|
|  | | 
|
|
|
| | melissa$ melissa
14/01 :: 23:38
Anonyme
| | Bonjour,
J'ai chopé un virus qui s'appelle MyRealPics. Du moins c'est le nom du fichier qui s'incruste dans "mes favoris" et qui m'ouvre des pages internet de façon intempestive. J'ai Windows 2000 et Norton mais y'a rien à faire quand je veux le supprimer il me dit que les fichier n'existe pas.
Bravo à celui qui me trouvera la réponse ça fait un môment que je cherche
@+ melissa | |
| Scarabee$2003165 Scarabee
15/01 :: 08:15
Membre acharné
| | Ce genre de pratique rappelle plutôt un spyware ou assimilé mais pas spécialement un virus.
As-tu essayé Spybot S&D ??
Si cela ne fonctionne pas : HijjackThis, tu trouveras la manière de proceder ici...
Bis repetita placent... | |
| habana$ habana
16/01 :: 13:48
Admin
| | Essaie avec CWShredder dispo ici
http://merijn.org/downloads.html
(je l'ajoute bientôt en section téléchargement) | |
| melissa$ melissa
20/01 :: 22:11
Anonyme
| | Merci beaucoup a ceux qui ont répondu.
J'ai essayé CWShredder mais ça marche pas pour Myrealpics.
J'ai essayé Spybot mais après le scan je sais pas trop comment faire. En tout cas voici le résultat :
Bargain Buddy: Autorun settings (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bargains
CarpeDiem Vars: RAS profile (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Montorgueil
CoolWWWSearch: IE Search assistent (Modification du registre, nothing done)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant=about:blank
CoolWWWSearch: IE Search bar (Modification du registre, nothing done)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar=about:blank
CoolWWWSearch: IE Search page (Modification du registre, nothing done)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page=http://www.google.com
CoolWWWSearch: IE Search url #1 (Modification du registre, nothing done)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL=http://www.google.com
CoolWWWSearch: IE Start page (Modification du registre, nothing done)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page=about:blank
DSO Exploit: Data source object exploit (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004=W=3
InternetWasher: File extension (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\.te
NewsUpdate: Ad settings (Clé du registre, nothing done)
HKEY_LOCAL_MACHINE\Software\Creative Tech\Software Installed\News
NewsUpdate: Class (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CTMARQ.CTMarqCtrl.1
NewsUpdate: Class ID ( (CTMarq Property Page)) (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{C1B43B82-8B3C-11D4-B615-00A0C98E9F5B}
NewsUpdate: Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{C1B43B81-8B3C-11D4-B615-00A0C98E9F5B}
NewsUpdate: Interface ( (_DCTMarqEvents)) (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{C1B43B80-8B3C-11D4-B615-00A0C98E9F5B}
NewsUpdate: Interface ( (_DCTMarq)) (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Interface\{C1B43B7F-8B3C-11D4-B615-00A0C98E9F5B}
NewsUpdate: Program directory (Répertoire, nothing done)
C:\Program Files\Creative\News
NewsUpdate: Typelib (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\Typelib\{C1B43B7E-8B3C-11D4-B615-00A0C98E9F5B}
WebDialer: Class ID (Clé du registre, nothing done)
HKEY_CLASSES_ROOT\CLSID\{02C20140-76F8-4763-83D5-B660107B7A90}
WebDialer: Settings (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\WebDialer
Windows Media Player: Client ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID=
Windows Media Player: Client ID (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID=
WinLogon: Autorun settings (Valeur du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinAuth
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\powerpup.act (DLL partagée manquante, nothing done)
powerpup.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\genius.act (DLL partagée manquante, nothing done)
genius.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\dot.act (DLL partagée manquante, nothing done)
dot.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\mnature.act (DLL partagée manquante, nothing done)
mnature.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\hoverbot.act (DLL partagée manquante, nothing done)
hoverbot.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\will.act (DLL partagée manquante, nothing done)
will.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\logo.act (DLL partagée manquante, nothing done)
logo.act
Windows Registry: \\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\Office\Acteurs\scribble.act (DLL partagée manquante, nothing done)
scribble.act
Windows Registry: C:\WINNT\System32\SYMEVNT1.DLL (DLL partagée manquante, nothing done)
SYMEVNT1.DLL
Windows Registry: C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (DLL partagée manquante, nothing done)
WinCinemaMgr.exe
Windows Registry: (Fichier d'aide manquant, nothing done)
\Software\Microsoft\Windows\CurrentVersion\App Paths\monitor.exe
Windows Registry: vbabdr8.aw (Fichier d'aide manquant, nothing done)
C:\Program Files\Microsoft Office\Office
Windows Registry: xltmplt8.hlp (Fichier d'aide manquant, nothing done)
C:\Program Files\Microsoft Office\Office
Windows Registry: reseau8.txt (Fichier d'aide manquant, nothing done)
C:\Program Files\Microsoft Office\Office\Install
Windows Registry: WinAuth (Le fichier de démarrage n'existe pas, nothing done)
Windows Registry: 000StTHK (Le fichier de démarrage n'existe pas, nothing done)
Windows Registry: winnt32.exe (Localisation erronée, nothing done)
Windows Registry: WFCMGR32.EXE (Localisation erronée, nothing done)
C:\Program Files\Citrix\Client ICA\WFCMGR32.EXE
Windows Registry: setup.exe (Localisation erronée, nothing done)
Windows Registry: table30.exe (Localisation erronée, nothing done)
Windows Registry: monitor.exe (Localisation erronée, nothing done)
\Software\Microsoft\Windows\CurrentVersion\App Paths\monitor.exe
Windows Registry: install.exe (Localisation erronée, nothing done)
Windows Registry: BIBLISE.EXE (Localisation erronée, nothing done)
\\FGRSRV_LOG\LOG_BUR\MICROS~1\OFFICE~1\aamsstp\app\biblise.exe
Adobe Acrobat Reader 5: Recent file #1 (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c1
Adobe Acrobat Reader 5: Recent file #2 (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c2
Adobe Acrobat Reader 5: Recent file #3 (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Adobe\Acrobat Reader\5.0\AVGeneral\cRecentFiles\c3
Common Dialogs: History ( (70 files)) (Clé du registre, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Internet Explorer: AutoComplete data ( (3 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Internet Explorer\IntelliForms\SPW
Internet Explorer: Cookies ( (12 cookies)) (Répertoire, nothing done)
C:\Documents and Settings\install\Cookies
Internet Explorer: Download directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Internet Explorer\Download Directory=
Internet Explorer: Last used directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Internet Explorer\Main\Save Directory=
Internet Explorer: Temporary internet files ( (689 entries)) (Vider le cache, nothing done)
Internet Explorer: URL history #1 ( (5 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: User agent (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent=Mozilla/4.0 (compatible; MSIE; Win32)
Internet Explorer: User agent (Modification du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent=Mozilla/4.0 (compatible; MSIE; Win32)
Log: Activity: COM+.log (Sauver le fichier, nothing done)
C:\WINNT\COM+.log
Log: Activity: imsins.log (Sauver le fichier, nothing done)
C:\WINNT\imsins.log
Log: Activity: mmdet.log (Sauver le fichier, nothing done)
C:\WINNT\mmdet.log
Log: Activity: ModemDet.txt (Sauver le fichier, nothing done)
C:\WINNT\ModemDet.txt
Log: Activity: ntbtlog.txt (Sauver le fichier, nothing done)
C:\WINNT\ntbtlog.txt
Log: Activity: OEWABLog.txt (Sauver le fichier, nothing done)
C:\WINNT\OEWABLog.txt
Log: Activity: SchedLgU.Txt (Sauver le fichier, nothing done)
C:\WINNT\SchedLgU.Txt
Log: Install: Active Setup Log.txt (Sauver le fichier, nothing done)
C:\WINNT\Active Setup Log.txt
Log: Install: comsetup.log (Sauver le fichier, nothing done)
C:\WINNT\comsetup.log
Log: Install: Directx.log (Sauver le fichier, nothing done)
C:\WINNT\Directx.log
Log: Install: DtcInstall.log (Sauver le fichier, nothing done)
C:\WINNT\DtcInstall.log
Log: Install: iis5.log (Sauver le fichier, nothing done)
C:\WINNT\iis5.log
Log: Install: ocgen.log (Sauver le fichier, nothing done)
C:\WINNT\ocgen.log
Log: Install: ockodak.log (Sauver le fichier, nothing done)
C:\WINNT\ockodak.log
Log: Install: setupact.log (Sauver le fichier, nothing done)
C:\WINNT\setupact.log
Log: Install: setupapi.log (Sauver le fichier, nothing done)
C:\WINNT\setupapi.log
Log: Install: setuperr.log (Sauver le fichier, nothing done)
C:\WINNT\setuperr.log
Log: Install: setuplog.txt (Sauver le fichier, nothing done)
C:\WINNT\setuplog.txt
Log: Install: svcpack.log (Sauver le fichier, nothing done)
C:\WINNT\svcpack.log
Log: Install: wmsetup.log (Sauver le fichier, nothing done)
C:\WINNT\wmsetup.log
Log: Shutdown: System32\wbem\logs\mofcomp.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\mofcomp.log
Log: Shutdown: System32\wbem\logs\wbemcore.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\wbemcore.log
Log: Shutdown: System32\wbem\logs\wbemess.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\wbemess.log
Log: Shutdown: System32\wbem\logs\wbemsnmp.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\wbemsnmp.log
Log: Shutdown: System32\wbem\logs\winmgmt.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\winmgmt.log
Log: Shutdown: System32\wbem\logs\wmiadap.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\wmiadap.log
Log: Shutdown: System32\wbem\logs\wmiprov.log (Sauver le fichier, nothing done)
C:\WINNT\System32\wbem\logs\wmiprov.log
MS DirectDraw: Most recent application (Modification du registre, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name=
MS DirectInput: Most recent application (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name=
MS DirectInput: Most recent application ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id=
MS Imaging: Recent file list ( (2 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Kodak\Imaging\Recent File List
MS Media Player: Application data file ( ()) (Fichier, nothing done)
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\wmplibrary_v_0_12.db
MS Media Player: Application data file ( ()) (Fichier, nothing done)
C:\Documents and Settings\install\Application Data\Microsoft\Media Player\ActivePlaylist.dat
MS Media Player: Last opened playlist (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist
MS Media Player: Recent file list ( (7 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\MediaPlayer\Player\RecentFileList
MS Media Player: Recent open directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir=
MS Office 8.0 (Excel): Recent file list ( (9 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Office\8.0\Excel\Recent File List
MS Photo Editor: Recently used file #1 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastFile1
MS Photo Editor: Recently used file #2 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastFile2
MS Photo Editor: Recently used file #3 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastFile3
MS Photo Editor: Recently used file #4 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastFile4
MS Photo Editor: Recently used file type #1 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastType1
MS Photo Editor: Recently used file type #2 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastType2
MS Photo Editor: Recently used file type #3 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastType3
MS Photo Editor: Recently used file type #4 (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Photo Editor\3.0\Microsoft Photo Editor\LastType4
MS Regedit: Recent open key (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey=
Windows Explorer: File search history ( (9 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU
Windows Explorer: Last visited history ( (9 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Windows Explorer: Recent file global history (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recent file global history (Clé du registre, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: Recently opened files ( (101 links)) (Répertoire, nothing done)
C:\Documents and Settings\install\Recent
Windows Explorer: Stream history ( (200 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: Text in files search history ( (5 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\ContainingTextMRU
Windows Explorer: User Assistant history files ( (246 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: User Assistant history IE ( (61 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Media SDK: Computer name (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName=ComputerName
Windows Media SDK: Unique ID (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID={00000000-0000-0000-0000-000000000000}
Windows Media SDK: Volume serial number (Valeur du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows.OpenWith: Open with list - .ACE extension ( (2 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACE\OpenWithList
Windows.OpenWith: Open with list - .AVI extension ( (2 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: Open with list - .CSV extension ( (3 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
WinZip: Add files directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Nico Mak Computing\WinZip\directories\gzAddDir=
WinZip: Default directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Nico Mak Computing\WinZip\directories\zDefDir=
WinZip: Default directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Nico Mak Computing\WinZip\directories\DefDir=
WinZip: Destination directory (Modification du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Nico Mak Computing\WinZip\directories\gzExtractTo=
WinZip: Recent created file list ( (12 files)) (Clé du registre, nothing done)
HKEY_USERS\S-1-5-21-158733101-1845652611-1145446523-1001\Software\Nico Mak Computing\WinZip\filemenu
--- Spybot-S&D version: 1.2 ---
2003-11-05 Includes\Cookies.sbi
2003-10-27 Includes\Dialer.sbi
2003-12-17 Includes\Hijackers.sbi
2003-11-11 Includes\Keyloggers.sbi
2003-12-17 Includes\Malware.sbi
2003-03-16 Includes\plugin-ignore.ini
2003-11-05 Includes\Security.sbi
2003-12-17 Includes\Spybots.sbi
2003-03-16 Includes\Temporary.sbi
2003-11-27 Includes\Tracks.uti
2003-12-10 Includes\Trojans.sbi | |
| stin07bis$2004001 stin07bis
20/01 :: 22:23
Membre inscrit
| | salut, ton spybot est ben à jour??? parce que spybot repere le DSO que j'ai vu plus haut!! sinon le reste je m'aventure pas! je laisse cela aux admin!! salut | |
| melissa$ melissa
20/01 :: 22:32
Anonyme
| | J'ai finalement réussi avec Hijack this, peutêtre nous en apprendra t-il plus.
Merci encore pour les réponses ça fait du bien au moral et je sens que le bout du tunnel n'est pas loin.
Logfile of HijackThis v1.97.7
Scan saved at 23:23:13, on 20/01/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\CTSVCCDA.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\LANguard File Integrity Checker\CFService.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\SYSTEM32\THOTKEY.EXE
C:\Program Files\TOSHIBA\EMT3\Tmesbs3.exe
C:\Program Files\TOSHIBA\EMT3\Tmesrv3.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\WINNT\System32\TFNF5.exe
C:\WINNT\System32\TPWRTRAY.EXE
C:\Program Files\GMSoft\Dialers\Hot_nl\Hot_nl.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\Program Files\Fichiers communs\RTE\RTEGPRS.exe
C:\WINNT\System32\internat.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\GilSoftware\Web Multi Forfait\WMForfait.exe
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://super-spider.com/greg/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://super-spider.com/greg/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://super-spider.com/greg/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://super-spider.com/greg/hp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://super-spider.com/greg/sp.php
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://aifind.inf/?id=54
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = ,
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = ,
R1 - HKCU\Software\Microsoft\Internet Explorer,CustomizeSearch = ,
O2 - BHO: (no name) - {06849E9F-C 7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\EMT3\TMESRV3.EXE /Logon
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\EMT3\TMESBS3.EXE /logon
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [WinAuth] C:\WINNT\winlogon.exe
O4 - HKLM\..\Run: [Hot_nl] C:\Program Files\GMSoft\Dialers\Hot_nl\Hot_nl.exe /dontdial
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\RTE\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [QUOFBNAL] C:\WINNT\NQAERBP.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: WMForfait.lnk = C:\Program Files\GilSoftware\Web Multi Forfait\WMForfait.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9BF77229-35D7-42CC-C9-6999AFD99B38}: NameServer = 193.252.19.3,193.252.19.4
| |
| stin07bis$2004001 stin07bis
20/01 :: 22:41
Membre inscrit
| | c'est ben vre ca!!! t'a que quelques trucs a liquidés!! bonne chance , salut | |
Forum en lecture seule
|
|
