Popup intempestifs meme hors connexion web
manu
-
^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention -
^^Marie^^ Messages postés 126523 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
j'ai depuis peu des message pubicitaires et autre popup qui s'ouvrent meme hors connexion au web
j'ai lancé Hi Jack dont voici le rapport (si vous pouviez m'aider à résoudre mon problème Merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 15:31:29, on 18/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\notes\ntmulti.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Video ActiveX Object\pmsngr.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Video ActiveX Object\pmmon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINNT\system32\cmd.exe
C:\Program Files\akitel\akitel2.exe
C:\cygwin\bin\bash.exe
C:\cygwin\bin\bash.exe
C:\cygwin\usr\X11R6\bin\XWin.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
D:\Documents and Settings\A100226\Bureau\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.atosworldline.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://worldline.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.dev.atos.fr/awl.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pwebs:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Protection Bar - {5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [BgInfoAwl] "D:\Documents and Settings\All Users\Application Data\Bginfo\Bginfo.exe" D:\DOCUME~1\ALLUSE~1\APPLIC~1\Bginfo\bginfo.bgi /SILENT /timer:0
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: akitel.lnk = C:\Program Files\akitel\akitel2.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NFS-Network.lnk = Documents and Settings\FR17688\Mes documents\Travail\UE- save\NFS-Network.bat.bak
O4 - Global Startup: XServer.lnk = C:\cygwin\AWL-X\XServer.bat
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=www.atosworldline.com
O15 - Trusted Zone: *.line6.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fr01.awl.atosorigin.net
O17 - HKLM\Software\..\Telephony: DomainName = fr01.awl.atosorigin.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = fr01.awl.atosorigin.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = fr01.awl.atosorigin.net,awl.atosorigin.net,dev.atos.fr,priv.atos.fr,elisa.net,axime.com,segin.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fr01.awl.atosorigin.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = fr01.awl.atosorigin.net,awl.atosorigin.net,dev.atos.fr,priv.atos.fr,elisa.net,axime.com,segin.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = fr01.awl.atosorigin.net,awl.atosorigin.net,dev.atos.fr,priv.atos.fr,elisa.net,axime.com,segin.com
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O21 - SSODL: blippers - {f2efa195-4785-4db1-9316-b48c64bb71da} - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\notes\ntmulti.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
j'ai depuis peu des message pubicitaires et autre popup qui s'ouvrent meme hors connexion au web
j'ai lancé Hi Jack dont voici le rapport (si vous pouviez m'aider à résoudre mon problème Merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 15:31:29, on 18/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\notes\ntmulti.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Video ActiveX Object\pmsngr.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Video ActiveX Object\pmmon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINNT\system32\cmd.exe
C:\Program Files\akitel\akitel2.exe
C:\cygwin\bin\bash.exe
C:\cygwin\bin\bash.exe
C:\cygwin\usr\X11R6\bin\XWin.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
D:\Documents and Settings\A100226\Bureau\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.atosworldline.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://worldline.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxyconf.dev.atos.fr/awl.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = pwebs:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Protection Bar - {5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [BgInfoAwl] "D:\Documents and Settings\All Users\Application Data\Bginfo\Bginfo.exe" D:\DOCUME~1\ALLUSE~1\APPLIC~1\Bginfo\bginfo.bgi /SILENT /timer:0
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: akitel.lnk = C:\Program Files\akitel\akitel2.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NFS-Network.lnk = Documents and Settings\FR17688\Mes documents\Travail\UE- save\NFS-Network.bat.bak
O4 - Global Startup: XServer.lnk = C:\cygwin\AWL-X\XServer.bat
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=www.atosworldline.com
O15 - Trusted Zone: *.line6.net
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fr01.awl.atosorigin.net
O17 - HKLM\Software\..\Telephony: DomainName = fr01.awl.atosorigin.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = fr01.awl.atosorigin.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = fr01.awl.atosorigin.net,awl.atosorigin.net,dev.atos.fr,priv.atos.fr,elisa.net,axime.com,segin.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fr01.awl.atosorigin.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = fr01.awl.atosorigin.net,awl.atosorigin.net,dev.atos.fr,priv.atos.fr,elisa.net,axime.com,segin.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = fr01.awl.atosorigin.net,awl.atosorigin.net,dev.atos.fr,priv.atos.fr,elisa.net,axime.com,segin.com
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O21 - SSODL: blippers - {f2efa195-4785-4db1-9316-b48c64bb71da} - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\notes\ntmulti.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
A voir également:
- Popup intempestifs meme hors connexion web
- Gmail connexion - Guide
- Web office - Guide
- Spotify hors connexion - Guide
- Google maps hors connexion - Guide
- Gps hors connexion - Guide
1 réponse
Salut
fr01.awl.atosorigin.net ====> c'est quoi ça ???
Fais ce qui suit
Télécharge Blacklight(de F-Secure) a l’une des 2 adresses :
https://www.f-secure.com/en
https://www.f-secure.com/en
et sauvegarde le sur ton Bureau.
Double-clique blbeta.exeet accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie/colle le rapport
fr01.awl.atosorigin.net ====> c'est quoi ça ???
Fais ce qui suit
Télécharge Blacklight(de F-Secure) a l’une des 2 adresses :
https://www.f-secure.com/en
https://www.f-secure.com/en
et sauvegarde le sur ton Bureau.
Double-clique blbeta.exeet accepte la licence ; laisse [X]scan through Windows Explorer activé ; clique Scan puis Next
Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie/colle le rapport
