name viradd virsiz rawdsiz ntrpy md5
    .text 0x1000 0x24f9b 0x25000 6.60 9a2c52c4743fca24dc5ec60a8283e760
    .rdata 0x26000 0x96fe 0xa000 4.61 8ee0670a8953fb5aaf1157542ac0fa64
    .data 0x30000 0x8528 0x5000 2.25 088c33d0e2fc72be89257d228a4b3760
    .rsrc 0x39000 0xce60 0xd000 5.33 a0bc0b3a525b1b410d65a817f550cab5

    ( 12 imports )
    > KERNEL32.dll: HeapReAlloc, HeapSize, GetACP, GetTimeZoneInformation, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, RaiseException, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, CompareStringA, CompareStringW, SetEnvironmentVariableA, HeapAlloc, GetProfileStringA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, ExitProcess, RtlUnwind, FormatMessageA, GetFileTime, GetFileSize, GetFileAttributesA, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, GetFullPathNameA, GetVolumeInformationA, FindFirstFileA, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetCurrentProcess, DuplicateHandle, SetErrorMode, GetOEMCP, GetCPInfo, GetThreadLocale, SizeofResource, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, MulDiv, SetLastError, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, lstrcpyA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, lstrlenA, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, lstrcpyW, WideCharToMultiByte, GetVersionExA, GetModuleHandleA, CreateMutexA, IsBadWritePtr, GetLastError
    > USER32.dll: MessageBeep, InvalidateRect, CharUpperA, RegisterClipboardFormatA, PostThreadMessageA, SetFocus, AdjustWindowRectEx, ScreenToClient, GetTopWindow, IsChild, GetCapture, WinHelpA, wsprintfA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetMenuItemID, TrackPopupMenu, GetWindowTextLengthA, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetWindowLongA, OffsetRect, IntersectRect, GetNextDlgGroupItem, IsIconic, GetWindowPlacement, GetWindowRect, MapDialogRect, SetWindowPos, GetWindow, PtInRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, CopyRect, GetClientRect, GetDC, ReleaseDC, GetMenuCheckMarkDimensions, GetMenuState, ModifyMenuA, CheckMenuItem, GetFocus, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, SetWindowsHookExA, GetParent, GetLastActivePopup, RegisterWindowMessageA, SetTimer, AppendMenuA, UnregisterClassA, HideCaret, ShowCaret, ExcludeUpdateRgn, DrawFocusRect, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, SendMessageA, EnableWindow, LoadMenuA, GetSubMenu, GetCursorPos, LoadBitmapA, SetRect, CopyAcceleratorTableA, CharNextA, InflateRect, SystemParametersInfoA, GetSysColorBrush, RemoveMenu, EnableMenuItem, SetMenuItemBitmaps, SetForegroundWindow, LoadImageA, DestroyIcon, LoadStringA, FindWindowA, KillTimer, DefDlgProcA, IsWindowUnicode, GetSystemMenu, GetClassNameA, GetDesktopWindow, LoadCursorA, GrayStringA, DrawTextA, TabbedTextOutA, EndPaint, BeginPaint, GetWindowDC, ClientToScreen, DestroyMenu, ShowWindow, MoveWindow, SetWindowTextA, IsDialogMessageA, IsDlgButtonChecked, GetSysColor, UpdateWindow, SendDlgItemMessageA, GetNextDlgTabItem, SetWindowContextHelpId, MapWindowPoints, LoadIconA
    > GDI32.dll: ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, DeleteObject, SetViewportExtEx, GetDeviceCaps, GetViewportExtEx, GetWindowExtEx, CreateSolidBrush, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, GetMapMode, DPtoLP, GetTextColor, GetBkColor, LPtoDP, OffsetViewportOrgEx, SetViewportOrgEx, SetMapMode, SetBkMode, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, PatBlt, CreateDIBitmap, GetTextExtentPointA, BitBlt, CreateCompatibleDC, CreateBitmap
    > comdlg32.dll: GetFileTitleA
    > WINSPOOL.DRV: ClosePrinter, DocumentPropertiesA, OpenPrinterA
    > ADVAPI32.dll: RegCloseKey, RegQueryValueExA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA
    > SHELL32.dll: Shell_NotifyIconA
    > COMCTL32.dll: ImageList_Destroy, -
    > oledlg.dll: -
    > ole32.dll: CoFreeUnusedLibraries, OleUninitialize, CoTaskMemAlloc, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CLSIDFromString, CLSIDFromProgID, CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoRegisterMessageFilter, CoRevokeClassObject, OleFlushClipboard, OleIsCurrentClipboard, OleInitialize
    > OLEPRO32.DLL: -, -
    > OLEAUT32.dll: -, -, -, -, -, -, -, -, -

    ( 0 exports )
    RDS...: NSRL Reference Data Set
    -
    pdfid.: -
    trid..: Win32 Executable MS Visual C++ (generic) (53.1%)
    Windows Screen Saver (18.4%)
    Win32 Executable Generic (12.0%)
    Win32 Dynamic Link Library (generic) (10.6%)
    Generic Win/DOS Executable (2.8%)
    ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=09b5359e63ef3202d22f2f60349e29fb' target='_blank'>https://www.symantec.com?md5=09b5359e63ef3202d22f2f60349e29fb</a>
    0
  13. XaTon Messages postés 2160 Statut Membre 208
     
    Coche cette ligne , et clic sur Fixcheked 

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    0
  15. XaTon Messages postés 2160 Statut Membre 208
     
    Je n'ai rien trouvé d'autre ...

    Refait un log Hijack
    0
  16. alex3796
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:14:23, on 28/08/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\FixCamera.exe
    C:\WINDOWS\tsnpstd3.exe
    C:\WINDOWS\vsnpstd3.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
    C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe
    C:\Documents and Settings\Alexandre\Mes documents\Application\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.76.22.110:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
    O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
    O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
    O4 - Global Startup: WiFi Station N.lnk = C:\Program Files\Hercules\WiFi Station N\WiFiN.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: HerculesWiFi - Unknown owner - C:\WINDOWS\system32\HerculesWiFiService.exe (file missing)
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    0
  17. alex3796
     
    J'avais deja essayer mais je le reessaye , merci pour ton aide precieuse !

    A bientot !
    0
  18. XaTon Messages postés 2160 Statut Membre 208
     
    Derien

    a+
    0

Discussions similaires

Caler une adresse au niveau de la fenêtre d'une enveloppe
®omain -
kent -

15 réponses
Quel est le raccourci clavier pour le plein écran ?
Carotte77 -
KhyraRockwell -

19 réponses
Positionner l'adresse dans la fenêtre de l'enveloppe
Ifa.Endura -
Ifa.Endura -

4 réponses