Je suis rempli d espion ou de troyens
benjamin66
Messages postés
22
Statut
Membre
-
Kristopher Messages postés 3752 Statut Contributeur -
Kristopher Messages postés 3752 Statut Contributeur -
bonjour voila je suis rempli d espion ou de troyens adware mais hijackthis me detect pas grand chose apparament d apres ce qu on ma dit mais cool webshreder men trouve beauboup plus je vous en voi quand mon log hijackthis pour linstant
Logfile of HijackThis v1.99.1
Scan saved at 10:58:50, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\a-squared\a2start.exe
C:\Program Files\a-squared\a2scan.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
sinon je sais que toute ma base de registre est infectée tout comme mon bios d aprés spybot merci de votre aide
Logfile of HijackThis v1.99.1
Scan saved at 10:58:50, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\a-squared\a2start.exe
C:\Program Files\a-squared\a2scan.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
sinon je sais que toute ma base de registre est infectée tout comme mon bios d aprés spybot merci de votre aide
A voir également:
- Je suis rempli d espion ou de troyens
- Document rempli - Guide
- Camera espion salle de bain - Accueil - Confidentialité
- Copiez l'image dans un logiciel d'édition d'images ou un outil en ligne comme js paint ou pixlr e. remplissez les cases en suivant le code couleur. des cases supplémentaires vont se remplir automatiquement. que représente le dessin ? - Forum Graphisme
- Comment detecter un gps espion - Accueil - Confidentialité
- Coeur pas rempli ✓ - Forum Facebook
34 réponses
Salut
<<perso c est pas pour embeter mais je pense que spybot nous a trouvé la totale >>
Non pas vraiment. N'essai pas de comprendre pour l'instant et fais juste ce que Marie t'a demandé au post num 19.
mais fait le avec rigueur et point part point
<<perso c est pas pour embeter mais je pense que spybot nous a trouvé la totale >>
Non pas vraiment. N'essai pas de comprendre pour l'instant et fais juste ce que Marie t'a demandé au post num 19.
mais fait le avec rigueur et point part point
Colle le rapport,
http://www.hijackthis.de/downloads/hijackthis_199.zip
Le dézipper dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < c : ! (Cela permet des back up en cas de mauvaises suppressions)
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
L’exécuter puis sur "do a system scan and save logfile" (cf. démo)
faire un copier coller du log entier sur le forum
http://www.hijackthis.de/downloads/hijackthis_199.zip
Le dézipper dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < c : ! (Cela permet des back up en cas de mauvaises suppressions)
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
L’exécuter puis sur "do a system scan and save logfile" (cf. démo)
faire un copier coller du log entier sur le forum
Logfile of HijackThis v1.99.1
Scan saved at 19:07:59, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe
C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [CleanUp!] C:\PROGRA~1\CleanUp!\cleanup.exe /WindowsRestart
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 19:07:59, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe
C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [CleanUp!] C:\PROGRA~1\CleanUp!\cleanup.exe /WindowsRestart
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
il ma trouvé que ca
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 19:17:13, 07/04/2006
+ Somme de contrôle: 8C51BA15
+ Résultats du scan:
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
::Fin du rapport
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 19:17:13, 07/04/2006
+ Somme de contrôle: 8C51BA15
+ Résultats du scan:
C:\Documents and Settings\Propriétaire\Cookies\propriétaire@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder
::Fin du rapport
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re benjamin66 ;)
Fini la rigolade, passons aux choses sérieuse.
Tu as ZoneAlarm comme firewall, c'est bien ça ?
~~ Fais ceci dans l'ordre ~~
1/ Désinstalle absolument WinAntiVirus Pro 2006 via le Panneau de configuration, en passant par Ajout/Suppression de programmes.
C'est en effet un faux utilitaire de sécurité, qui ne porte qu'un nom d'antivirus...
2/ Lance HijackThis, puis -> Do a system scan only et
coche ces lignes (si toujours présentes) :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
Ensuite, clique sur "Fix checked".
3/ Clique sur "démarrer" -> "Exécuter "et tape : services.msc et cherche dans la liste ces lignes puis règle les sur "Désactivé" :
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
4/ Télécharge un vrai antivirus, je te conseille Avast! :
https://www.avast.com/fr-fr/index
Tutorial là :
https://forums.cnetfrance.fr
Et effectue un scan complet de ton PC.
5/ Passe un coup de SpyBot - Search & Destroy et nettoie tout + vaccine le PC.
6/ Scanne ton PC avec cet antivirus en ligne :
https://www.bitdefender.com/toolbox/
Clique sur "I Agree" et scanne tout le PC.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Copie/colle le rapport sur le forum.
7/ Remets un nouveau log HijackThis stp.
À Toi de jouer !
Bonne chance ^^
Fini la rigolade, passons aux choses sérieuse.
Tu as ZoneAlarm comme firewall, c'est bien ça ?
~~ Fais ceci dans l'ordre ~~
1/ Désinstalle absolument WinAntiVirus Pro 2006 via le Panneau de configuration, en passant par Ajout/Suppression de programmes.
C'est en effet un faux utilitaire de sécurité, qui ne porte qu'un nom d'antivirus...
2/ Lance HijackThis, puis -> Do a system scan only et
coche ces lignes (si toujours présentes) :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O10 - Unknown file in Winsock LSP: c:\program files\winantivirus pro 2006\mailscan.dll
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
Ensuite, clique sur "Fix checked".
3/ Clique sur "démarrer" -> "Exécuter "et tape : services.msc et cherche dans la liste ces lignes puis règle les sur "Désactivé" :
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Program Files\WinAntiVirus Pro 2006\FWSvc.exe
4/ Télécharge un vrai antivirus, je te conseille Avast! :
https://www.avast.com/fr-fr/index
Tutorial là :
https://forums.cnetfrance.fr
Et effectue un scan complet de ton PC.
5/ Passe un coup de SpyBot - Search & Destroy et nettoie tout + vaccine le PC.
6/ Scanne ton PC avec cet antivirus en ligne :
https://www.bitdefender.com/toolbox/
Clique sur "I Agree" et scanne tout le PC.
Pense à accepter l'ActiveX bloqué par la barre anti-popup du SP2 (elle clignotera en haut).
Copie/colle le rapport sur le forum.
7/ Remets un nouveau log HijackThis stp.
À Toi de jouer !
Bonne chance ^^
spybot ma trouvé pas mal de chose sur mon ancien antivirus meme dans son pare feu bref sinon bitdefender ma rien trouvé
voici le log
Logfile of HijackThis v1.99.1
Scan saved at 22:09:12, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe /WindowsRestart
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.1 80.10.246.132
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
voici le log
Logfile of HijackThis v1.99.1
Scan saved at 22:09:12, on 07/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe /WindowsRestart
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.1 80.10.246.132
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
par contre il y a un truc qui m enerve je plus installer mon jeu counter strike et desinstaller l anti spyware pest patrol il y a a chaque fois un message d erreur
oui logique j ai tout fais et la peut etre que ca va vous aider mais ca fais 4 fois que mon systeme s eteint au bout de 60 seconde avec ca t autorité\systeme c est sasser non? car avan de faire la mise a jour j avais tout les sasser tout les blaster les zotob les nachi pli d autres truc dans les failles de securités mais la normalement il devraient tous partis car panda me les detecte plus
Bonjour,
Fais à la lettre ce que kris te demande.
2/ Lance HijackThis, puis -> Do a system scan only et
coche ces lignes
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
Ensuite, clique sur "Fix checked".
Remets un nouveau log HijackThis stp.
A++
Fais à la lettre ce que kris te demande.
2/ Lance HijackThis, puis -> Do a system scan only et
coche ces lignes
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
Ensuite, clique sur "Fix checked".
Remets un nouveau log HijackThis stp.
A++
ca veut pas partir ce que tu me dit de cliquer sur fix checked bref le log c est :
Logfile of HijackThis v1.99.1
Scan saved at 11:55:15, on 08/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe /WindowsRestart
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: a-squared Anti-Spam Service (A2AntiSpamService) - Unknown owner - C:\Program Files\a-squared Anti-Spam\A2AntiSpamSrv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Logfile of HijackThis v1.99.1
Scan saved at 11:55:15, on 08/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [CleanUp!] C:\Program Files\CleanUp!\Cleanup.exe /WindowsRestart
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0BD981B-DC06-4912-BB1C-327A9C6F9516}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: a-squared Anti-Spam Service (A2AntiSpamService) - Unknown owner - C:\Program Files\a-squared Anti-Spam\A2AntiSpamSrv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
il me detecte ca regcleaner
RegCleaner 4.3 by Jouni Vuorio
Shell Extensions of different kinds of file types. You can delete all of the file types that you don't need
[syntax: Extension, Command, Program ]
CERFile, Add, Rundll32.exe
CRLFile, Add, Rundll32.exe
P7RFile, Add, Rundll32.exe
PFXFile, Add, Rundll32.exe
SPCFile, Add, Rundll32.exe
STLFile, Add, Rundll32.exe
MSCFile, Author, %SystemRoot%\system32\Mmc.exe
MMJB.BURN, Burn, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmfwlaunch.exe
WMP.BurnCD, Burn, C:\Program Files\Windows Media Player\Wmplayer.exe
scrfile, Config, Unknown
RDP.File, Connect, Mstsc.exe
rnkfile, Connect, %SystemRoot%\system32\Rasphone.exe
cplfile, Cplopen, Rundll32.exe
rnkfile, Disconnect, %SystemRoot%\system32\Rasphone.exe
batfile, Edit, %SystemRoot%\System32\Notepad.exe
ChannelFile, Edit, Notepad.exe
cmdfile, Edit, %SystemRoot%\System32\Notepad.exe
JSEFile, Edit, %SystemRoot%\System32\Notepad.exe
JSFile, Edit, %SystemRoot%\System32\Notepad.exe
Paint.Picture, Edit, %systemroot%\system32\Mspaint.exe
PBrush, Edit, %systemroot%\system32\Mspaint.exe
Python.File, Edit, C:\Python22\lib\site-packages\Pythonwin\Pythonwin.exe
Python.NoConFile, Edit, C:\Python22\lib\site-packages\Pythonwin\Pythonwin.exe
RDP.File, Edit, Mstsc.exe
regfile, Edit, %SystemRoot%\system32\Notepad.exe
VBEFile, Edit, %SystemRoot%\System32\Notepad.exe
VBSFile, Edit, %SystemRoot%\System32\Notepad.exe
WSFFile, Edit, %SystemRoot%\System32\Notepad.exe
rnkfile, Edit Connection Properties, %SystemRoot%\system32\Rasphone.exe
Python.File, Edit With IDLE, C:\Python22\pythonw.exe C:\Python22\Tools\idle\Idle.pyw
Python.NoConFile, Edit With IDLE, C:\Python22\pythonw.exe C:\Python22\Tools\idle\Idle.pyw
ChannelFile, Explore, Explorer
Folder, Explore, %SystemRoot%\Explorer.exe
Shell, Explore, %SystemRoot%\Explorer.exe
Directory, Find, %SystemRoot%\Explorer.exe
CompressedFolder, Find, C:\WINDOWS\Explorer.exe
Directory, Find, %SystemRoot%\Explorer.exe
Drive, Find, %SystemRoot%\Explorer.exe
scriptletfile, Generate Typelib, C:\WINDOWS\system32\Rundll32.exe
inffile, Install, %SystemRoot%\System32\Rundll32.exe
MMJB.MMZ, Install, C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Ti.exe
scrfile, Install, Rundll32.exe
AcroExch.Document, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.FDFDoc, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.RMFFile, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.XFDFDoc, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
acwfile, Open, %SystemRoot%\system32\Accwiz.exe
Adobe.SVGCtl, Open, C:\Program Files\Internet Explorer\Iexplore.exe
AIFFFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
ASFFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
aswcsfile, Open, C:\Program Files\Alwil Software\Avast4\AshSimpl.exe
aswsfile, Open, C:\Program Files\Alwil Software\Avast4\AshSimpl.exe
ASXFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
AUFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
AVIFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
batfile, Open, Unknown
Briefcase, Open, Explorer.exe
CATFile, Open, Rundll32.exe
cclaunch, Open, C:\Program Files\CCleaner\Ccleaner.exe
cdafile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
CERFile, Open, Rundll32.exe
CertificateStoreFile, Open, Rundll32.exe
certificate_wab_auto_file, Open, C:\Program Files\Outlook Express\Wab.exe
ChannelFile, Open, Explorer
CHROME, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
clpfile, Open, Clipbrd.exe
cmdfile, Open, Unknown
comfile, Open, Unknown
CompressedFolder, Open, Rundll32.exe
ConferenceLink, Open, Rundll32.exe
CRLFile, Open, Rundll32.exe
data-file, Open, C:\WINDOWS\Notepad.exe
DocShortcut, Open, rundll32 %SystemRoot%\System32\Shscrap.dll
dunfile, Open, %SystemRoot%\system32\RUNDLL32.EXE
emffile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
exefile, Open, Unknown
FirefoxHTML, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
fndfile, Open, %SystemRoot%\Explorer.exe
Folder, Open, %SystemRoot%\Explorer.exe
fonfile, Open, %SystemRoot%\System32\Fontview.exe
ftp, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
giffile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
gopher, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
h323file, Open, Rundll32.exe
HCP, Open, %SystemRoot%\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe
helpfile, Open, Winhlp32.exe
hlpfile, Open, %SystemRoot%\System32\Winhlp32.exe
hpq_shortcut1, Open, c:\hp\DtIcons\Shortcut.exe
hpq_shortcut2, Open, c:\hp\DtIcons\Shortcut.exe
htafile, Open, C:\WINDOWS\System32\Mshta.exe
htfile, Open, C:\Program Files\Windows NT\Hypertrm.exe
htmlfile, Open, C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
HTTP, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
https, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
iiifile, Open, Rundll32.exe
inffile, Open, %SystemRoot%\System32\Notepad.exe
inifile, Open, %SystemRoot%\System32\Notepad.exe
InternetShortcut, Open, Rundll32.exe
ITS FILE, Open, C:\Program Files\Internet Explorer\Iexplore.exe
jarfile, Open, C:\Program Files\Java\j2re1.4.1_02\bin\Javaw.exe
JNLPFile, Open, C:\Program Files\Java Web Start\Javaws.exe
jpegfile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
JSEFile, Open, %SystemRoot%\System32\WScript.exe
JSFile, Open, %SystemRoot%\System32\WScript.exe
LDAP, Open, C:\Program Files\Outlook Express\Wab.exe
m3ufile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
mailto, Open, %ProgramFiles%\Outlook Express\Msimn.exe
mhtmlfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
Microsoft Internet Mail Message, Open, %ProgramFiles%\Outlook Express\Msimn.exe
Microsoft Internet News Message, Open, %ProgramFiles%\Outlook Express\Msimn.exe
MIDFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MITrain.Document, Open, C:\WINDOWS\Help\SBSI\Training\ORUN32.EXE
MMJB.AUDIOCD, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.BPP, Open, C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Mmfwlaunch.exe
MMJB.M3U, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MMJB, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MMZ, Open, C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Ti.exe
MMJB.MP3, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.PLS, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WAV, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WMA, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMS, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MMST, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MMSU, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
mp3file, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
mpegfile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MPlayer, Open, Mplay32.exe
MSBD, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MSCFile, Open, %SystemRoot%\system32\Mmc.exe
MSDASC, Open, Rundll32.exe C:\PROGRA~1\FICHIE~1\System\OLEDB~1\Oledb32.dll
Msi.Package, Open, %SystemRoot%\System32\Msiexec.exe
Msi.Patch, Open, %SystemRoot%\System32\Msiexec.exe
MSInfo.Document, Open, C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSInfo32.exe
MSProgramGroup, Open, C:\WINDOWS\system32\Grpconv.exe
MsRcIncident, Open, %SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe -Mode "hcp://system/Remote%%20Assistance/RAClientLayout.xml" -url "hcp:
msstylesfile, Open, %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Appearance /Action:OpenMSTheme /file:
news, Open, %ProgramFiles%\Outlook Express\Msimn.exe
nntp, Open, %ProgramFiles%\Outlook Express\Msimn.exe
otffile, Open, %SystemRoot%\System32\Fontview.exe
P7RFile, Open, Rundll32.exe
P7SFile, Open, Rundll32.exe
Page de garde, Open, %systemroot%\system32\Fxscover.exe
Paint.Picture, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
pbkfile, Open, %SystemRoot%\system32\Rasphone.exe
PDXFileType, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
PerfFile, Open, %SystemRoot%\system32\Perfmon.exe
pfmfile, Open, %SystemRoot%\System32\Fontview.exe
piffile, Open, Unknown
pjpegfile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
pngfile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
prffile, Open, Rundll32.exe
Python.CompiledFile, Open, C:\Python22\Python.exe
Python.File, Open, C:\Python22\Python.exe
Python.NoConFile, Open, C:\Python22\Pythonw.exe
ratfile, Open, Rundll32.exe
regedit, Open, Regedit.exe
regfile, Open, Regedit.exe
rlogin, Open, Rundll32.exe
rtffile, Open, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
SavedDsQuery, Open, rundll32 %SystemRoot%\System32\Dsquery.dll
sbzFile, Open, C:\Program Files\ArcSoft\ShowBiz 2\Showbiz.exe
scrfile, Open, Unknown
scriptletfile, Open, C:\WINDOWS\Notepad.exe
SHCmdFile, Open, Explorer.exe
Shell, Open, %SystemRoot%\Explorer.exe
Shell.AutoplayForSlideShow.1, Open, Unknown
ShellScrap, Open, rundll32 %SystemRoot%\system32\Shscrap.dll
snews, Open, %ProgramFiles%\Outlook Express\Msimn.exe
SoundRec, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
SPCFile, Open, Rundll32.exe
SpybotSD.DisabledFile, Open, C:\Program Files\Spybot - Search & Destroy\Blindman.exe
SpybotSD.SBEFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.SBIFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.SBSFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.TInfoFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.UTIFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.UTSFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
STLFile, Open, Rundll32.exe
T126_Whiteboard, Open, C:\Program Files\NetMeeting\Wb32.exe
telnet, Open, Rundll32.exe
themefile, Open, %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Themes /Action:OpenTheme /file:
TIFImage.Document, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
tn3270, Open, Rundll32.exe
ttcfile, Open, %SystemRoot%\System32\Fontview.exe
ttffile, Open, %SystemRoot%\System32\Fontview.exe
txtfile, Open, %SystemRoot%\system32\Notepad.exe
ulsfile, Open, Rundll32.exe
Valve.Source, Open, c:\program files\steam\steamapps\benji665\counter-strike source\Hl2.exe
VBEFile, Open, %SystemRoot%\System32\WScript.exe
VBSFile, Open, %SystemRoot%\System32\WScript.exe
vcard_wab_auto_file, Open, C:\Program Files\Outlook Express\Wab.exe
vtxfile, Open, C:\PROGRA~1\Wanadoo\Minftnet.exe
wab_auto_file, Open, C:\Program Files\Outlook Express\Wab.exe
WAXFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
webpnpFile, Open, %SystemRoot%\system32\Wpnpinst.exe
Whiteboard, Open, C:\Program Files\NetMeeting\Wb32.exe
WIA.AutoplayDropHandler.1, Open, Unknown
Windows.Movie.Maker, Open, C:\Program Files\Movie Maker\Moviemk.exe
WinRAR, Open, C:\Program Files\WinRAR\WinRAR.exe
WinRAR.REV, Open, C:\Program Files\WinRAR\WinRAR.exe
WinRAR.ZIP, Open, C:\Program Files\WinRAR\WinRAR.exe
wmafile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMDFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
wmffile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
WMP.DVR-MSFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMSFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMVFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMZFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
Wordpad.Document.1, Open, %ProgramFiles%\Windows NT\Accessoires\Wordpad.exe
WPLFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
wrifile, Open, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
WSFFile, Open, %SystemRoot%\System32\WScript.exe
WSHFile, Open, %SystemRoot%\System32\WScript.exe
WVXFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
x-internet-signup, Open, %ProgramFiles%\Internet Explorer\Connection Wizard\Isignup.exe
xbmfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
xmlfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
xslfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
ZAMailSafe, Open, C:\Program Files\Zone Labs\ZoneAlarm\Zlclient.exe
zapfile, Open, %SystemRoot%\system32\Notepad.exe
JSEFile, Open2, %SystemRoot%\System32\CScript.exe
JSFile, Open2, %SystemRoot%\System32\CScript.exe
VBEFile, Open2, %SystemRoot%\System32\CScript.exe
VBSFile, Open2, %SystemRoot%\System32\CScript.exe
WSFFile, Open2, %SystemRoot%\System32\CScript.exe
WSHFile, Open2, %SystemRoot%\System32\CScript.exe
Unknown, Openas, %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\Shell32.dll
ChannelFile, OpenChannel, Rundll32
ChannelShortcut, OpenChannel, Rundll32
mhtmlfile, Opennew, C:\Program Files\Internet Explorer\Iexplore.exe
All Files, OpenWithList, %SystemRoot%\Explorer.exe
AIFFFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
ASFFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
ASXFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
AudioCD, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
AUFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
AVIFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
cdafile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
DVD, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
HpqUnApl.Autoplay, Play, Unknown
m3ufile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
MIDFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
MMJB.AUDIOCD, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.CDA, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.M3U, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MMJB, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MP3, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.PLS, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WAV, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WMA, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
mp3file, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
mpegfile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
SoundRec, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WAVAutoPlay.AVAutoPlay, Play, Unknown
WAXFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
wmafile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.AudioCD, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.DVD, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.DVR-MSFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.PlayMedia, Play, Lecture
WMVFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WPLFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WVXFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
AcroExch.Document, Print, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.FDFDoc, Print, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.XFDFDoc, Print, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
batfile, Print, %SystemRoot%\System32\NOTEPAD.EXE
cmdfile, Print, %SystemRoot%\System32\NOTEPAD.EXE
fonfile, Print, %SystemRoot%\System32\Fontview.exe
htmlfile, Print, rundll32.exe %SystemRoot%\System32\Mshtml.dll
inffile, Print, %SystemRoot%\System32\NOTEPAD.EXE
inifile, Print, %SystemRoot%\System32\NOTEPAD.EXE
InternetShortcut, Print, rundll32.exe %SystemRoot%\System32\Mshtml.dll
JSEFile, Print, %SystemRoot%\System32\Notepad.exe
JSFile, Print, %SystemRoot%\System32\Notepad.exe
MSInfo.Document, Print, C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSInfo32.exe
otffile, Print, %SystemRoot%\System32\Fontview.exe
Page de garde, Print, %systemroot%\system32\Fxscover.exe
PBrush, Print, %systemroot%\system32\Mspaint.exe
pfmfile, Print, %SystemRoot%\System32\Fontview.exe
regfile, Print, %SystemRoot%\system32\NOTEPAD.EXE
rtffile, Print, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
ttcfile, Print, %SystemRoot%\System32\Fontview.exe
ttffile, Print, %SystemRoot%\System32\Fontview.exe
txtfile, Print, %SystemRoot%\system32\NOTEPAD.EXE
VBEFile, Print, %SystemRoot%\System32\Notepad.exe
VBSFile, Print, %SystemRoot%\System32\Notepad.exe
Wordpad.Document.1, Print, %ProgramFiles%\Windows NT\Accessoires\Wordpad.exe
wrifile, Print, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
WSFFile, Print, %SystemRoot%\System32\Notepad.exe
zapfile, Print, %SystemRoot%\system32\NOTEPAD.EXE
AcroExch.Document, Printto, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.FDFDoc, Printto, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.XFDFDoc, Printto, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
emffile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
giffile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
htmlfile, Printto, rundll32.exe %SystemRoot%\System32\Mshtml.dll
InternetShortcut, Printto, rundll32.exe %SystemRoot%\System32\Mshtml.dll
jpegfile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
Paint.Picture, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
PBrush, Printto, %systemroot%\system32\Mspaint.exe
pjpegfile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
pngfile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
rtffile, Printto, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
TIFImage.Document, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
txtfile, Printto, %SystemRoot%\system32\Notepad.exe
wmffile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
Wordpad.Document.1, Printto, %ProgramFiles%\Windows NT\Accessoires\Wordpad.exe
wrifile, Printto, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
zapfile, Printto, %SystemRoot%\system32\Notepad.exe
SoundRec, Record, Sndrec32.exe
scriptletfile, Register, C:\WINDOWS\system32\Regsvr32.exe
Msi.Package, Repair, %SystemRoot%\System32\Msiexec.exe
WMP.RipCD, Rip, C:\Program Files\Windows Media Player\Wmplayer.exe
cplfile, Runas, Rundll32.exe
exefile, Runas, Unknown
MSCFile, RunAs, %SystemRoot%\system32\Mmc.exe
All Files, Shellex,
ChannelFile, Subscribe, Rundll32
Msi.Package, Uninstall, %SystemRoot%\System32\Msiexec.exe
scriptletfile, Unregister, C:\WINDOWS\system32\Regsvr32.exe
RegCleaner 4.3 by Jouni Vuorio
Shell Extensions of different kinds of file types. You can delete all of the file types that you don't need
[syntax: Extension, Command, Program ]
CERFile, Add, Rundll32.exe
CRLFile, Add, Rundll32.exe
P7RFile, Add, Rundll32.exe
PFXFile, Add, Rundll32.exe
SPCFile, Add, Rundll32.exe
STLFile, Add, Rundll32.exe
MSCFile, Author, %SystemRoot%\system32\Mmc.exe
MMJB.BURN, Burn, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmfwlaunch.exe
WMP.BurnCD, Burn, C:\Program Files\Windows Media Player\Wmplayer.exe
scrfile, Config, Unknown
RDP.File, Connect, Mstsc.exe
rnkfile, Connect, %SystemRoot%\system32\Rasphone.exe
cplfile, Cplopen, Rundll32.exe
rnkfile, Disconnect, %SystemRoot%\system32\Rasphone.exe
batfile, Edit, %SystemRoot%\System32\Notepad.exe
ChannelFile, Edit, Notepad.exe
cmdfile, Edit, %SystemRoot%\System32\Notepad.exe
JSEFile, Edit, %SystemRoot%\System32\Notepad.exe
JSFile, Edit, %SystemRoot%\System32\Notepad.exe
Paint.Picture, Edit, %systemroot%\system32\Mspaint.exe
PBrush, Edit, %systemroot%\system32\Mspaint.exe
Python.File, Edit, C:\Python22\lib\site-packages\Pythonwin\Pythonwin.exe
Python.NoConFile, Edit, C:\Python22\lib\site-packages\Pythonwin\Pythonwin.exe
RDP.File, Edit, Mstsc.exe
regfile, Edit, %SystemRoot%\system32\Notepad.exe
VBEFile, Edit, %SystemRoot%\System32\Notepad.exe
VBSFile, Edit, %SystemRoot%\System32\Notepad.exe
WSFFile, Edit, %SystemRoot%\System32\Notepad.exe
rnkfile, Edit Connection Properties, %SystemRoot%\system32\Rasphone.exe
Python.File, Edit With IDLE, C:\Python22\pythonw.exe C:\Python22\Tools\idle\Idle.pyw
Python.NoConFile, Edit With IDLE, C:\Python22\pythonw.exe C:\Python22\Tools\idle\Idle.pyw
ChannelFile, Explore, Explorer
Folder, Explore, %SystemRoot%\Explorer.exe
Shell, Explore, %SystemRoot%\Explorer.exe
Directory, Find, %SystemRoot%\Explorer.exe
CompressedFolder, Find, C:\WINDOWS\Explorer.exe
Directory, Find, %SystemRoot%\Explorer.exe
Drive, Find, %SystemRoot%\Explorer.exe
scriptletfile, Generate Typelib, C:\WINDOWS\system32\Rundll32.exe
inffile, Install, %SystemRoot%\System32\Rundll32.exe
MMJB.MMZ, Install, C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Ti.exe
scrfile, Install, Rundll32.exe
AcroExch.Document, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.FDFDoc, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.RMFFile, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.XFDFDoc, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
acwfile, Open, %SystemRoot%\system32\Accwiz.exe
Adobe.SVGCtl, Open, C:\Program Files\Internet Explorer\Iexplore.exe
AIFFFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
ASFFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
aswcsfile, Open, C:\Program Files\Alwil Software\Avast4\AshSimpl.exe
aswsfile, Open, C:\Program Files\Alwil Software\Avast4\AshSimpl.exe
ASXFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
AUFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
AVIFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
batfile, Open, Unknown
Briefcase, Open, Explorer.exe
CATFile, Open, Rundll32.exe
cclaunch, Open, C:\Program Files\CCleaner\Ccleaner.exe
cdafile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
CERFile, Open, Rundll32.exe
CertificateStoreFile, Open, Rundll32.exe
certificate_wab_auto_file, Open, C:\Program Files\Outlook Express\Wab.exe
ChannelFile, Open, Explorer
CHROME, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
clpfile, Open, Clipbrd.exe
cmdfile, Open, Unknown
comfile, Open, Unknown
CompressedFolder, Open, Rundll32.exe
ConferenceLink, Open, Rundll32.exe
CRLFile, Open, Rundll32.exe
data-file, Open, C:\WINDOWS\Notepad.exe
DocShortcut, Open, rundll32 %SystemRoot%\System32\Shscrap.dll
dunfile, Open, %SystemRoot%\system32\RUNDLL32.EXE
emffile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
exefile, Open, Unknown
FirefoxHTML, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
fndfile, Open, %SystemRoot%\Explorer.exe
Folder, Open, %SystemRoot%\Explorer.exe
fonfile, Open, %SystemRoot%\System32\Fontview.exe
ftp, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
giffile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
gopher, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
h323file, Open, Rundll32.exe
HCP, Open, %SystemRoot%\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe
helpfile, Open, Winhlp32.exe
hlpfile, Open, %SystemRoot%\System32\Winhlp32.exe
hpq_shortcut1, Open, c:\hp\DtIcons\Shortcut.exe
hpq_shortcut2, Open, c:\hp\DtIcons\Shortcut.exe
htafile, Open, C:\WINDOWS\System32\Mshta.exe
htfile, Open, C:\Program Files\Windows NT\Hypertrm.exe
htmlfile, Open, C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
HTTP, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
https, Open, C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
iiifile, Open, Rundll32.exe
inffile, Open, %SystemRoot%\System32\Notepad.exe
inifile, Open, %SystemRoot%\System32\Notepad.exe
InternetShortcut, Open, Rundll32.exe
ITS FILE, Open, C:\Program Files\Internet Explorer\Iexplore.exe
jarfile, Open, C:\Program Files\Java\j2re1.4.1_02\bin\Javaw.exe
JNLPFile, Open, C:\Program Files\Java Web Start\Javaws.exe
jpegfile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
JSEFile, Open, %SystemRoot%\System32\WScript.exe
JSFile, Open, %SystemRoot%\System32\WScript.exe
LDAP, Open, C:\Program Files\Outlook Express\Wab.exe
m3ufile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
mailto, Open, %ProgramFiles%\Outlook Express\Msimn.exe
mhtmlfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
Microsoft Internet Mail Message, Open, %ProgramFiles%\Outlook Express\Msimn.exe
Microsoft Internet News Message, Open, %ProgramFiles%\Outlook Express\Msimn.exe
MIDFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MITrain.Document, Open, C:\WINDOWS\Help\SBSI\Training\ORUN32.EXE
MMJB.AUDIOCD, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.BPP, Open, C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Mmfwlaunch.exe
MMJB.M3U, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MMJB, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MMZ, Open, C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Ti.exe
MMJB.MP3, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.PLS, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WAV, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WMA, Open, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMS, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MMST, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MMSU, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
mp3file, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
mpegfile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MPlayer, Open, Mplay32.exe
MSBD, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
MSCFile, Open, %SystemRoot%\system32\Mmc.exe
MSDASC, Open, Rundll32.exe C:\PROGRA~1\FICHIE~1\System\OLEDB~1\Oledb32.dll
Msi.Package, Open, %SystemRoot%\System32\Msiexec.exe
Msi.Patch, Open, %SystemRoot%\System32\Msiexec.exe
MSInfo.Document, Open, C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSInfo32.exe
MSProgramGroup, Open, C:\WINDOWS\system32\Grpconv.exe
MsRcIncident, Open, %SystemRoot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe -Mode "hcp://system/Remote%%20Assistance/RAClientLayout.xml" -url "hcp:
msstylesfile, Open, %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Appearance /Action:OpenMSTheme /file:
news, Open, %ProgramFiles%\Outlook Express\Msimn.exe
nntp, Open, %ProgramFiles%\Outlook Express\Msimn.exe
otffile, Open, %SystemRoot%\System32\Fontview.exe
P7RFile, Open, Rundll32.exe
P7SFile, Open, Rundll32.exe
Page de garde, Open, %systemroot%\system32\Fxscover.exe
Paint.Picture, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
pbkfile, Open, %SystemRoot%\system32\Rasphone.exe
PDXFileType, Open, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
PerfFile, Open, %SystemRoot%\system32\Perfmon.exe
pfmfile, Open, %SystemRoot%\System32\Fontview.exe
piffile, Open, Unknown
pjpegfile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
pngfile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
prffile, Open, Rundll32.exe
Python.CompiledFile, Open, C:\Python22\Python.exe
Python.File, Open, C:\Python22\Python.exe
Python.NoConFile, Open, C:\Python22\Pythonw.exe
ratfile, Open, Rundll32.exe
regedit, Open, Regedit.exe
regfile, Open, Regedit.exe
rlogin, Open, Rundll32.exe
rtffile, Open, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
SavedDsQuery, Open, rundll32 %SystemRoot%\System32\Dsquery.dll
sbzFile, Open, C:\Program Files\ArcSoft\ShowBiz 2\Showbiz.exe
scrfile, Open, Unknown
scriptletfile, Open, C:\WINDOWS\Notepad.exe
SHCmdFile, Open, Explorer.exe
Shell, Open, %SystemRoot%\Explorer.exe
Shell.AutoplayForSlideShow.1, Open, Unknown
ShellScrap, Open, rundll32 %SystemRoot%\system32\Shscrap.dll
snews, Open, %ProgramFiles%\Outlook Express\Msimn.exe
SoundRec, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
SPCFile, Open, Rundll32.exe
SpybotSD.DisabledFile, Open, C:\Program Files\Spybot - Search & Destroy\Blindman.exe
SpybotSD.SBEFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.SBIFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.SBSFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.TInfoFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.UTIFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
SpybotSD.UTSFile, Open, C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
STLFile, Open, Rundll32.exe
T126_Whiteboard, Open, C:\Program Files\NetMeeting\Wb32.exe
telnet, Open, Rundll32.exe
themefile, Open, %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,Control_RunDLL %SystemRoot%\system32\desk.cpl desk,@Themes /Action:OpenTheme /file:
TIFImage.Document, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
tn3270, Open, Rundll32.exe
ttcfile, Open, %SystemRoot%\System32\Fontview.exe
ttffile, Open, %SystemRoot%\System32\Fontview.exe
txtfile, Open, %SystemRoot%\system32\Notepad.exe
ulsfile, Open, Rundll32.exe
Valve.Source, Open, c:\program files\steam\steamapps\benji665\counter-strike source\Hl2.exe
VBEFile, Open, %SystemRoot%\System32\WScript.exe
VBSFile, Open, %SystemRoot%\System32\WScript.exe
vcard_wab_auto_file, Open, C:\Program Files\Outlook Express\Wab.exe
vtxfile, Open, C:\PROGRA~1\Wanadoo\Minftnet.exe
wab_auto_file, Open, C:\Program Files\Outlook Express\Wab.exe
WAXFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
webpnpFile, Open, %SystemRoot%\system32\Wpnpinst.exe
Whiteboard, Open, C:\Program Files\NetMeeting\Wb32.exe
WIA.AutoplayDropHandler.1, Open, Unknown
Windows.Movie.Maker, Open, C:\Program Files\Movie Maker\Moviemk.exe
WinRAR, Open, C:\Program Files\WinRAR\WinRAR.exe
WinRAR.REV, Open, C:\Program Files\WinRAR\WinRAR.exe
WinRAR.ZIP, Open, C:\Program Files\WinRAR\WinRAR.exe
wmafile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMDFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
wmffile, Open, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
WMP.DVR-MSFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMSFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMVFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
WMZFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
Wordpad.Document.1, Open, %ProgramFiles%\Windows NT\Accessoires\Wordpad.exe
WPLFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
wrifile, Open, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
WSFFile, Open, %SystemRoot%\System32\WScript.exe
WSHFile, Open, %SystemRoot%\System32\WScript.exe
WVXFile, Open, C:\Program Files\Windows Media Player\Wmplayer.exe
x-internet-signup, Open, %ProgramFiles%\Internet Explorer\Connection Wizard\Isignup.exe
xbmfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
xmlfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
xslfile, Open, C:\Program Files\Internet Explorer\Iexplore.exe
ZAMailSafe, Open, C:\Program Files\Zone Labs\ZoneAlarm\Zlclient.exe
zapfile, Open, %SystemRoot%\system32\Notepad.exe
JSEFile, Open2, %SystemRoot%\System32\CScript.exe
JSFile, Open2, %SystemRoot%\System32\CScript.exe
VBEFile, Open2, %SystemRoot%\System32\CScript.exe
VBSFile, Open2, %SystemRoot%\System32\CScript.exe
WSFFile, Open2, %SystemRoot%\System32\CScript.exe
WSHFile, Open2, %SystemRoot%\System32\CScript.exe
Unknown, Openas, %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\Shell32.dll
ChannelFile, OpenChannel, Rundll32
ChannelShortcut, OpenChannel, Rundll32
mhtmlfile, Opennew, C:\Program Files\Internet Explorer\Iexplore.exe
All Files, OpenWithList, %SystemRoot%\Explorer.exe
AIFFFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
ASFFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
ASXFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
AudioCD, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
AUFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
AVIFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
cdafile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
DVD, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
HpqUnApl.Autoplay, Play, Unknown
m3ufile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
MIDFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
MMJB.AUDIOCD, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.CDA, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.M3U, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MMJB, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.MP3, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.PLS, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WAV, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
MMJB.WMA, Play, C:\Program Files\Musicmatch\Musicmatch Jukebox\Mmjblaunch.exe
mp3file, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
mpegfile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
SoundRec, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WAVAutoPlay.AVAutoPlay, Play, Unknown
WAXFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
wmafile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.AudioCD, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.DVD, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.DVR-MSFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WMP.PlayMedia, Play, Lecture
WMVFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WPLFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
WVXFile, Play, C:\Program Files\Windows Media Player\Wmplayer.exe
AcroExch.Document, Print, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.FDFDoc, Print, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.XFDFDoc, Print, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
batfile, Print, %SystemRoot%\System32\NOTEPAD.EXE
cmdfile, Print, %SystemRoot%\System32\NOTEPAD.EXE
fonfile, Print, %SystemRoot%\System32\Fontview.exe
htmlfile, Print, rundll32.exe %SystemRoot%\System32\Mshtml.dll
inffile, Print, %SystemRoot%\System32\NOTEPAD.EXE
inifile, Print, %SystemRoot%\System32\NOTEPAD.EXE
InternetShortcut, Print, rundll32.exe %SystemRoot%\System32\Mshtml.dll
JSEFile, Print, %SystemRoot%\System32\Notepad.exe
JSFile, Print, %SystemRoot%\System32\Notepad.exe
MSInfo.Document, Print, C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\MSInfo32.exe
otffile, Print, %SystemRoot%\System32\Fontview.exe
Page de garde, Print, %systemroot%\system32\Fxscover.exe
PBrush, Print, %systemroot%\system32\Mspaint.exe
pfmfile, Print, %SystemRoot%\System32\Fontview.exe
regfile, Print, %SystemRoot%\system32\NOTEPAD.EXE
rtffile, Print, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
ttcfile, Print, %SystemRoot%\System32\Fontview.exe
ttffile, Print, %SystemRoot%\System32\Fontview.exe
txtfile, Print, %SystemRoot%\system32\NOTEPAD.EXE
VBEFile, Print, %SystemRoot%\System32\Notepad.exe
VBSFile, Print, %SystemRoot%\System32\Notepad.exe
Wordpad.Document.1, Print, %ProgramFiles%\Windows NT\Accessoires\Wordpad.exe
wrifile, Print, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
WSFFile, Print, %SystemRoot%\System32\Notepad.exe
zapfile, Print, %SystemRoot%\system32\NOTEPAD.EXE
AcroExch.Document, Printto, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.FDFDoc, Printto, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
AcroExch.XFDFDoc, Printto, C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
emffile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
giffile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
htmlfile, Printto, rundll32.exe %SystemRoot%\System32\Mshtml.dll
InternetShortcut, Printto, rundll32.exe %SystemRoot%\System32\Mshtml.dll
jpegfile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
Paint.Picture, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
PBrush, Printto, %systemroot%\system32\Mspaint.exe
pjpegfile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
pngfile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
rtffile, Printto, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
TIFImage.Document, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
txtfile, Printto, %SystemRoot%\system32\Notepad.exe
wmffile, Printto, rundll32.exe C:\WINDOWS\System32\Shimgvw.dll
Wordpad.Document.1, Printto, %ProgramFiles%\Windows NT\Accessoires\Wordpad.exe
wrifile, Printto, C:\Program Files\Windows NT\Accessoires\Wordpad.exe
zapfile, Printto, %SystemRoot%\system32\Notepad.exe
SoundRec, Record, Sndrec32.exe
scriptletfile, Register, C:\WINDOWS\system32\Regsvr32.exe
Msi.Package, Repair, %SystemRoot%\System32\Msiexec.exe
WMP.RipCD, Rip, C:\Program Files\Windows Media Player\Wmplayer.exe
cplfile, Runas, Rundll32.exe
exefile, Runas, Unknown
MSCFile, RunAs, %SystemRoot%\system32\Mmc.exe
All Files, Shellex,
ChannelFile, Subscribe, Rundll32
Msi.Package, Uninstall, %SystemRoot%\System32\Msiexec.exe
scriptletfile, Unregister, C:\WINDOWS\system32\Regsvr32.exe
salut benjamin,
je t'ai enuméré de 1 à 6, les étapes que Kris et Marie te demandes de faire :
1 / démarres HijackThis
2 / cliques sur " Do a system scan only"
3 / coches les cases suivantes :
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix: </gras>
4 / cliques sur "Fix checked".
5 / cliques sur "do a system scan and save logfile
6 / fais un copier coller du log entier sur le forum
Fais un effort, montres toi plus attentif à l'aide qui t'ai fournis ici !!
Avec un peu de bon sens tu devrais suivre les indications dans l'ordre qui t'ai recommandé ! et installer tes jeux après la désinfection de ton PC.
Bon courage !
"Il n'est rien de réel que le rêve et l'amour"
je t'ai enuméré de 1 à 6, les étapes que Kris et Marie te demandes de faire :
1 / démarres HijackThis
2 / cliques sur " Do a system scan only"
3 / coches les cases suivantes :
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix: </gras>
4 / cliques sur "Fix checked".
5 / cliques sur "do a system scan and save logfile
6 / fais un copier coller du log entier sur le forum
Fais un effort, montres toi plus attentif à l'aide qui t'ai fournis ici !!
Avec un peu de bon sens tu devrais suivre les indications dans l'ordre qui t'ai recommandé ! et installer tes jeux après la désinfection de ton PC.
Bon courage !
"Il n'est rien de réel que le rêve et l'amour"
