Fenetres intempestives

Résolu
christian76 Messages postés 11 Statut Membre -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
bonjour a tous,
j'ais un probleme de fenetres qui s'ouvrent des que je me connecte a internet.
J'ais deja lu beaucoup de message identique au miens sur ce forum,et j'ai décidé d'installer ad aware et proxomitron.
Mais c'est sans succes hélas.
Si quelqu'un pourrais m'aider sans que ca ne soit trop compliqué car je ne m'y connais pas beaucoup.
Merci d'avance pour vos reponses

41 réponses

Réponse 1 / 41
Utilisateur anonyme
 
Salut,

scan ton PC avec ces trois autres logiciels:

SpyBot-Search & Destroy: (gratuit)
Spybot Search & Destroy

A² free: (gratuit)
A² Squared


Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite


Tiens nous au courant ;-)

A++
0
Christian
 
salut,
voici le rapport que j'ais eu.
Hélas,j'ais toujours des fenetres qui s'ouvre
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:01:10 31/08/2006

+ Scan result:



HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTbarISTbar -> Adware.HotBar : No action taken.
C:\WINDOWS\system32\dn8o01l3e.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\fp2o03f3e.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\kpdit.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\mvrml9911.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\scclient.dll -> Adware.Look2Me : No action taken.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : No action taken.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
C:\Documents and Settings\Christian\Bureau\Power Archiver 2006 v9[1].62.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Bureau\Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\1st SMTP Server 2.8.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Acala DVD Copy 2.1.8.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Access Controller v3.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Actual Window Manager v4.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Adam And Steve LIMITED DVDRip XviD-NeDiVx.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\AdultPDF PDF to Word 2..rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\AdultPDF PDF to Word 2.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Advanced Directory Printer 1.15.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Advanced Encryption Package 2006 4.4.13.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Advanced Password Generator 2.90.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Alexsys Team 2.8.5.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Allok 3GP PSP MP4 iPod Video Converter 1.2.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Allok MPEG4 Converter 1.4.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Allok Video to FLV Converter 1.2.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Allok Video to MP4 Converter 1.4.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Allok Video to PSP Converter 1.7.4.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Angels With Dirty Faces 1938 DVDRip Divx.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Aplus DVD Copy 3.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Apollo DVD Creator 3.3.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Ashampoo Magical Defrag v1.11.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Asterix And The Vikings Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Audio Video To MP3 Maker 3.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Auto FTP Manager 3.51.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\AutoKrypt 7.08.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\AutoRun Design Specialty v5.0.0.6.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Bad Company (2002).rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Bubbles 1.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Canasta 2006.1. 60804.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Chaos 2006 LiMiTED DVDRip XviD-DnB.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Cherry Falls DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Chicken Little Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Clapton and Dire Straits - Mandela Concert DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Click TC XVID-BraveHeart.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Code Weaver 1.6.4.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\CodeLobster v3.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Creedence Clearwater Revival- Best Of.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\DC - The Killing Joke - eBOOK.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\DVD Lab Pro 2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\DVD to IPOD Ripper 4.38.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\DVDIdle Pro 5.9.8.3.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Data Folder Sync 1.31.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Die Another Day.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\DivX Create Bundle v6.3 Multilingual.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Dracula II Ascension DVDRip Xvid-FW.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Dual DVD copy Gold 4.09.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Dude, Where's My Car .rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\E-Speaking 3.6.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Eagles- Hotel California.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Easy CD-DA Extractor Pro v10.0.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Email Security 2.81.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Encrypt My Information v3.00.263.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Fanaa 2006 DVDRip.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\File Properties Changer 1.04.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\File and Folder Privacy v2.6.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Final Fantasy 7 Advent Children Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\FinePrint Pdf Factory Pro 3.00.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\FullShot Enterprise 9.3.0.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\GIA.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Garfield - A Tail of Two Kitties Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Genie Backup Manager Professional v7.0.128.300.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\George Thorogood- The Baddest Of.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Get More Visitors Premium v1.2.6.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Global Clipboard 2.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Graphics Converter Pro 6.62.60728.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\House Of The Dead 2 Dead Aim Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Ice Age 2 Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Ill Always Know What You Did Last Summer DVDRip Xvid-SAPHiRE.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Ill Nino - One Nation Underground (2005).rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Ill Nino - Revolution Revolucion.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Inside Man.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\IsItUp Network Monitor 5.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\IsMail EP v3.3.873.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Jarhead Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Jimi Hendrix- Axis-Bold As Love.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Jimi Hendrix- Experience Hendrix The Best of Jimi Hendrix.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Kingdia DVD Ripper 2.5.8.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Kiss MyImage v1.0.4.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Larry the Cable Guy Health Inspector.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Little Man 2006 TS Xvid HQ.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Local SMTP Relay Server 2.8.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\MP3 WAV Studio v6.12.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Macromedia Flash MX Pro.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Magic Audio Editor Pro 10.2.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Maskbit Ace Video Workshop v1.5.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Melomania 1.55.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Miami Vice TS XViD-PUKKA.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Monster House Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Monsters Inc Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\MorphBuster 7.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Mr. and Mrs. Smith Unrated DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\My Buddy Icons v4.62.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Network File Monitor Professional 2.26.7.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Nevrona Rave Reports BEX v7.0.2 for Delphi BCB Full Sou.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\NewLive All Media To MP3 Converter Pro 4.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Nirvana- From the Muddy Banks of the Wishkah.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\No1 CD Ripper v1.74.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\NuSphere PhpED IDE v4.6.4616.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\O Brother, Where Art Thou.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Oceans Twelve Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\One Night at McCool's.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Online Holdem Inspector 2.29d4.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\PDF Maker Pilot 1.28.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\PNG MNG Construction Set v2.0a.53.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Parabens LAN Charter 5.07.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Photomatix Pro v2.3 BETA 3.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Pink Floyd- Wish You Were Here.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Plato DVD Copy v4.51.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Popup Ad Stopper 9.92.01.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Powerful Cookies 2.8.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Proxy Switcher Pro v3.7.3647.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\RV (2006).rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Relative Strangers DVDRip Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Remote Request System v1.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Returnil Virtual System Home 2006 1.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\RhinoSoft Zensura v3.00.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\RomanWare AdBot v5.74.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\RomanWare MrFriendly v2.25.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\RomanWare STB v10.21.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\RomanWare YTracker v2.47.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\SAMInside 2.5.7.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\SOTI Pocket Controller Professional v5.07.966.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Saving Private Ryan Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Saw Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Screen Virtuoso Pro 2.30.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Security Administrator 10.51.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Silent Hill Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Snappy Fax 3.71.1.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\SolSuite 2006 6.8.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Sothink DVD Ripper v1.0 Build 60706.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Sothink SWF Decompiler v3.3 Build 60720.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Sothink iPod Video Converter v1.0 Build 60721.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Soundgarden- A-Sides.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Springboard 0.75.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Steppenwolf- All Time Greatest Hits.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Steve Miller Band- Young Hearts (Complete Greatest Hits).rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Stochastic Lab MIDI To WAV Renderer v1.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Sync for Outlook 1.61.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Syriana.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\TOKI TC 1.3.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Teaching Templates 2.4.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\The Cave Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\The Shaggy Dog Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\The Transformers The Movie Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Thegrideon Asterisk Password v1.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Thegrideon Internet Explorer Password v1.2.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Total Spy 2.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\TracePlus Ethernet 5.10.000.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\TracePlus Winsock 8.10.000.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Ulead DVD Movie Factory 5.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Undead Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\V for Vendetta Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Visual Money v1.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\WISCO Word Power 2.00.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\WinTools.net Professional 7.7.1.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\WinXP Manager 4.98.3.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Winamp 5.25 Lite.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Windows XP SP2 Extreme.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\X-Win32 v8.0.2082.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\XP Codec Pack 2.0.3.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Xilisoft Video Converter 3.1.7.0630.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\XoftSpySE 4.29.194.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\You Me And Dupree TS Xvid.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\ZZ Top - Greatest Hits.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\Zeus 3.95x.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\dual DVD copy Silver 3.10.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\n00zn00zn00zn00z.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Documents and Settings\Christian\Shared\_\pdfFactory 3.0.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\Setup.exe -> Backdoor.IRCBot.dd : No action taken.
C:\t.rar/Setup.exe -> Backdoor.IRCBot.dd : No action taken.
HKLM\SOFTWARE\Classes\VacPro.belgio_ver3 -> Dialer.Generic : No action taken.
HKLM\SOFTWARE\Classes\VacPro.belgio_ver3\Clsid -> Dialer.Generic : No action taken.
C:\WINDOWS\system32\dr.exe -> Downloader.Adload.ds : No action taken.
C:\kybrdff_8.exe -> Downloader.Adload.dv : No action taken.
C:\Documents and Settings\Christian\Bureau\Jeux\lemmings.rar/setup.exe -> Downloader.IstBar.nk : No action taken.
C:\Documents and Settings\Christian\Bureau\Jeux\lemmings.zip/setup.exe -> Downloader.IstBar.nk : No action taken.
C:\nwnmff_8.exe -> Downloader.VB.aiy : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Temporary Internet Files\Content.IE5\DCXL0IWL\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Temporary Internet Files\Content.IE5\IS8LUO1N\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Temporary Internet Files\Content.IE5\IS8LUO1N\popup[2].htm -> Hijacker.Agent.a : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Temporary Internet Files\Content.IE5\J13VAKTC\popup[1].htm -> Hijacker.Agent.a : No action taken.
C:\dfndrff_8.exe -> Hijacker.VB.ly : No action taken.
C:\WINDOWS\Temp\Cookies\christian@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\WINDOWS\Temp\Cookies\christian@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@e-2dj6wjkyqkczsbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@e-2dj6wjliendpogo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@e-2dj6wfliqmdpchp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@e-2dj6wgkicmdpsgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@e-2dj6whkiagdjokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@ivwbox[2].txt -> TrackingCookie.Ivwbox : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
C:\WINDOWS\Temp\Cookies\christian@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\WINDOWS\Temp\Cookies\christian@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Christian\Cookies\christian@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\WINDOWS\Temp\Cookies\christian@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Christian\Local Settings\Temp\Cookies\christian@zedo[2].txt -> TrackingCookie.Zedo : No action taken.


::Report end
0
Réponse 2 / 41
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

pour avancer Boule ;-)

normal d'avoir toujours ces fenetres : No action taken.

commence par ceci :

# Télécharger l2mfix.exe sur http://www.downloads.subratam.org/l2mfix.exe

- Quitter le net, le navigateur, et toutes autres fenêtres d'applications ;
- Dézipper l2mfix.exe sur le bureau ;
- Dans le dossier du programme, double-cliquer sur l2mfix.bat ;
- Choisir OPTION 1 (Run find log) et valider par la touche [Entrée] ;
=> Un rapport sera généré dans le Bloc-notes, se reconnecter pour le poster au forum.

ensuite :

- Quitter le net, le navigateur, et toutes autres fenêtres d'applications ;
- Double-cliquer sur l2mfix.bat ;
- Choisir OPTION 2 (Run fix) et valider par la touche [Entrée] ;
- A l'invite, appuyer sur une touche du clavier pour redémarrer le PC ;
=> Au redémarrage, le nettoyage de L2mFix se poursuit, puis génère le résultat du nettoyage en ouvrant le Bloc-notes ; se reconnecter pour le poster au forum.

# relance ewido ( mets le en français, ça sera plus simple : cf tuto )

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/Ewido/

et enfin :

Télécharge ceci :

Lien : http://www.infos-du-net.com/telecharger/HijackThis.html

Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm

Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.


bon courage, @+


**tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...**
0
Christian
 
voici le rapport de 12mfix.bat
L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunServices]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\ktnol7531.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
"Logon"="WLEventLogon"
"Logoff"="WLEventLogoff"
"Startup"="WLEventStartup"
"Shutdown"="WLEventShutdown"
"StartScreenSaver"="WLEventStartScreenSaver"
"StopScreenSaver"="WLEventStopScreenSaver"
"Lock"="WLEventLock"
"Unlock"="WLEventUnlock"
"StartShell"="WLEventStartShell"
"PostShell"="WLEventPostShell"
"Disconnect"="WLEventDisconnect"
"Reconnect"="WLEventReconnect"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000000
"SafeMode"=dword:00000001
"MaxWait"=dword:ffffffff
"DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Event"=dword:00000000
"InstallNotifyShown"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings]
"Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\
00,00,da,67,1c,bc,9a,84,75,47,b9,89,28,7f,35,32,ac,e2,04,00,00,00,04,00,00,\
00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,2e,95,22,df,6f,4b,9a,df,\
77,2c,50,d6,c3,38,2e,1c,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,fd,\
5b,04,70,4f,fc,27,b0,99,4e,0a,5d,b3,a1,e9,31,18,02,00,00,bb,cd,c6,43,5d,a9,\
21,d6,0b,19,9f,42,97,3c,8a,83,fa,ec,63,eb,b9,13,bc,19,a3,03,f6,d7,db,d1,6f,\
3f,25,69,fa,53,64,63,75,2f,02,cc,18,47,f2,7e,15,9f,b4,62,12,29,78,9b,dd,01,\
31,03,d6,9c,5f,c7,d2,32,c3,85,bf,42,37,34,ce,75,98,82,3a,9e,59,9a,49,da,36,\
df,56,6a,28,08,26,09,d3,a3,2e,d0,e1,e2,6b,b8,05,a6,a6,a2,3d,eb,9e,02,d2,e1,\
1d,04,f3,ec,6e,89,d9,e9,8b,c4,73,95,dd,1c,1f,67,db,a5,7c,74,3e,e6,8f,28,2b,\
2b,2f,96,e8,07,a2,3f,c2,d3,92,19,7e,b9,01,3e,47,ab,6c,a0,cb,43,0b,45,b4,25,\
9a,b2,0b,a7,b9,bf,e6,64,56,40,46,8c,19,bb,3f,a4,7b,5c,5b,dd,9c,75,d9,c0,de,\
78,9c,59,a9,fd,f8,31,71,8a,db,70,b8,67,a3,b7,32,0b,1c,c9,7f,a3,c6,78,84,db,\
e2,7f,4f,49,87,f6,ad,1f,fd,fe,0f,db,d8,bb,5e,71,48,84,03,bd,5a,92,73,2a,61,\
a8,e5,bd,7c,8a,1e,81,32,e7,e5,68,8c,80,0d,5b,35,e7,28,46,aa,90,0e,46,c1,ad,\
98,a7,b8,48,d8,be,c2,57,bb,74,cc,d4,e3,f5,c4,d0,60,28,1f,11,34,59,80,8e,94,\
53,c3,9b,85,c3,93,b1,20,ba,97,b6,3b,30,30,80,74,9f,c7,5b,8d,2c,78,61,93,06,\
83,f9,a9,e1,5b,f8,b9,c6,b1,cf,c6,e0,99,df,c7,98,66,65,ce,b0,3f,a7,ab,94,a2,\
b9,19,ac,4f,b6,b1,af,f1,c2,ab,a6,83,6a,2b,0f,08,90,ed,70,95,47,ca,af,c7,d2,\
43,e3,de,74,2a,0c,ac,77,c4,4c,cb,4a,31,ef,d8,da,b1,ad,23,01,f4,73,63,fa,70,\
25,fb,c6,a0,49,f4,65,f5,d3,0d,5c,ea,5e,68,11,2d,fa,fe,4c,bc,ce,1e,75,30,03,\
c2,b1,c3,f7,82,53,38,28,de,69,4f,b0,2b,ed,84,8f,94,b3,85,66,68,d6,e5,82,58,\
db,c6,5d,8a,3f,c8,54,68,ea,2c,37,40,1f,9c,c8,c8,ef,26,10,68,c7,b7,9b,7c,e8,\
0f,87,27,8d,83,88,c8,67,b2,96,ed,5b,ee,b3,a4,2b,2f,05,82,b1,b1,9e,bd,78,9d,\
01,28,1b,44,fd,e8,3e,3a,69,49,b0,28,fb,da,1c,61,60,49,47,dc,83,fd,b7,0d,1c,\
de,26,8c,e3,c3,69,af,d6,2f,d6,3d,28,31,a6,37,6b,f7,09,54,b0,91,ba,66,94,25,\
03,27,04,49,1c,14,00,00,00,52,e1,17,ff,73,8a,81,b2,e1,e5,2a,31,2e,87,6e,e6,\
68,78,b9,4f

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{39BB6647-122C-94EF-FEB2-B5E033BF183C}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analyseur de la barre d'adresses"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{32020A01-506E-484D-A2A8-BE3CF17601C3}"="AlcoholShellEx"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{13E7F612-F261-4391-BEA2-39DF4F3FA311}"="Recherche sur le bureau de Windows"
"{97090E2F-3062-4459-855B-014F0D3CDBB1}"="MSN Deskbar"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{472083B0-C522-11CF-8763-00608CC02F24}"="avast"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{E0D79304-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79305-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79306-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79307-84BE-11CE-9641-444553540000}"="WinZip"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{AB77609F-2178-4E6F-9C4B-44AC179D937A}"="a-squared Context Menu Shell Extension"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D426CFD0-87FC-4906-98D9-A23F5D515D61}]
@="MSN Desktop Search Outlook Express ISearchFolder Class"

**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:
Locate .tmp files:
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est BCA9-FA64

R‚pertoire de C:\WINDOWS\System32

31/08/2006 12:16 235.862 guard.tmp
31/08/2006 12:15 235.862 pIpsvc.dll
31/08/2006 12:15 236.366 h40q0ed5eh0.dll
29/08/2006 13:23 235.862 ktnol7531.dll
27/08/2006 03:07 <REP> dllcache
22/06/2004 17:18 <REP> Microsoft
4 fichier(s) 943.952 octets
2 R‚p(s) 23.922.573.312 octets libres
0
Réponse 3 / 41
Christian
 
salut,
il me demande un mot de passe
0
Réponse 4 / 41
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
il me demande un mot de passe

c'est à dire ????

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 41
Christian
 
voila le message:
do not press any keys till instruted too.
Keypress n'est pas reconnu en tant que commande interne ou externe,un programe executable ou un fichier de commandes. Entrer le mot de passe de L2MFIX
0
Réponse 6 / 41
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
bizzar !

passe à ewido

++
0
Réponse 7 / 41
christian76 Messages postés 11 Statut Membre
 
je refais un scann complet?
0
Réponse 8 / 41
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
oui ! et s'il est toujours en anglais : à chaque fois qu'il te trouve un fichier infecté, tu regle ewido sur "deleted"


**tout ce que je sais, c'est que je ne sais rien ! et c'est déjà pas mal ...**
0
Réponse 9 / 41
christian76
 
ok je fais ca et tout a l'heure,je vous tiens au courant
pour ewido,je ne sais pas le mettre en francais
Encore merci pour tout ce quez vous faites
0
Réponse 10 / 41
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Bonjour,

Sans vouloir poluer le poste, mais une nouvelle fonction pour supprimer les pubs, ..., fenêtres intempésives etc....
Comme Green était loin, loin, loin chez les Italiens, je me permets de passer et de lui montrer




Christian fais ce qui suit :


pub, systemdoctor, casino, ...fenêtres publicitaires



Télécharge Blacklight(de F-Secure) a l’une des 2 adresses :
https://www.f-secure.com/en
https://www.f-secure.com/en

et sauvegarde le sur ton Bureau.

Double-clique blbeta.exeet accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).





A++

0
Réponse 11 / 41
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut et merci Marie ;-)

loin, loin, loin chez les Italiens

ben non ! c'est plus proche de chez moi que Marseille ou Paris :->

++
0
Réponse 12 / 41
Christian
 
voila le raport du hijack
mais les fenetres sont toujours la
Logfile of HijackThis v1.99.1
Scan saved at 19:07:47, on 31/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rmctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\system32\NotifyPhoneBook.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Christian\Bureau\Nouveau dossier\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fhelp%2fHelp4%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O3 - Toolbar: Barre d'outils de MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [pmbc4cd7] RUNDLL32.EXE w8e09dbb.dll,n 002c4cd50000000a8e09dbb
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-be\msntb.dll/search.htm
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/229?9254d87cdd2c497fab1e64943e3076c3
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-be\msntabres.dll/230?9254d87cdd2c497fab1e64943e3076c3
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by14fd.bay14.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {970BF476-3CF2-4572-9EF9-4479E1591DB8} (VacPro.belgio_ver3) - http://advnt01.com/dialer/belgio_ver3.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{12934800-4886-42A3-951A-E7D47CDDE746}: NameServer = 195.238.2.21 195.238.2.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{12934800-4886-42A3-951A-E7D47CDDE746}: NameServer = 195.238.2.21 195.238.2.22
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: RunServices - C:\WINDOWS\system32\ktnol7531.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
0
Réponse 13 / 41
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
'soir christian

Peus-tu faire ==> Télécharge Blacklight
Stp
Merci

A++
0
Réponse 14 / 41
Christian
 
tu n'aurais pas un lien svp
0
Réponse 15 / 41
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
je te l'ai mis poste <12>
lol
0
Réponse 16 / 41
christian76
 
il ne veux pas l'ouvrir,
voici le message:
F secure blacklight could not acquire necessary privileges (se debug privilege)
Your computer setting may prevent acquiring thes privilege
A malicious program might have disabled these privileges
Je commence a desesperer
0
Réponse 17 / 41
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
celui là ?
https://www.f-secure.com/en
0
Réponse 18 / 41
Christian
 
oui :(
0
Réponse 19 / 41
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
re

essaye de faire l'option 2 du poste 3 stp

++
0
Réponse 20 / 41
Christian
 
ca ne change rien
0

Discussions similaires

Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses
Mon pc ouvre des fenetres tout seul
ilvyans -
bugiuglg -

25 réponses
Fenetres qui s'ouvrent toutes seules..
Peewee128 -
val -

24 réponses