Sujet Précédent Sujet Suivant

Fenetres intempestives!! au secour

Résolu
Aimeroad -  
jfkpresident Messages postés 13877 Statut Contributeur sécurité -
Bonjour,

Je vous ecri car j'ai un gros problèmes de fenetres intempestives toutes les 2-3 minutes une fenetre s'ouvre parfois c'est pour

-des jeux
-du casino
-la musique de Lea Soprano avec la piste musicale ..

mais j'ai aussi le droit a un "scan en ligne" de mon ordinateur : (je sais que c'est au contraire pour me mettre un virus) donc j'y met fin le plus vite possible mais plusieurs petits cadre m'empeche d'y mettre fin des de depart !

Bref quelque chose de trés embettant jai donc mis cccleaner ad ware antimalwares etc mais rien y fait

Pourriez vous m'aidez?

15 réponses

Réponse 1 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
salut ;

1) télécharge hijackthis ici: http://www.infos-du-net.com/telecharger/HijackThis,0301-454.html
ceci est un outil pour diagnostiquer ton pc .

*.Enregistre HJTInstall.exe sur ton bureau
*. Double-clique sur HJTInstall.exe pour lancer le programme
*. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
*. Accepte la license en cliquant sur le bouton "I Accept"
*. Choisis l'option "Do a system scan and save a log file"
*. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
*. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
*. Colle le rapport que tu viens de copier sur ce forum
*. Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

tutoriel générer un rapport
0
Aimeroad
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:30:20, on 12/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\sabri\Local Settings\Temporary Internet Files\Content.IE5\0UTCJAAD\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {408041ab-5adb-49ea-e594-7a964d38b56c} - {c65b83d4-69a7-495e-ae94-bda5ba140804} - C:\WINDOWS\system32\wbfpqnes.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\tcntnkdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jmwnw64j.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D16524B-A641-4358-B007-67672FCB77F2}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
0
Réponse 2 / 15
twister2 Messages postés 223 Statut Membre 43
 
bonjour Aimeroad

a tu hi jack this ?@+
0
Réponse 3 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
ok ,tu vas passer MBAM comme ceci :

1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

https://www.malwarebytes.com/

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.

13) Poste le rapport dans ta réponse
0
Aimeroad
 
Ok je vais faire la mani'p merci encore d'aider des gens nuls comme moi .. :D
0
Réponse 4 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
pas de soucis ,personne n'est nul .

si je ne te repond pas de suite ne t'inquiete pas .

@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
Aimeroad
 
Malwarebytes' Anti-Malware 1.20
Database version: 942
Windows 5.1.2600 Service Pack 2

18:16:55 12/07/2008
mbam-log-7-12-2008 (18-16-49).txt

Scan type: Quick Scan
Objects scanned: 45426
Time elapsed: 6 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 107

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> No action taken.

Files Infected:
C:\Program Files\Conduit\Community Alerts\Alert.dll (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\update.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704873171_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704954281_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705002703_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705048421_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1726743250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1256613422_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261397407_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261604610_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261648438_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261680579_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261753360_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1577740313_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654805953_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654851750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654907953_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654933765_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654998359_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655031109_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655058906_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656751625_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656821750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656942875_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656997125_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_2874025610_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633221399649200000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633228307343731250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633326653764656250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826503985_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826551297_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1611650343_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1616510062_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256574750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256594985_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1477248454_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633211004690737500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304820925000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304996393750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305088425000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305474518750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330971739800000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330972241050000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633331064265893750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334935238506250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334936122256250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633337122220256250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633341279781868750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633345715223081250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633347941246337500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633365400471793750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370501944487500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370502646050000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503086987500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503363393750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503915581250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370508754175000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633388930702656250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633403616553356250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633408244235556480_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412028391693750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412030147631250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229032318750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229191225000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230104818750_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230243256250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412259605756250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633420454475400000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332012262500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332096481250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332581637500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332672731250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332808825000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332932262500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447333047106250_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633463264160275000_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_735535110_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_999644891_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_Email-04orange_gif-Colorized-633323306911237500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_PopUpBlocker-21_gif-comic02-633323306370612500_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_bankimages_commandcomps_block_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_ClientImages_radio_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16green_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16red_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss03x16blue_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_images_search_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_news_search_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_site_search_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_weather_search_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_dis_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_icon_gif.gif (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> No action taken.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\saslc=0&floc=1&sabfmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> No action taken.
C:\WINDOWS\BM6bd8bcf5.xml (Trojan.Vundo) -> No action taken.
C:\WINDOWS\BM6bd8bcf5.txt (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> No action taken.
0
Réponse 6 / 15
Aimeroad
 
et aprés suppression :

Malwarebytes' Anti-Malware 1.20
Database version: 942
Windows 5.1.2600 Service Pack 2

18:17:08 12/07/2008
mbam-log-7-12-2008 (18-17-08).txt

Scan type: Quick Scan
Objects scanned: 45426
Time elapsed: 6 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 107

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Conduit\Community Alerts\Alert.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\update.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704873171_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1704954281_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705002703_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1705048421_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_-1726743250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1256613422_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261397407_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261604610_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261648438_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261680579_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1261753360_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1577740313_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654805953_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654851750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654907953_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654933765_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1654998359_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655031109_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1655058906_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656751625_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656821750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656942875_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_1656997125_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_2874025610_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633221399649200000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633228307343731250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_633326653764656250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826503985_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_63_136_CT1360763_Images_826551297_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1611650343_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_-1616510062_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256574750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1256594985_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_1477248454_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633211004690737500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304820925000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323304996393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305088425000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633323305474518750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330971739800000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633330972241050000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633331064265893750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334935238506250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633334936122256250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633337122220256250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633341279781868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633345715223081250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633347941246337500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633365400471793750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370501944487500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370502646050000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503086987500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503363393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370503915581250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633370508754175000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633388930702656250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633403616553356250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633408244235556480_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412028391693750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412030147631250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229032318750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412229191225000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230104818750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412230243256250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633412259605756250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633420454475400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332012262500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332096481250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332581637500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332672731250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332808825000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447332932262500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633447333047106250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_633463264160275000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_735535110_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_999644891_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_Email-04orange_gif-Colorized-633323306911237500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___storage_conduit_com_65_64_CT649865_Images_PopUpBlocker-21_gif-comic02-633323306370612500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_bankimages_commandcomps_block_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_ClientImages_radio_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16green_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16red_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss01x16_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_rssImages_rrs16Images_rss03x16blue_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_images_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_news_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_site_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_Images_SearchEngines_weather_search_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_dis_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_icon_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\sabri\Local Settings\Application Data\Live_TV\rss\saslc=0&floc=1&sabfmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\BM6bd8bcf5.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM6bd8bcf5.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
0
Réponse 7 / 15
Aimeroad
 
Ca continue quand meme :(
0
Réponse 8 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
recolle moi un nouveau log hijackthis .
0
Réponse 9 / 15
SaPasseOuSaBug Messages postés 44 Statut Membre 6
 
Coucou.
Pubs de casino?
Navilog!

Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.exe pour télécharger navilog1
Choisis Enregistrer

et enregistre-le sur ton bureau.

Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
poste les rapports obtenus

Ici si tu veut tu peut avoir antivir prenium gratuit. Et donc virer les autres logiciels antimalwares. Sa te laisse plus de ressources pour ton pc.
http://www.commentcamarche.net/telecharger/telecharger 34055402 avira antivir premium

Télécharge advance windows care, installe et Scan, réparer.
https://www.iobit.com/en/advancedsystemcarefree.php?Str=download

Voila, manque plus qu'un vrai mur de feu:
https://www.malekal.com/tutorial-et-guide-counterspy/

Poste le rapport navilog.
0
Réponse 10 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
pour info: les pubs casinos ne sont pas toujours du a l'adware navipromo il peut s'agir aussi d'une infection de type Vundo comme le montre le log hijack ainsi que MBAM :

C:\WINDOWS\BM6bd8bcf5.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM6bd8bcf5.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

Aimeroad: j'attend le nouveau log hijack .
0
Réponse 11 / 15
Aimeroad
 
Merci mais navilog je l'ai telechargé etc choisi francai et appuyer sur 1 mais il ne demarre pas ...

du moins il n'y a qu'un debut et il me dise " cela peut prendre plusieurs minutes " mais ca n'avance jamais

Je vais faire un rapport hijackthis
0
Réponse 12 / 15
Aimeroad
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:34:32, on 13/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\sabri\Local Settings\Temporary Internet Files\Content.IE5\VEHESU0G\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {408041ab-5adb-49ea-e594-7a964d38b56c} - {c65b83d4-69a7-495e-ae94-bda5ba140804} - C:\WINDOWS\system32\wbfpqnes.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\tcntnkdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jmwnw64j.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D16524B-A641-4358-B007-67672FCB77F2}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
0
Réponse 13 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
salut désolé du retard ;

-> Relance HijackThis cliques sur « scanner seulement » ou (« do a scan only »),
coche les cases devant ces lignes :

O2 - BHO: {408041ab-5adb-49ea-e594-7a964d38b56c} - {c65b83d4-69a7-495e-ae94-bda5ba140804} - C:\WINDOWS\system32\wbfpqnes.dll
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)

et ensuite ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus,
puis clique "Fix checked"( ou « fixer objet »). Ferme HijackThis!

La console Java n'est pas à jour: https://www.java.com/fr/download/
Clique sur Download Latest Version

Clique sur Download Latest Version puis installe java.
En fin d'installation, revient sur la page pour vérifier ton installation.
Quand l'installation a réussi, ouvre le panneau de configuration >
Ajout/suppression de programmes et supprimes les anciennes versions (de java) afin d’éliminer les failles de sécurité présentes dans ces anciennes versions.
Fais cela pour chacune d'elle, une a une, fais redémarrer ton PC quand cela te le sera demandé .
Tu gardes la Java\jre1.6.0_05 !

dis moi ensuite si tu as encore des problemes ?

0
Réponse 14 / 15
Aimeroad
 
Apparement les probleme se sont arrété :D Un grand merci a toi jfkpresident pour tout tes bons conseils et bien detaillé :D

Ca fai du bien de pas etre épié toutes les 30 secondes désormais
0
Réponse 15 / 15
jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
 
ravi d'avoir pu t'aider .

Bon surf !
0

Discussions similaires

Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses
Mon pc ouvre des fenetres tout seul
ilvyans -
bugiuglg -

25 réponses
Clavier ouvre raccourcis
angellee -
Clemence -

11 réponses