ouverture permanente et intempestives de pages internet
Dernière réponse : dans Sécurité
Salut
voila j'ai des pages qui passent leur temps a s'ouvrir toutes seules.c'est des pages dalerte de securité qui me propose de scanner mon pc puis plein de petite pub avec des emoticons et autre page de pubs diverse
jai fai un scan avec hijackthis
je mest le rapport
keske je doi faire ensuite pour regler mon probleme???
merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 10:45:32, on 23/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
C:\Program Files\Creative\SBLive2k\Program\CTAvTray.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Slim Multimedia Keyboard\OSD.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoEA] C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe "C:\Program Files\Creative\SBLive2k\AudioHQ\AHQ\CTAutoEA.ahq" 0
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Slim Multimedia Keyboard.lnk = C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka … nicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan … asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D05330E-50A0-44FA-8D70-B753314AE68A}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: H323TSP - C:\WINDOWS\system32\o8pqli7518.dll
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
voila j'ai des pages qui passent leur temps a s'ouvrir toutes seules.c'est des pages dalerte de securité qui me propose de scanner mon pc puis plein de petite pub avec des emoticons et autre page de pubs diverse
jai fai un scan avec hijackthis
je mest le rapport
keske je doi faire ensuite pour regler mon probleme???
merci d'avance
Logfile of HijackThis v1.99.1
Scan saved at 10:45:32, on 23/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
C:\Program Files\Creative\SBLive2k\Program\CTAvTray.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Slim Multimedia Keyboard\OSD.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoEA] C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe "C:\Program Files\Creative\SBLive2k\AudioHQ\AHQ\CTAutoEA.ahq" 0
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Slim Multimedia Keyboard.lnk = C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka … nicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan … asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D05330E-50A0-44FA-8D70-B753314AE68A}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: H323TSP - C:\WINDOWS\system32\o8pqli7518.dll
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
Autres pages sur : ouverture permanente intempestives pages internet
Lassé par la pub ? Créez un compte
Bonjour
Prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant ce fix. Regarde bien les trois petites notes au bas, avant de débuter.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7
* Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
* Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
* Coche Run this program as a task
* Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 10 seconds". Clique OK
* Il se relancera après les 10 secondes, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
* Lorsque le scan termine, clique sur le bouton Remove L2M
* Un message Done Scanning apparaîtra, clique OK.
* Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
* Ton PC va maintenant s'éteindre.
* Démarre ton PC normalement.
* Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt , ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
#Si Look2Me-Destroyer ne se relance pas automatiquement après les 10 secondes, redémarre et essaie à nouveau.
##Si tu reçois un message de ton parefeu que l'outil tente d'accéder à l'internet : accepte.
###Si un message runtime error '339' s'affiche : télécharge MSWINSCK.OCX du lien ci-bas, et place-le dans le dossier C:\Windows\System32.
http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX
Prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant ce fix. Regarde bien les trois petites notes au bas, avant de débuter.
Télécharge Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7
* Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
* Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
* Coche Run this program as a task
* Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 10 seconds". Clique OK
* Il se relancera après les 10 secondes, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
* Lorsque le scan termine, clique sur le bouton Remove L2M
* Un message Done Scanning apparaîtra, clique OK.
* Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
* Ton PC va maintenant s'éteindre.
* Démarre ton PC normalement.
* Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt , ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
#Si Look2Me-Destroyer ne se relance pas automatiquement après les 10 secondes, redémarre et essaie à nouveau.
##Si tu reçois un message de ton parefeu que l'outil tente d'accéder à l'internet : accepte.
###Si un message runtime error '339' s'affiche : télécharge MSWINSCK.OCX du lien ci-bas, et place-le dans le dossier C:\Windows\System32.
http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX
voila le rapport de look2me destroyer
Look2Me-Destroyer V1.0.11
Scanning for infected files.....
Scan started at 24/03/2006 13:27:20
Infected! C:\WINDOWS\system32\o8pqli7518.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006458.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006468.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007483.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007494.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007578.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007579.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007618.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007633.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP23\A0007781.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP25\A0007818.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007851.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007855.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP27\A0007900.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP29\A0007983.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP30\A0008038.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP32\A0008086.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008153.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008183.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008210.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008212.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP36\A0008260.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011081.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011203.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP42\A0011361.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP44\A0011477.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP53\A0011747.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP54\A0012003.dll
Infected! C:\WINDOWS\system32\e8200ifme82a0.dll
Infected! C:\WINDOWS\system32\gpj0l31m1.dll
Infected! C:\WINDOWS\system32\i6nm0g51e6.dll
Infected! C:\WINDOWS\system32\mvn8l95u1.dll
Infected! C:\WINDOWS\system32\o8pqli7518.dll
Infected! C:\WINDOWS\system32\qLsf.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\o8pqli7518.dll
C:\WINDOWS\system32\o8pqli7518.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006458.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006458.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006468.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006468.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007483.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007483.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007494.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007494.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007578.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007578.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007579.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007579.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007618.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007618.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007633.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007633.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP23\A0007781.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP23\A0007781.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP25\A0007818.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP25\A0007818.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007851.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007851.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007855.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007855.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP27\A0007900.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP27\A0007900.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP29\A0007983.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP29\A0007983.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP30\A0008038.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP30\A0008038.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP32\A0008086.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP32\A0008086.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008153.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008153.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008183.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008183.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008210.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008210.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008212.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008212.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP36\A0008260.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP36\A0008260.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011081.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011081.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011203.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011203.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP42\A0011361.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP42\A0011361.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP44\A0011477.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP44\A0011477.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP53\A0011747.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP53\A0011747.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP54\A0012003.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP54\A0012003.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\e8200ifme82a0.dll
C:\WINDOWS\system32\e8200ifme82a0.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\gpj0l31m1.dll
C:\WINDOWS\system32\gpj0l31m1.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\i6nm0g51e6.dll
C:\WINDOWS\system32\i6nm0g51e6.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\mvn8l95u1.dll
C:\WINDOWS\system32\mvn8l95u1.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\o8pqli7518.dll
C:\WINDOWS\system32\o8pqli7518.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\qLsf.dll
C:\WINDOWS\system32\qLsf.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\H323TSP
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{F73B4100-32B8-4027-9961-50E581AEB237}"
HKCR\Clsid\{F73B4100-32B8-4027-9961-50E581AEB237}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{D57E99C7-AEEC-47C4-AE1E-DBA93FEEC174}"
HKCR\Clsid\{D57E99C7-AEEC-47C4-AE1E-DBA93FEEC174}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
Look2Me-Destroyer V1.0.11
Scanning for infected files.....
Scan started at 24/03/2006 13:27:20
Infected! C:\WINDOWS\system32\o8pqli7518.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006458.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006468.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007483.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007494.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007578.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007579.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007618.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007633.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP23\A0007781.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP25\A0007818.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007851.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007855.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP27\A0007900.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP29\A0007983.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP30\A0008038.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP32\A0008086.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008153.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008183.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008210.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008212.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP36\A0008260.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011081.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011203.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP42\A0011361.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP44\A0011477.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP53\A0011747.dll
Infected! C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP54\A0012003.dll
Infected! C:\WINDOWS\system32\e8200ifme82a0.dll
Infected! C:\WINDOWS\system32\gpj0l31m1.dll
Infected! C:\WINDOWS\system32\i6nm0g51e6.dll
Infected! C:\WINDOWS\system32\mvn8l95u1.dll
Infected! C:\WINDOWS\system32\o8pqli7518.dll
Infected! C:\WINDOWS\system32\qLsf.dll
Attempting to delete infected files...
Attempting to delete: C:\WINDOWS\system32\o8pqli7518.dll
C:\WINDOWS\system32\o8pqli7518.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006458.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006458.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006468.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0006468.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007483.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007483.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007494.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP20\A0007494.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007578.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007578.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007579.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP21\A0007579.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007618.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007618.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007633.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP22\A0007633.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP23\A0007781.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP23\A0007781.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP25\A0007818.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP25\A0007818.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007851.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007851.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007855.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP26\A0007855.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP27\A0007900.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP27\A0007900.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP29\A0007983.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP29\A0007983.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP30\A0008038.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP30\A0008038.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP32\A0008086.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP32\A0008086.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008153.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008153.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008183.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP33\A0008183.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008210.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008210.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008212.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP35\A0008212.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP36\A0008260.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP36\A0008260.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011081.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011081.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011203.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP37\A0011203.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP42\A0011361.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP42\A0011361.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP44\A0011477.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP44\A0011477.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP53\A0011747.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP53\A0011747.dll Deleted successfully!
Attempting to delete: C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP54\A0012003.dll
C:\System Volume Information\_restore{D1BBD2C0-ABF0-445A-A2A6-1177BB47930B}\RP54\A0012003.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\e8200ifme82a0.dll
C:\WINDOWS\system32\e8200ifme82a0.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\gpj0l31m1.dll
C:\WINDOWS\system32\gpj0l31m1.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\i6nm0g51e6.dll
C:\WINDOWS\system32\i6nm0g51e6.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\mvn8l95u1.dll
C:\WINDOWS\system32\mvn8l95u1.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\o8pqli7518.dll
C:\WINDOWS\system32\o8pqli7518.dll Deleted successfully!
Attempting to delete: C:\WINDOWS\system32\qLsf.dll
C:\WINDOWS\system32\qLsf.dll Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\H323TSP
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{F73B4100-32B8-4027-9961-50E581AEB237}"
HKCR\Clsid\{F73B4100-32B8-4027-9961-50E581AEB237}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{D57E99C7-AEEC-47C4-AE1E-DBA93FEEC174}"
HKCR\Clsid\{D57E99C7-AEEC-47C4-AE1E-DBA93FEEC174}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administrateurs - Succeeded
et celui de hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 13:33:24, on 24/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Slim Multimedia Keyboard\OSD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoEA] C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe "C:\Program Files\Creative\SBLive2k\AudioHQ\AHQ\CTAutoEA.ahq" 0
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Slim Multimedia Keyboard.lnk = C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B038A6C8-441B-11D4-BD8F-000021E2C68B} (ICFViewer Control) - http://www.rapidform.com/english/icfviewer/bin/icfviewe...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D05330E-50A0-44FA-8D70-B753314AE68A}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
Logfile of HijackThis v1.99.1
Scan saved at 13:33:24, on 24/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Slim Multimedia Keyboard\OSD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AutoEA] C:\Program Files\Creative\SBLive2k\AudioHQ\ahqrun.exe "C:\Program Files\Creative\SBLive2k\AudioHQ\AHQ\CTAutoEA.ahq" 0
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Slim Multimedia Keyboard.lnk = C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {B038A6C8-441B-11D4-BD8F-000021E2C68B} (ICFViewer Control) - http://www.rapidform.com/english/icfviewer/bin/icfviewe...
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D05330E-50A0-44FA-8D70-B753314AE68A}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
Salut,
1/ Télécharge SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe-le sur le Bureau.
Télécharge, installe et mets à jour ewido
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici
3/ Redémarre en mode sans échec
Redémarre l'ordinateur. Après les écritures du BIOS, appuies sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.
Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).
Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience.
Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question
Sauvegarde le rapport.
4/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
5/ Redémarre normalement et poste le 2ème rapport de SmitfraudFix, le rapport d'Ewido et un nouveau Log HJT
1/ Télécharge SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Dézippe-le sur le Bureau.
Télécharge, installe et mets à jour ewido
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Ouvre le dossier SmitfraudFix et lance SmitfraudFix.cmd
Choisis l'option 1 (Recherche)
Poste le rapport ici
3/ Redémarre en mode sans échec
Redémarre l'ordinateur. Après les écritures du BIOS, appuies sur F8 (ou F5 si F8 marche pas) pour arriver à un menu avec des écritures blanches sur un fond noir.
Dans ce menu, tu dois pouvoir choisir le mode sans échec (celà se passe avec les flèches et Entrée pour valider).
Le démarrage en mode sans échec est souvent relativement long. Si tu as des écritures blanches bizarres, ne t'inquiètes pas.
Prend juste ton mal en patience.
Relance SmitfraudFix et choisis cette fois l’option 2 et réponds oui à chaque question
Sauvegarde le rapport.
4/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
5/ Redémarre normalement et poste le 2ème rapport de SmitfraudFix, le rapport d'Ewido et un nouveau Log HJT
Lassé par la pub ? Créez un compte
