Votre question

Infécté par des trojan(fakealert) et (dowlander)

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Septembre 2008 16:02:03

bonjour se matin en allent sur ma messagerie j'ai supprimer tous les mail que je connaissé pas une fous la corbeil vider de ma messagerie, les mot "VIRUS ALERT!" se sont affiché juste a coté de l'heure pius mon anti-virus"bit defender" ma affiché un message pour autorissé le virus a entré sur mon ordinateur je nais pas eu le temp de cliké sur non que la fenettre ses fermé jai lancer des analyse sans succée puis je ne peut pas allez dans poste de travail plus d'icone dans démarrer plus d'icone aussi je ne peut pas allez voir tous les programe je peut juste arrété l'ordinateur, da sur le bureau a la place des icone poste de travail est msn et steam(jeu) il y a MS anti-virus, Error Cleaner, Privacy protector, Spyware&malware protection est j'ai esseyé de voire les application quand je les lance mon anti-virus m'informe qu'il a bloké le trojan.fakealert, dans ma quarentaine jai les trojan suivant : trojan.fakealert.ABA, trojan.PATCHED.CK. les seul application qui marche ses BitDefender.

Autres pages sur : infecte trojan fakealert dowlander

1 Septembre 2008 16:11:35

désolé pour les faute d'ortographe, jai réussi a allez dans poste de travail mais le disk dur est pas affichez juste les disk amovible je ne kompren rien jai vremen besion daide si vou ne komprenez rien possez moi des kestion merci :cry:  :cry:  :cry:  :sweat:  :sweat:  je ne sais plus comment faire
a b 8 Sécurité
1 Septembre 2008 16:55:04

Merci d'écrire correctement !

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Contenus similaires
1 Septembre 2008 19:48:47

tien voila mon rapport Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:48:04, on 01/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sunbelt Software\iHateSpam\siService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Sunbelt Software\iHateSpam\siSpamFilterEngine.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Orange\systray\systrayapp.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: Microsoft MSJava 32 - {43F7497C-7687-4DEA-A057-F21BD81BC896} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: QXK Olive - {7AFF0558-B4DF-4D98-B741-60169574D2D1} - C:\WINDOWS\vanwxemgqep.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [siService.exe] "C:\Program Files\Sunbelt Software\iHateSpam\siService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.c...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAD...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O21 - SSODL: xrdwbfgn - {BB849D2B-915F-486E-81F9-92720E9F7E8A} - C:\WINDOWS\xrdwbfgn.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 13084 bytes
a b 8 Sécurité
1 Septembre 2008 20:08:27

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    2 Septembre 2008 07:04:59

    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1103
    Windows 5.1.2600 Service Pack 2

    02:37:37 02/09/2008
    mbam-log-09-02-2008 (02-37-32).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 156928
    Temps écoulé: 5 hour(s), 43 minute(s), 28 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 121
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 6
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 28

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{8abe4dbe-80f1-45cc-8592-de0bcf78c32c} (Trojan.Zlob) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdssserv (Rootkit.Agent) -> No action taken.
    HKEY_CLASSES_ROOT\TypeLib\{3d72f15b-24a2-4880-b8e5-7944d2ee4a27} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{0c63fd70-fc74-46f1-ac6c-85f1e47a2e75} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\Interface\{af9bdb20-9e34-4a79-85cb-37f97a9a9fd2} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7aff0558-b4df-4d98-b741-60169574d2d1} (Trojan.FakeAlert) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7aff0558-b4df-4d98-b741-60169574d2d1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{01e20262-53c8-45a2-8b50-2382016765d5} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{04f2149a-9f3e-4eb6-8c0b-e19d726cea7a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{076389bd-7043-445e-8bc7-e3ef1b28ce38} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{07cc8b03-abff-4da7-8a05-bd96081a192b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{0b164ae4-217a-4a12-99e9-7e3547d51ef3} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{11f1960f-55cd-4680-a354-60a783df83d9} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{17e6f39d-c116-44dd-b410-f21d0f171357} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1968b5b7-7a39-477b-ac08-8e12640c8c8c} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1bb8e167-f829-423e-bae4-bcbea03b6c95} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1c5e235b-9376-4a49-a97f-092b43269199} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{2085748a-d7fd-4413-94fd-2ed425d73ffa} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{25f90e9b-91c1-4bfd-a0ed-291650a9bc79} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{26976b5d-3fbc-448e-b857-10b29a68b781} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{2ac7dde4-35aa-4ad3-87a6-78084b23ef5a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{2b3848fc-b48b-4b95-a670-d4aa3bbf4f28} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{3562113a-f8a4-4c61-9cda-8a3d42d0d621} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{3738618a-c8cb-4260-a95a-c513880f695a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{3eb0e391-bf06-474e-80b6-34eef44629d9} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{3ed578ab-361f-47b8-857f-25aa0e4a599c} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{4035c60e-09f1-49bd-97f1-3df38b7e0aae} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{43f4a252-f142-4919-b2a8-14c36aad071f} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{4983b8db-f422-4b79-aa8b-603bc6d3bb7b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{4b84ff8e-bd0c-4a5a-af11-79f9a716673c} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{4bd27a9c-b63d-4a6b-8e81-060afa8ecbf7} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{4cf4b92b-21eb-40e8-b7f0-0bc3982d3351} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{4e9c38e0-999b-4f76-be6c-bb4d0d6c20dd} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{528f6ba0-94b8-44ce-b216-f8a46f81fe40} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{53610fe7-f339-4fd6-b9bb-92984e62192b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{539585db-f8c3-44ba-9c0d-89f46c1fdd63} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{54d449d3-a4cd-4cd9-a27b-6d257b4f1a09} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{58a10483-7f33-40b0-b840-ccefdfa8c32a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{58c1ab07-e4c7-4e2f-9953-3b6b5df086d0} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{5afc767f-a5c0-45a8-a17d-8d0ad215aab3} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{5c2ba8d4-a7ab-47bf-9f22-3689635fd040} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{5e851b98-fdec-4b60-9f28-54b6d102dbf5} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{66b14c36-f7dd-401d-bb78-806bd4337942} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{67571683-a544-418a-a6d5-5967aca32b53} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{69ec2126-492e-49d1-9245-44702cdac975} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{6cfafff9-70db-4b82-8094-317352c9a123} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7006ffed-1458-4b32-ae13-17178f5e08b6} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{72e3bee5-a8b8-4155-af0e-2dfc1f87610d} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{74da8d88-4a3a-4d41-83eb-88a214ac4529} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{74f4cb5f-4a8f-4a9e-9772-90c6f870ce77} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7673fde0-dff6-49a5-9550-3cfb4c855c56} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{79445c28-b36a-400d-a49c-a83d0b727157} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7a650dba-4948-4293-a1d0-cb55103e7b84} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{7d1a458e-d11e-4178-8043-2c7f58d9aad7} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{8478cf4e-12e2-4160-b37c-4842c6085c3b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{8646dcf9-9d76-445b-8ed5-4efcf36f88d1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{878e4d19-ca0e-4ab2-bf54-672f227a3dcb} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{879b98f2-e0bd-49a1-b7f5-84340e690f3c} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{87e3bc04-7b59-4cc1-abdf-d5a15918d75b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{8c2743f7-6492-4d91-ab5e-f98220f6e705} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{90ea5d3e-7a61-47ac-a68e-dfd250953afe} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{91c1c7a8-5daa-4705-9f74-c7c370a29f5f} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{94ac1ec1-da14-448b-9090-76aa239b024b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{950bce3d-5503-420c-aa10-b2f251f14cf2} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9922b031-8d91-4a30-89ff-489583194eba} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9c2d4573-84cc-4514-85e4-be391440b290} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9c6093a6-3bb3-4c36-91b7-4be1fb177be4} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9dcad628-cdcd-428f-9b19-083df20302e1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9f0d4ec7-6bc7-4901-90d1-c41b7ec44971} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a09bbba7-52cd-4a8a-a4bd-bd86a14a648f} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a2aefc87-6f68-48a0-ae20-ba5e8ef971f7} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a3bc0a40-eb5a-43a5-82f8-48a641102cf3} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a4645d60-a413-45c3-8877-6362a8cb2dc2} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a7b6b1f3-fc61-4375-b370-bfcbf5624aad} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{a8dd1624-c82a-47af-b528-165210079007} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{ad03639b-e1b1-4b46-9768-6dc89fea473b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{ad4d9fa8-dacc-4ff9-936a-bc40ef2888ca} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{b1090ed5-5e2c-42f2-b353-e01011299c4a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{b5444847-4421-45cd-9c62-cd5cbd9b8878} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{b7c9529a-e00a-4d62-a7a7-a150ecd648d3} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{bb849d2b-915f-486e-81f9-92720e9f7e8a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{bd58ea2f-92a2-4970-a401-2933c8c11dad} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c029859e-cf8b-4409-894d-eea05da5ee70} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c0b562e8-133d-4fa9-8230-6707791b0de7} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c296e494-e48a-4b81-a1a1-fbb30f2abf4e} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c312105d-b8d7-4e21-8141-343519c5cba1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c78026e4-6ea9-42e9-8aa4-a8036817b156} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{caff841e-10ad-4834-b280-8228ec642930} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{cb267c20-687a-43f4-8be2-0dfffd89afe1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{cfa32d31-41fe-48a7-9235-31fcbe145b21} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d0310650-440c-43de-b25f-39adf261b6d3} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d3b1afe8-88ac-4f14-8bce-f45c205567e5} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d56dfc8a-1438-4718-82b3-6d28510a7aaf} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d6b63aa8-abc2-4b11-b4fd-c8b22d3f1c0e} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d900c638-1653-4be3-a16d-724e82b07a08} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{d9b766f9-4e76-4a03-a22f-74a7932e3aa9} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{da1d80f8-26d8-49fa-8dc9-29d5f969ccdb} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{db3098f0-a54d-43e5-8d2b-7c311a909c7b} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{db4e1861-5434-4158-a893-15c90e021c63} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{db81f262-2ae0-4501-8204-cabf4ccd848f} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{dcff30fe-6bb3-4461-a467-4a3567161288} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{e29c8894-bb4d-4825-b6a6-ceacfafd9540} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{e311c002-b357-4a70-b31c-83c29daa0dc6} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{e7f340b3-5b35-4449-89a7-cc4f7b35a7de} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{ec584ac9-901e-44ed-97d7-8908e3247b22} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{ed9d8799-de32-4bbb-b542-c817acdae6b4} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{eee5cc6a-f2c1-42ff-ba72-a25a4e7022f1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{eee7da48-a895-4179-b4b5-3f135a58f8d9} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{f3bb08fa-4747-46d6-828e-c4334cfd7aa1} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{f55ee2c5-a1dd-41cb-ad4b-6b34e185c6e3} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{f6af3120-02bd-42f2-9e11-ee30ab01ad56} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{f7f22987-e707-4fe7-a082-4736dd092bd2} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{f99c30c0-ae70-4913-bfd0-976a0fd5623a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{fcf10500-29da-4fc9-b04f-c981e4ee29b7} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{fd4eaa59-53fd-4510-8e59-f0c13b15723a} (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{fe26843f-5e6f-4f8f-87b6-fcb5e6d5b859} (Trojan.FakeAlert) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\gksraemq.bkte (Trojan.FakeAlert) -> No action taken.
    HKEY_CLASSES_ROOT\gksraemq.toolbar.1 (Trojan.FakeAlert) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\xrdwbfgn (Trojan.FakeAlert) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (76412-OEM-0011903-00199) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken.

    Dossier(s) infecté(s):
    C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> No action taken.

    Fichier(s) infecté(s):
    C:\Program Files\PCHealthCenter\0.exe (Trojan.FakeAlert) -> No action taken.
    C:\Program Files\PCHealthCenter\1.exe (Trojan.FakeAlert) -> No action taken.
    C:\Program Files\PCHealthCenter\2.exe (Trojan.FakeAlert) -> No action taken.
    C:\Program Files\PCHealthCenter\3.exe (Trojan.FakeAlert) -> No action taken.
    C:\Program Files\PCHealthCenter\5.exe (Trojan.FakeAlert) -> No action taken.
    C:\Program Files\PCHealthCenter\7.exe (Trojan.FakeAlert) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359510.exe (Trojan.FakeAlert) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359511.exe (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\dgksvbpn.dll (Trojan.Zlob) -> No action taken.
    C:\WINDOWS\egov.exe (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\system32\VIE30.exe (Trojan.FakeAlert) -> No action taken.
    C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> No action taken.
    C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> No action taken.
    C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> No action taken.
    C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> No action taken.
    C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> No action taken.
    C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> No action taken.
    C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> No action taken.
    C:\Program Files\MSA\MSA.exe (Rogue.MSAntivirus) -> No action taken.
    C:\Program Files\MSA\msa0.dat (Rogue.MSAntivirus) -> No action taken.
    C:\Program Files\MSA\msa1.dat (Rogue.MSAntivirus) -> No action taken.
    C:\WINDOWS\vanwxemgqep.dll (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\xrdwbfgn.dll (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\sxmaokgf.exe (Trojan.FakeAlert) -> No action taken.
    C:\WINDOWS\system32\rbwelcvn_navps.dat (Adware.NaviPromo) -> No action taken.
    C:\WINDOWS\system32\rbwelcvn_nav.dat (Adware.NaviPromo) -> No action taken.
    C:\Documents and Settings\Claudine\Bureau\MS Antivirus.lnk (Rogue.Link) -> No action taken.
    C:\Documents and Settings\Claudine\Bureau\Privacy Protector.url (Rogue.Link) -> No action taken.

    2 Septembre 2008 16:40:40

    apres cette analyse jai toujour plien d'alerte me disant qu'il a bloké un trojan quand je lance une analyse bitdefender trouve 34 menace qu'il ne peut pas supprimer comment puije faire merci d'avance je suis désésspéré tu est ma derniere chance AngelDark
    a b 8 Sécurité
    2 Septembre 2008 17:35:09

    Tu as bien supprimé les infections avec MBAM ?
    2 Septembre 2008 18:03:02

    oui je vais mettre a jour instalé la deniere version est je recomence dans 5 heures je te donne de mes nouvelles merci beaucoup !
    a b 8 Sécurité
    2 Septembre 2008 18:17:16

    Ok.
    2 Septembre 2008 18:20:03

    Désolé pour double poste mais demain j'ai entrénement de rugby j'étin mon pc pour pouvoire dormire correctement cette nuit voila jte donne sa demain merci a+
    a b 8 Sécurité
    2 Septembre 2008 18:22:36

    No prob.
    4 Septembre 2008 18:07:07

    Désolé pour le retard la rentré du lycée ma occupé pendant tou mon temp libre
    Malwarebytes' Anti-Malware 1.26
    Version de la base de données: 1103
    Windows 5.1.2600 Service Pack 2

    04/09/2008 01:39:11
    mbam-log-2008-09-04 (13-39-08).txt

    Type de recherche: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|)
    Eléments examinés: 154652
    Temps écoulé: 2 hour(s), 22 minute(s), 8 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359520.exe (Trojan.FakeAlert) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359519.exe (Trojan.FakeAlert) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359523.exe (Trojan.FakeAlert) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359525.dll (Trojan.Zlob) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359526.exe (Trojan.FakeAlert) -> No action taken.
    C:\System Volume Information\_restore{9BD1E2A9-38A1-4417-9D2D-F598174C7603}\RP833\A0359527.exe (Trojan.FakeAlert) -> No action taken.
    a b 8 Sécurité
    4 Septembre 2008 18:27:01

    Tu as bien supprimé les infections ?
    4 Septembre 2008 21:29:31

    oui sa a l'aire de bien fonctioné c'etai la derniere etapes ?
    a b 8 Sécurité
    5 Septembre 2008 18:14:21

    Nan, reposte un rapport Hijackthis.
    7 Septembre 2008 17:45:54

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:43:27, on 07/09/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Sunbelt Software\iHateSpam\siService.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Sunbelt Software\iHateSpam\siSpamFilterEngine.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Microsoft MSJava 32 - {43F7497C-7687-4DEA-A057-F21BD81BC896} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
    O4 - HKLM\..\Run: [siService.exe] "C:\Program Files\Sunbelt Software\iHateSpam\siService.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User 'Default user')
    O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://www.orange.fr
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.c...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAD...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
    O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 12326 bytes
    a b 8 Sécurité
    7 Septembre 2008 18:12:57

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    O2 - BHO: Microsoft MSJava 32 - {43F7497C-7687-4DEA-A057-F21BD81BC896} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    7 Septembre 2008 20:40:52

    Je les fait merci pour tes conseile que faut t-il fair ensuite ?
    7 Septembre 2008 21:03:16

    est pour celle_ci ?
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
    a b 8 Sécurité
    8 Septembre 2008 16:59:22

    Il faut les laisser. Reposte un rapport Hijackthis.
    8 Septembre 2008 19:09:29

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:09:19, on 08/09/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Sunbelt Software\iHateSpam\siService.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    C:\Program Files\Sunbelt Software\iHateSpam\siSpamFilterEngine.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\orange\Launcher\Launcher.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
    C:\Program Files\Orange\systray\systrayapp.exe
    C:\Program Files\Orange\connectivity\connectivitymanager.exe
    C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
    O4 - HKLM\..\Run: [siService.exe] "C:\Program Files\Sunbelt Software\iHateSpam\siService.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - S-1-5-18 Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe (User 'Default user')
    O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O15 - Trusted Zone: http://www.orange.fr
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.c...
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAD...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
    O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 12701 bytes
    a b 8 Sécurité
    8 Septembre 2008 20:00:40

    D'autres soucis ?
    a b 8 Sécurité
    9 Septembre 2008 12:54:28

    Bon surf.
    5 Novembre 2008 12:25:02

    Bonjour moi aussi j'ai a peu pres le meme probleme le bouclier rouge avec la croix qui flood "you have a security problem" j'ai deja essayer de l'effacé j'ai stop son processus mais rien je sais plus quoi faire x_x si quelqu'un pouvais m'aider sa serais cool ^^
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS