Merci à l'avance pour votre précieuse aide: Voici mon log de Hijack This - je sais que je suis infecté ... j'ai vraiment besoin d'aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:54:20, on 2008-03-21 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\nvcoi\nvcoi.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\mrofinu.exe C:\anick\download\hijack\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = C:\Program Files\Copernic 2000\Search Bar.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {C12B4EC1-1F65-11D3-91CA-00104B9C4765} - C:\Program Files\Copernic 2000\CopernicFind.dll R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\8095\LOCALS~1\Temp\services.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {7FFD8638-9F0E-4CA2-8B52-3C54B98504F2} - C:\Program Files\Messenger\rotedof777444.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD325762EA4EBF968951185EFC412806867680AEDE604D64C2661373FD13E0DCD66A47 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe O4 - HKCU\..\Run: [Nllf] C:\WINDOWS\?ecurity\s?oolsv.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\RunServices: [MS Shell Services] C:\Program Files\Teslain KidLogger\MainWnd.exe -m O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxuk101YYCA O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Search Using Copernic - file://C:\Program Files\Copernic 2000\Search Extension.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2000\Copernic.exe O9 - Extra 'Tools' menuitem: Launch Copernic - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2000\Copernic.exe O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2000\Copernic.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab O16 - DPF: {1B9935E4-8A50-4DD8-BD09-A7518723BF97} (Talisma NetAgent Customer ActiveX Control version 3) - https://intuitcanada.ehosts.net/netagent/objects/custappx3.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/... O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zango/ie/bridge-c356.cab?3d78641c35c285f0b5af11442c6472c051b3f64c8f7f5822a4301327b3f9141d5c15113deef26ab072e4b9823d59ace9d9365ca936542977b3ec2c642b:d65dcad4d7f23d81ea8a8b93e75306fe O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by136fd.bay136.hotmail.msn.com/activex/HMAtchmt.ocx O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

Voici le rapport Malwarebytes' Anti-Malware 1.09 Version de la base de données: 524 Type de recherche: Examen complet (C:\|) Eléments examinés: 85532 Temps écoulé: 22 minute(s), 22 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 24 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 10 Fichier(s) infecté(s): 19 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{deceaaa2-370a-49bb-9362-68c3a58ddc62} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPV (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons (Adware.Hotbar) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\CPV\CPV7.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\anick\download\hijack\backups\backup-20080321-124107-735.dll (Adware.TTC) -> Quarantined and deleted successfully. C:\anick\download\hijack\backups\backup-20080321-130002-947.dll (Adware.TTC) -> Quarantined and deleted successfully. C:\Documents and Settings\XXXXX\Local Settings\Temporary Internet Files\Content.IE5\GL9779FV\wtuninstaller.prod.v10008.28dec2007.exe[1].6e13e72a172c38497dbf3a6e4fa179d5 (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\XXXXX\Local Settings\Temporary Internet Files\Content.IE5\QVS74NED\wtrec.prod.v10006.11dec2007.exe[1].c516a643c558a4d4daa4efafd47eff15 (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000034.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000035.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000036.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000048.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000052.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons\Registryrepair.ico (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons\Software_Online_8.ico (Adware.Hotbar) -> Quarantined and deleted successfully. C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons\wallpapere1.ico (Adware.Hotbar) -> Quarantined and deleted successfully.

Pour suivre ... Désolé je m'en vais ce soir j'espere que quelqu'"un continura ce post ou je reprendrais @+

Je suis la :) Clic droit sur post de travail propriété restauration system et coche la case ! Ensuite repost un scan bitdéfender stp

Si tu n'as plus de problème tu peux mettre résolus :)

Je peux remettre la restauration du système j'imagine

Oui mais avant refait un scan bitdefender online une fois le scan fait tu peux remettre ta réstauration

J'ai refait un scan - tout était ok Je viens de repartir l'ordi et j'ai eu un message d'erreur que voici BCCode : 1000007f BCP1 : 00000008 BCP2 : 80042000 BCP3 : 00000000 BCP4 : 00000000 OSVer : 5_1_2600 SP : 1_0 Product : 256_1 Qu'en penses-tu ?

L'as tu à chaque démarrage ?? Si tu n'as que une fois c'est pas grave ! Pourrais tu reposter un rapport hijackthis stp

ensuite pour virer les fix que je t'ai fait téléchargées: · Télécharge ToolsCleaner de A.Roshtein sur ton Bureau. http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe · Clique sur Recherche et laisse le scan se terminer. · Clique, sur Suppression pour finaliser. · Tu peux, si tu le souhaites, te servir des Options facultatives. · Clique sur Quitter, pour que le rapport puisse se créer. · Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).

As tu enregistré ta version ?? C:\WINDOWS\System32\wpabaln.exe ... ceci veux dire l'activation de windows donc tu ne l'a pas activé ? Te sert tu de O4 - HKCU\..\RunServices: [MS Shell Services] C:\Program Files\Teslain KidLogger\MainWnd.exe -m Sais tu au moins ce que c'est ? c'est pour surveiller ce que font les enfants sur le pc Tiens moi au courant

Hijack This logfile - Page 2

Résolu

Réponse 21 / 31
Apoutchy Messages postés 23 Statut Membre

Voici le rapport
Malwarebytes' Anti-Malware 1.09
Version de la base de données: 524

Type de recherche: Examen complet (C:\|)
Eléments examinés: 85532
Temps écoulé: 22 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 24
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 10
Fichier(s) infecté(s): 19

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\testcpv6.bho (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\testcpv6.bho.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{deceaaa2-370a-49bb-9362-68c3a58ddc62} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\{59a40ac9-e67d-4155-b31d-4b7330fcd2d6} (Adware.PurityScan) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\CPV (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons (Adware.Hotbar) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\CPV\CPV7.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\anick\download\hijack\backups\backup-20080321-124107-735.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\anick\download\hijack\backups\backup-20080321-130002-947.dll (Adware.TTC) -> Quarantined and deleted successfully.
C:\Documents and Settings\XXXXX\Local Settings\Temporary Internet Files\Content.IE5\GL9779FV\wtuninstaller.prod.v10008.28dec2007.exe[1].6e13e72a172c38497dbf3a6e4fa179d5 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\XXXXX\Local Settings\Temporary Internet Files\Content.IE5\QVS74NED\wtrec.prod.v10006.11dec2007.exe[1].c516a643c558a4d4daa4efafd47eff15 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000034.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000035.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000036.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000048.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A64566B8-C5A2-4896-A48E-83A88B4F4722}\RP1\A0000052.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons\Registryrepair.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons\Software_Online_8.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\XXXXX\Application Data\SpamBlockerUtility_Icons\wallpapere1.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
0
Réponse 22 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

Pour suivre ...

Désolé je m'en vais ce soir j'espere que quelqu'"un continura ce post ou je reprendrais @+
0
1. Apoutchy Messages postés 23 Statut Membre
  
  Pas de problème ... je préfères faire affaire avec toi alors j'attendrai la suite
  Question: tu écris de où ?
  
  0
Réponse 23 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

Je suis la :)

Clic droit sur post de travail propriété restauration system et coche la case !

Ensuite repost un scan bitdéfender stp
0
1. Apoutchy Messages postés 23 Statut Membre
  
  Est-ce que tu veux que je prenne le même processus pour le faire ... cad en mode échec
  
  0
2. Apoutchy Messages postés 23 Statut Membre
  
  Voilà le rapport: tout est beau
  1) Je n'ai pas encore de clé d'activation valide ... est-ce pour cette raison que mon ordi est très très long à démarrer (2 min) ?
  
  Malwarebytes' Anti-Malware 1.09
  Version de la base de données: 524
  
  Type de recherche: Examen complet (C:\|)
  Eléments examinés: 72460
  Temps écoulé: 20 minute(s), 41 second(s)
  
  Processus mémoire infecté(s): 0
  Module(s) mémoire infecté(s): 0
  Clé(s) du Registre infectée(s): 0
  Valeur(s) du Registre infectée(s): 0
  Elément(s) de données du Registre infecté(s): 0
  Dossier(s) infecté(s): 0
  Fichier(s) infecté(s): 0
  
  Processus mémoire infecté(s):
  (Aucun élément nuisible détecté)
  
  Module(s) mémoire infecté(s):
  (Aucun élément nuisible détecté)
  
  Clé(s) du Registre infectée(s):
  (Aucun élément nuisible détecté)
  
  Valeur(s) du Registre infectée(s):
  (Aucun élément nuisible détecté)
  
  Elément(s) de données du Registre infecté(s):
  (Aucun élément nuisible détecté)
  
  Dossier(s) infecté(s):
  (Aucun élément nuisible détecté)
  
  Fichier(s) infecté(s):
  (Aucun élément nuisible détecté)
  
  0
Réponse 24 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

Si tu n'as plus de problème tu peux mettre résolus :)
0
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Réponse 25 / 31
Apoutchy Messages postés 23 Statut Membre

Je peux remettre la restauration du système j'imagine
0
Réponse 26 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

Oui mais avant refait un scan bitdefender online une fois le scan fait tu peux remettre ta réstauration
0
Réponse 27 / 31
Apoutchy Messages postés 23 Statut Membre

J'ai refait un scan - tout était ok
Je viens de repartir l'ordi et j'ai eu un message d'erreur que voici

BCCode : 1000007f BCP1 : 00000008 BCP2 : 80042000 BCP3 : 00000000
BCP4 : 00000000 OSVer : 5_1_2600 SP : 1_0 Product : 256_1

Qu'en penses-tu ?
0
Réponse 28 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

L'as tu à chaque démarrage ??

Si tu n'as que une fois c'est pas grave !

Pourrais tu reposter un rapport hijackthis stp
0
1. Apoutchy Messages postés 23 Statut Membre
  
  Pour répondre à ta question: c'est la deuxième fois que je recois ce message
  
  Voici le log de Hijack
  
  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:50:33, on 2008-03-25
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  Boot mode: Normal
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  C:\Program Files\Bonjour\mDNSResponder.exe
  C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
  C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
  C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
  C:\WINDOWS\System32\ctfmon.exe
  C:\WINDOWS\System32\msmsgs.exe
  C:\Program Files\iPod\bin\iPodService.exe
  C:\WINDOWS\System32\wpabaln.exe
  C:\Program Files\MSN Messenger\usnsvc.exe
  C:\Program Files\LimeWire\LimeWire.exe
  C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
  C:\Program Files\Mozilla Firefox\firefox.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\anick\download\hijack\HijackThis.exe
  
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
  O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [Microsoft Oftice] C:\WINDOWS\System32\msmsgs.exe
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Nllf] C:\WINDOWS\?ecurity\s?oolsv.exe
  O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
  O4 - HKCU\..\Run: [Microsoft Oftice] C:\WINDOWS\System32\msmsgs.exe
  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
  O4 - HKCU\..\RunServices: [MS Shell Services] C:\Program Files\Teslain KidLogger\MainWnd.exe -m
  O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
  O4 - HKUS\S-1-5-18\..\Run: [Microsoft Oftice] C:\WINDOWS\System32\msmsgs.exe (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
  O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxuk101YYCA
  O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O8 - Extra context menu item: Search Using Copernic - file://C:\Program Files\Copernic 2000\Search Extension.htm
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
  O9 - Extra button: (no name) - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2000\Copernic.exe
  O9 - Extra 'Tools' menuitem: Launch Copernic - {2A465934-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2000\Copernic.exe
  O9 - Extra button: Copernic - {2A465936-E5F0-11D2-91B5-00104B9C4765} - C:\Program Files\Copernic 2000\Copernic.exe
  O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
  O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
  O16 - DPF: {1B9935E4-8A50-4DD8-BD09-A7518723BF97} (Talisma NetAgent Customer ActiveX Control version 3) - https://intuitcanada.ehosts.net/netagent/objects/custappx3.cab
  O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
  O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
  O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by136fd.bay136.hotmail.msn.com/activex/HMAtchmt.ocx
  O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
  O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  
  0
Réponse 29 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

ensuite pour virer les fix que je t'ai fait téléchargées:

· Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.
http://pagesperso-orange.fr/AceRothstein/ToolsCleaner2.exe
· Clique sur Recherche et laisse le scan se terminer.
· Clique, sur Suppression pour finaliser.
· Tu peux, si tu le souhaites, te servir des Options facultatives.
· Clique sur Quitter, pour que le rapport puisse se créer.
· Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).
0
1. Apoutchy Messages postés 23 Statut Membre
  
  Voilà
  
  -->- Recherche:
  
  C:\anick\download\hijack\HijackThis.exe: trouvé !
  C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
  C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
  C:\Documents and Settings\XXXXX\Bureau\HijackThis.lnk: trouvé !
  C:\Documents and Settings\XXXXX\Bureau\SDFIX: trouvé !
  C:\Documents and Settings\XXXXX\Bureau\SDFIX\SdFix.exe: trouvé !
  C:\Documents and Settings\XXXXX\Bureau\SDFIX\SDFIX: trouvé !
  
  ---------------------------------
  -->- Suppression:
  
  C:\anick\download\hijack\HijackThis.exe: ERREUR DE SUPPRESSION !!
  C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
  C:\Documents and Settings\XXXXX\Bureau\HijackThis.lnk: supprimé !
  C:\Documents and Settings\XXXXX\Bureau\SDFIX\SdFix.exe: supprimé !
  C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
  C:\Documents and Settings\XXXXX\Bureau\SDFIX: supprimé !
  
  Fichiers temporaires nettoyés !
  Sauvegarde du registre crée !
  
  0
Réponse 30 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

As tu enregistré ta version ??

C:\WINDOWS\System32\wpabaln.exe ... ceci veux dire l'activation de windows donc tu ne l'a pas activé ?

Te sert tu de

O4 - HKCU\..\RunServices: [MS Shell Services] C:\Program Files\Teslain KidLogger\MainWnd.exe -m

Sais tu au moins ce que c'est ? c'est pour surveiller ce que font les enfants sur le pc

Tiens moi au courant
0
1. Apoutchy Messages postés 23 Statut Membre
  
  Tu as raison, je n'ai pas encore activé Windows HP - la clé d'activation n'était plus bonne. Je viais aller acheter Windows HP -(mais ça brise le coeur de mettre mon argent sur ça). Est-ce la raison qui explique que le démarrage soit si lent ?
  
  Et oui, je me sers de 04 et oui je savais que ce c'était.
  
  Je n'ai pas encore pris le temps de te remercier pour tout ce que tu as fait pour moi! Merci beaucoup beaucoup. Je me sens entièrement en confiance quand tu me fais faire toute ces manoeuvres sur l'ordi.
  
  Si c'est possible, j'aimerais bien avoir ton e-mail ... au cas ou ?
  
  0
Réponse 31 / 31
••RiverToo•• Messages postés 1098 Statut Membre 53

Ok jte l'est envoyé par Mp
0

Hijack This logfile - Page 2

Discussions similaires

Newsletters