Fenetres intempestives!! au secour

Résolu
Aimeroad -  
jfkpresident Messages postés 13877 Statut Contributeur sécurité -
Bonjour,

Je vous ecri car j'ai un gros problèmes de fenetres intempestives toutes les 2-3 minutes une fenetre s'ouvre parfois c'est pour

-des jeux
-du casino
-la musique de Lea Soprano avec la piste musicale ..

mais j'ai aussi le droit a un "scan en ligne" de mon ordinateur : (je sais que c'est au contraire pour me mettre un virus) donc j'y met fin le plus vite possible mais plusieurs petits cadre m'empeche d'y mettre fin des de depart !

Bref quelque chose de trés embettant jai donc mis cccleaner ad ware antimalwares etc mais rien y fait

Pourriez vous m'aidez?
Configuration: Windows XP
Internet Explorer 7.0

15 réponses

  1. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    salut ;

    1) télécharge hijackthis ici: http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html
    ceci est un outil pour diagnostiquer ton pc .

    *.Enregistre HJTInstall.exe sur ton bureau
    *. Double-clique sur HJTInstall.exe pour lancer le programme
    *. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
    *. Accepte la license en cliquant sur le bouton "I Accept"
    *. Choisis l'option "Do a system scan and save a log file"
    *. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
    *. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
    *. Colle le rapport que tu viens de copier sur ce forum
    *. Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

    tutoriel générer un rapport
    0
    1. Aimeroad
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 17:30:20, on 12/07/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      C:\PROGRA~1\Wanadoo\CnxMon.exe
      C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
      C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
      C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\wscntfy.exe
      C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
      C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
      C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
      C:\PROGRA~1\Wanadoo\ComComp.exe
      C:\PROGRA~1\Wanadoo\Watch.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Windows Media Player\wmplayer.exe
      C:\Documents and Settings\sabri\Local Settings\Temporary Internet Files\Content.IE5\0UTCJAAD\HiJackThis[1].exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: {408041ab-5adb-49ea-e594-7a964d38b56c} - {c65b83d4-69a7-495e-ae94-bda5ba140804} - C:\WINDOWS\system32\wbfpqnes.dll
      O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
      O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
      O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
      O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\tcntnkdm.exe
      O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jmwnw64j.exe
      O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{9D16524B-A641-4358-B007-67672FCB77F2}: NameServer = 80.10.246.130 80.10.246.3
      O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
      O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
      O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
      0
  2. twister2 Messages postés 223 Statut Membre 44
     
    bonjour Aimeroad

    a tu hi jack this ?@+
    0
  3. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    ok ,tu vas passer MBAM comme ceci :

    1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

    https://www.malwarebytes.com/

    3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

    4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

    5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

    6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

    7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

    8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

    9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

    10) Si des malwares ont été détectés, leur liste s'affiche.
    En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

    11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

    12) Ferme MBAM en cliquant sur Quitter.

    13) Poste le rapport dans ta réponse
    0
    1. Aimeroad
       
      Ok je vais faire la mani'p merci encore d'aider des gens nuls comme moi .. :D
      0
  4. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    pas de soucis ,personne n'est nul .

    si je ne te repond pas de suite ne t'inquiete pas .

    @+
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Aimeroad
     
    Malwarebytes' Anti-Malware 1.20
    Database version: 942
    Windows 5.1.2600 Service Pack 2

    18:16:55 12/07/2008
    mbam-log-7-12-2008 (18-16-49).txt

    Scan type: Quick Scan
    Objects scanned: 45426
    Time elapsed: 6 minute(s), 31 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 6
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 4
    Files Infected: 107

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Adware.Agent) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> No action taken.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> No action taken.

    Files Infected:
    C:\Program Files\Conduit\Community Alerts\Alert.dll (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\update.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704873171_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704954281_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705002703_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705048421_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1726743250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1256613422_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261397407_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261604610_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261648438_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261680579_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261753360_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1577740313_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654805953_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654851750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654907953_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654933765_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654998359_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655031109_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655058906_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656751625_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656821750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656942875_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656997125_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_2874025610_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633221399649200000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633228307343731250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633326653764656250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826503985_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826551297_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1611650343_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1616510062_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256574750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256594985_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1477248454_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633211004690737500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304820925000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304996393750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305088425000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305474518750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330971739800000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330972241050000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633331064265893750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334935238506250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334936122256250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633337122220256250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633341279781868750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633345715223081250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633347941246337500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633365400471793750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370501944487500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370502646050000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503086987500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503363393750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503915581250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370508754175000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633388930702656250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633403616553356250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633408244235556480_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412028391693750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412030147631250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229032318750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229191225000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230104818750_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230243256250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412259605756250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633420454475400000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332012262500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332096481250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332581637500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332672731250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332808825000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332932262500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447333047106250_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633463264160275000_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_735535110_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_999644891_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_Email-04orange_gif-Colorized-633323306911237500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_PopUpBlocker-21_gif-comic02-633323306370612500_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_bankimages_commandcomps_block_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_ClientImages_radio_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16green_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16red_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss03x16blue_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_images_search_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_news_search_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_site_search_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_weather_search_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_dis_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_icon_gif.gif (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> No action taken.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\saslc=0&floc=1&sabfmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> No action taken.
    C:\WINDOWS\BM6bd8bcf5.xml (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\BM6bd8bcf5.txt (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
    0
  7. Aimeroad
     
    et aprés suppression :

    Malwarebytes' Anti-Malware 1.20
    Database version: 942
    Windows 5.1.2600 Service Pack 2

    18:17:08 12/07/2008
    mbam-log-7-12-2008 (18-17-08).txt

    Scan type: Quick Scan
    Objects scanned: 45426
    Time elapsed: 6 minute(s), 31 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 6
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 4
    Files Infected: 107

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Program Files\Conduit\Community Alerts\Alert.dll (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\update.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704873171_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704954281_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705002703_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705048421_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1726743250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1256613422_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261397407_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261604610_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261648438_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261680579_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261753360_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1577740313_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654805953_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654851750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654907953_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654933765_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654998359_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655031109_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655058906_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656751625_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656821750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656942875_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656997125_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_2874025610_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633221399649200000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633228307343731250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633326653764656250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826503985_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826551297_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1611650343_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1616510062_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256574750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256594985_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1477248454_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633211004690737500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304820925000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304996393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305088425000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305474518750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330971739800000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330972241050000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633331064265893750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334935238506250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334936122256250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633337122220256250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633341279781868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633345715223081250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633347941246337500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633365400471793750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370501944487500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370502646050000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503086987500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503363393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503915581250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370508754175000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633388930702656250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633403616553356250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633408244235556480_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412028391693750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412030147631250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229032318750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229191225000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230104818750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230243256250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412259605756250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633420454475400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332012262500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332096481250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332581637500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332672731250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332808825000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332932262500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447333047106250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633463264160275000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_735535110_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_999644891_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_Email-04orange_gif-Colorized-633323306911237500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_PopUpBlocker-21_gif-comic02-633323306370612500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_bankimages_commandcomps_block_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_ClientImages_radio_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16green_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16red_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss03x16blue_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_images_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_news_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_site_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_weather_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_dis_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_icon_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\saslc=0&floc=1&sabfmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM6bd8bcf5.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM6bd8bcf5.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    0
  8. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    recolle moi un nouveau log hijackthis .
    0
  9. SaPasseOuSaBug Messages postés 44 Statut Membre 6
     
    Coucou.
    Pubs de casino?
    Navilog!

    Clique sur ce lien :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    Clique sur navilog1.exe pour télécharger navilog1
    Choisis Enregistrer

    et enregistre-le sur ton bureau.

    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le bloc note.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    poste les rapports obtenus

    Ici si tu veut tu peut avoir antivir prenium gratuit. Et donc virer les autres logiciels antimalwares. Sa te laisse plus de ressources pour ton pc.
    http://www.commentcamarche.net/telecharger/telecharger 34055402 avira antivir premium

    Télécharge advance windows care, installe et Scan, réparer.
    https://www.iobit.com/en/advancedsystemcarefree.php?Str=download

    Voila, manque plus qu'un vrai mur de feu:
    https://www.malekal.com/tutorial-et-guide-counterspy/

    Poste le rapport navilog.
    0
  10. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    pour info: les pubs casinos ne sont pas toujours du a l'adware navipromo il peut s'agir aussi d'une infection de type Vundo comme le montre le log hijack ainsi que MBAM :

    C:\WINDOWS\BM6bd8bcf5.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\BM6bd8bcf5.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.


    Aimeroad: j'attend le nouveau log hijack .
    0
  11. Aimeroad
     
    Merci mais navilog je l'ai telechargé etc choisi francai et appuyer sur 1 mais il ne demarre pas ...

    du moins il n'y a qu'un debut et il me dise " cela peut prendre plusieurs minutes " mais ca n'avance jamais

    Je vais faire un rapport hijackthis
    0
  12. Aimeroad
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:34:32, on 13/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
    C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\sabri\Local Settings\Temporary Internet Files\Content.IE5\VEHESU0G\HiJackThis[1].exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: {408041ab-5adb-49ea-e594-7a964d38b56c} - {c65b83d4-69a7-495e-ae94-bda5ba140804} - C:\WINDOWS\system32\wbfpqnes.dll
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\tcntnkdm.exe
    O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jmwnw64j.exe
    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9D16524B-A641-4358-B007-67672FCB77F2}: NameServer = 80.10.246.130 80.10.246.3
    O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    0
  13. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    salut désolé du retard ;

    -> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
    coche les cases devant ces lignes :

    O2 - BHO: {408041ab-5adb-49ea-e594-7a964d38b56c} - {c65b83d4-69a7-495e-ae94-bda5ba140804} - C:\WINDOWS\system32\wbfpqnes.dll
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)


    et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
    puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!

    La console Java n'est pas à jour: https://www.java.com/fr/download/
    Clique sur Download Latest Version

    Clique sur Download Latest Version puis installe java.
    En fin d'installation, revient sur la page pour vérifier ton installation.
    Quand l'installation a réussi, ouvre le panneau de configuration >
    Ajout/suppression de programmes et supprimes les anciennes versions (de java) afin d’éliminer les failles de sécurité présentes dans ces anciennes versions.
    Fais cela pour chacune d'elle, une a une, fais redémarrer ton PC quand cela te le sera demandé .
    Tu gardes la Java\jre1.6.0_05 !

    dis moi ensuite si tu as encore des problemes ?

    0
  14. Aimeroad
     
    Apparement les probleme se sont arrété :D Un grand merci a toi jfkpresident pour tout tes bons conseils et bien detaillé :D

    Ca fai du bien de pas etre épié toutes les 30 secondes désormais
    0
  15. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    ravi d'avoir pu t'aider .

    Bon surf !
    0