VIRUS SUR PC
Résolu
jesaistjrspas
Messages postés
58
Statut
Membre
-
jesaistjrspas Messages postés 58 Statut Membre -
jesaistjrspas Messages postés 58 Statut Membre -
Bonjour et bonnée année !!
Je viens vers vous car l'ordinateur de mon fils a été infesté (mis a jour Antivir bloquer, harcelement d'un antivirus 2009 payant, accès qu'à certain site....). A mon niveau, j'ai pu réactiver Antivir et débloquer son navigateur.
Pourriez-vous vérifier ce log Hijack
Merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:21:58, on 23/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
C:\Program Files\Seekeen\seekeen.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1208587
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: My.Freeze.com Toolbar - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{84DDCE1E-8168-4098-B3AF-A0D4B2E6E8BE}: NameServer = 80.10.246.1,80.10.246.132
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Seekeen Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Je viens vers vous car l'ordinateur de mon fils a été infesté (mis a jour Antivir bloquer, harcelement d'un antivirus 2009 payant, accès qu'à certain site....). A mon niveau, j'ai pu réactiver Antivir et débloquer son navigateur.
Pourriez-vous vérifier ce log Hijack
Merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:21:58, on 23/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
C:\Program Files\Seekeen\seekeen.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1208587
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: My.Freeze.com Toolbar - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{84DDCE1E-8168-4098-B3AF-A0D4B2E6E8BE}: NameServer = 80.10.246.1,80.10.246.132
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Seekeen Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- VIRUS SUR PC
- Télécharger musique gratuitement sur pc - Télécharger - Conversion & Extraction
- Reinitialiser pc - Guide
- Pc lent - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Lire epub sur pc - Guide
42 réponses
voici le rapport OTMoveIt
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd36797a-70f3-4acd-8825-623d3b896881}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{cd36797a-70f3-4acd-8825-623d3b896881}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.
========== FILES ==========
C:\Program Files\securedie moved successfully.
File/Folder c:\documents and settings\Utilisateur\Application Data\eoRezo not found.
File/Folder C:\Program Files\EoRezo not found.
File/Folder C:\WINDOWS\system32\order.txt not found.
File/Folder C:\WINDOWS\system32\results.txt not found.
========== COMMANDS ==========
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01272009_185836
et le rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:58, on 27/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Seekeen\seekeen.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: My.Freeze.com Toolbar - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IgfxSys] rundll32.exe "C:\WINDOWS\Drivers\IgfxSys.dll",StartProtector
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{84DDCE1E-8168-4098-B3AF-A0D4B2E6E8BE}: NameServer = 80.10.246.1,80.10.246.132
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Seekeen Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd36797a-70f3-4acd-8825-623d3b896881}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{cd36797a-70f3-4acd-8825-623d3b896881}\\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.
========== FILES ==========
C:\Program Files\securedie moved successfully.
File/Folder c:\documents and settings\Utilisateur\Application Data\eoRezo not found.
File/Folder C:\Program Files\EoRezo not found.
File/Folder C:\WINDOWS\system32\order.txt not found.
File/Folder C:\WINDOWS\system32\results.txt not found.
========== COMMANDS ==========
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01272009_185836
et le rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:58, on 27/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLITEC\Moniteur WiFi OLITEC\Moniteur WiFi OLITEC.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Seekeen\seekeen.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HJT.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: Peer2Peer-FR Toolbar - {b00f3d7d-ecad-4a3b-bcf7-ba5fc1fd0f8d} - C:\Program Files\Peer2Peer-FR\tbPee0.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: My.Freeze.com Toolbar - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_int.dll
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IgfxSys] rundll32.exe "C:\WINDOWS\Drivers\IgfxSys.dll",StartProtector
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Moniteur WiFi OLITEC.exe.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{84DDCE1E-8168-4098-B3AF-A0D4B2E6E8BE}: NameServer = 80.10.246.1,80.10.246.132
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Seekeen Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Citation : Sinon lorsque j'ai utilisé Flash Desinfector celui-çi a été reconnu infecté par antivir. Est-ce normal ?
Oui, c'est normal. dans ce cas, tu désactives Antivir le temps du scan avec FlashDesinfector.
1) Lance Hijackthis et tu choisis " Do a system scan only ".
Tu sélectionnes les lignes suivantes :
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
Tu choisis l'option " Fixchecked" en bas de la page.
2) Tu vas sur le site de VirusTotal et tu vas pouvoir analyser les deux fichiers.
https://www.virustotal.com/gui/
Copiez successivement les chemins indiqués ci-dessous et les coller dans la zone à analyser.
Tu cliques ensuite sur envoyer le fichier.
Tu postes les rapports des analyses ( pour cela, tu sélectionnes la zone de résultat --> click droit --> copier )
Chemin :
C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
c:\windows\system32\drivers\rhvnaq.sys
A+
Oui, c'est normal. dans ce cas, tu désactives Antivir le temps du scan avec FlashDesinfector.
1) Lance Hijackthis et tu choisis " Do a system scan only ".
Tu sélectionnes les lignes suivantes :
R3 - URLSearchHook: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O2 - BHO: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
O3 - Toolbar: securedie Toolbar - {cd36797a-70f3-4acd-8825-623d3b896881} - C:\Program Files\securedie\tbsecu.dll (file missing)
Tu choisis l'option " Fixchecked" en bas de la page.
2) Tu vas sur le site de VirusTotal et tu vas pouvoir analyser les deux fichiers.
https://www.virustotal.com/gui/
Copiez successivement les chemins indiqués ci-dessous et les coller dans la zone à analyser.
Tu cliques ensuite sur envoyer le fichier.
Tu postes les rapports des analyses ( pour cela, tu sélectionnes la zone de résultat --> click droit --> copier )
Chemin :
C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe
c:\windows\system32\drivers\rhvnaq.sys
A+
en ce qui concerne l'analyse de "C:\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe "
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.27 BHO.Win32.OneStepSearch!IK
AhnLab-V3 5.0.0.2 2009.01.26 -
AntiVir 7.9.0.60 2009.01.27 -
Authentium 5.1.0.4 2009.01.26 -
Avast 4.8.1281.0 2009.01.27 Win32:Adware-gen
AVG 8.0.0.229 2009.01.27 -
BitDefender 7.2 2009.01.27 -
CAT-QuickHeal 10.00 2009.01.27 -
ClamAV 0.94.1 2009.01.27 -
Comodo 948 2009.01.27 -
DrWeb 4.44.0.09170 2009.01.27 -
eSafe 7.0.17.0 2009.01.27 -
eTrust-Vet 31.6.6329 2009.01.27 -
F-Prot 4.4.4.56 2009.01.26 -
F-Secure 8.0.14470.0 2009.01.27 -
Fortinet 3.117.0.0 2009.01.27 -
GData 19 2009.01.27 Win32:Adware-gen
Ikarus T3.1.1.45.0 2009.01.27 BHO.Win32.OneStepSearch
K7AntiVirus 7.10.607 2009.01.27 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.01.27 -
McAfee 5507 2009.01.26 -
McAfee+Artemis 5507 2009.01.26 -
Microsoft 1.4205 2009.01.27 BrowserModifier:Win32/OneStepSearch
NOD32 3804 2009.01.27 a variant of Win32/Adware.OneStep
Norman 5.93.01 2009.01.27 Onestep.A
nProtect 2009.1.8.0 2009.01.27 Trojan-Clicker/W32.OneStep.4608.C
Panda 9.5.1.2 2009.01.27 -
PCTools 4.4.2.0 2009.01.27 -
Prevx1 V2 2009.01.27 Cloaked Malware
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.27 Ad-Spyware.LooksLike.OneStep
Sophos 4.37.0 2009.01.27 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.27 Adware.OneStep
TheHacker 6.3.1.5.229 2009.01.26 -
TrendMicro 8.700.0.1004 2009.01.27 -
VBA32 3.12.8.11 2009.01.27 AdWare.Win32.OneStep.mb
ViRobot 2009.1.23.1577 2009.01.26 -
VirusBuster 4.5.11.0 2009.01.27 -
Information additionnelle
File size: 4608 bytes
MD5...: aad02b6cf9e72767ee77ef7a68d8d8f4
SHA1..: 3283bf9920cc5a6c833f3a29c0476352ba1dca9e
SHA256: e1a9954b4c9875010d61e86e8664af2fe8bb094474d807cdd04c047244c3edeb
SHA512: fad877441de921ffb350e9065bec9c99cc1a7b7df759aa0124ec74308f9e88dc
878d60b3ffdfacf12b606f5ec550cd45fc4f9007fb0efd9642550de9a8df6fc2
ssdeep: 48:a5nfEE/c/9WlA/jYniUWFJfiTnls85/YUGUwisiBcJPJ:VE/c/9WlA/jYzzD/
YUPwkyJ
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x496cf926 (Tue Jan 13 20:27:18 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x6dc 0x800 5.06 b910a1ac93cea622b69041fa1c25defa
.rdata 0x2000 0x1b4 0x200 4.12 fc1cc58abf6a45141c358d40e78c2f7b
.data 0x3000 0x3b0 0x200 2.81 d077d91fe04e2542835aa5d71ed4b42e
.rsrc 0x4000 0x10 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b
( 2 imports )
> SHLWAPI.dll: StrToIntA
> KERNEL32.dll: GetFileSize, lstrcpynA, CloseHandle, CreateFileA, CreateFileMappingA, ExitProcess, FlushViewOfFile, GetCommandLineA, GetProcAddress, GetSystemTime, LoadLibraryA, MapViewOfFile, UnmapViewOfFile
( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=83C7A8A800ABCBFF124B00952652F0001A3BA6C0' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=83C7A8A800ABCBFF124B00952652F0001A3BA6C0</a>
et pour c:\windows\system32\drivers\rhvnaq.sys, je n'ai pas ce type de fichier.
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.27 BHO.Win32.OneStepSearch!IK
AhnLab-V3 5.0.0.2 2009.01.26 -
AntiVir 7.9.0.60 2009.01.27 -
Authentium 5.1.0.4 2009.01.26 -
Avast 4.8.1281.0 2009.01.27 Win32:Adware-gen
AVG 8.0.0.229 2009.01.27 -
BitDefender 7.2 2009.01.27 -
CAT-QuickHeal 10.00 2009.01.27 -
ClamAV 0.94.1 2009.01.27 -
Comodo 948 2009.01.27 -
DrWeb 4.44.0.09170 2009.01.27 -
eSafe 7.0.17.0 2009.01.27 -
eTrust-Vet 31.6.6329 2009.01.27 -
F-Prot 4.4.4.56 2009.01.26 -
F-Secure 8.0.14470.0 2009.01.27 -
Fortinet 3.117.0.0 2009.01.27 -
GData 19 2009.01.27 Win32:Adware-gen
Ikarus T3.1.1.45.0 2009.01.27 BHO.Win32.OneStepSearch
K7AntiVirus 7.10.607 2009.01.27 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.01.27 -
McAfee 5507 2009.01.26 -
McAfee+Artemis 5507 2009.01.26 -
Microsoft 1.4205 2009.01.27 BrowserModifier:Win32/OneStepSearch
NOD32 3804 2009.01.27 a variant of Win32/Adware.OneStep
Norman 5.93.01 2009.01.27 Onestep.A
nProtect 2009.1.8.0 2009.01.27 Trojan-Clicker/W32.OneStep.4608.C
Panda 9.5.1.2 2009.01.27 -
PCTools 4.4.2.0 2009.01.27 -
Prevx1 V2 2009.01.27 Cloaked Malware
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.27 Ad-Spyware.LooksLike.OneStep
Sophos 4.37.0 2009.01.27 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.27 Adware.OneStep
TheHacker 6.3.1.5.229 2009.01.26 -
TrendMicro 8.700.0.1004 2009.01.27 -
VBA32 3.12.8.11 2009.01.27 AdWare.Win32.OneStep.mb
ViRobot 2009.1.23.1577 2009.01.26 -
VirusBuster 4.5.11.0 2009.01.27 -
Information additionnelle
File size: 4608 bytes
MD5...: aad02b6cf9e72767ee77ef7a68d8d8f4
SHA1..: 3283bf9920cc5a6c833f3a29c0476352ba1dca9e
SHA256: e1a9954b4c9875010d61e86e8664af2fe8bb094474d807cdd04c047244c3edeb
SHA512: fad877441de921ffb350e9065bec9c99cc1a7b7df759aa0124ec74308f9e88dc
878d60b3ffdfacf12b606f5ec550cd45fc4f9007fb0efd9642550de9a8df6fc2
ssdeep: 48:a5nfEE/c/9WlA/jYniUWFJfiTnls85/YUGUwisiBcJPJ:VE/c/9WlA/jYzzD/
YUPwkyJ
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x496cf926 (Tue Jan 13 20:27:18 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x6dc 0x800 5.06 b910a1ac93cea622b69041fa1c25defa
.rdata 0x2000 0x1b4 0x200 4.12 fc1cc58abf6a45141c358d40e78c2f7b
.data 0x3000 0x3b0 0x200 2.81 d077d91fe04e2542835aa5d71ed4b42e
.rsrc 0x4000 0x10 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b
( 2 imports )
> SHLWAPI.dll: StrToIntA
> KERNEL32.dll: GetFileSize, lstrcpynA, CloseHandle, CreateFileA, CreateFileMappingA, ExitProcess, FlushViewOfFile, GetCommandLineA, GetProcAddress, GetSystemTime, LoadLibraryA, MapViewOfFile, UnmapViewOfFile
( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=83C7A8A800ABCBFF124B00952652F0001A3BA6C0' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=83C7A8A800ABCBFF124B00952652F0001A3BA6C0</a>
et pour c:\windows\system32\drivers\rhvnaq.sys, je n'ai pas ce type de fichier.
Oups, désolé,
Je n'avais pas remarqué la dernière ligne du rapport sur le fichier manquant.
J'attendais le deuxième rapport.
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste Instructions for Items to be Moved.
:Processes
explorer.exe
:Services
Seekeen Service
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Seekeen]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Security]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Enum]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Security]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Enum]
:Files
C:\Documents and Settings\All Users\Application Data\Seekeen
:Commands
[emptytemp]
[Reboot]
clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Ton ordinateur va redémarrer pour supprimer les fichiers.
Poste le rapport qui s'ouvrira après le redémarrage.
Sinon,il est situé dans C:\_OTMoveIt\MovedFiles. ( fichier .log )
A+
Je n'avais pas remarqué la dernière ligne du rapport sur le fichier manquant.
J'attendais le deuxième rapport.
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste Instructions for Items to be Moved.
:Processes
explorer.exe
:Services
Seekeen Service
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Seekeen]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Security]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Enum]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Security]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Enum]
:Files
C:\Documents and Settings\All Users\Application Data\Seekeen
:Commands
[emptytemp]
[Reboot]
clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Ton ordinateur va redémarrer pour supprimer les fichiers.
Poste le rapport qui s'ouvrira après le redémarrage.
Sinon,il est situé dans C:\_OTMoveIt\MovedFiles. ( fichier .log )
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
je te communique le nouveau rapport de OTMoveIt3
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service Seekeen Service stopped successfully.
Service Seekeen Service deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Seekeen\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control\\ not found.
Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\\ .
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Security\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Enum\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Security\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Enum\\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\Seekeen moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\etilqs_B16Bg89N1x4Ok1r9nkEQ scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_290.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT03455.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT0345b.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01292009_103327
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service Seekeen Service stopped successfully.
Service Seekeen Service deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Seekeen\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control\\ not found.
Unable to delete registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\\ .
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Security\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Seekeen Service\Enum\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SEEKEEN_SERVICE\0000\Control\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Security\\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Seekeen Service\Enum\\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\Seekeen moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\etilqs_B16Bg89N1x4Ok1r9nkEQ scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_290.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT03455.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT0345b.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Mozilla\Firefox\Profiles\ngt45vzo.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01292009_103327
Va voir dans ajout/Supp de programmes si elle est présente dans la liste.
Désinstalle-la dans ce cas.
Sinon, je la supprimerais.
A+
Désinstalle-la dans ce cas.
Sinon, je la supprimerais.
A+
Une dernière vérification : Le scan en ligne sur le site de nod32
https://www.eset.com/
Uniquement pour IE.
Installe l'activeX ( en dessous de la barre de liens )
puis cliquer sur scan pour le lancer.
A la fin du scan clique sur Remove Found Threats ( --> suprime la sélection )
A la fin, colle le rapport ; il se trouve en : C:\Program Files\EsetOnlineScanner\log.txt
A+
https://www.eset.com/
Uniquement pour IE.
Installe l'activeX ( en dessous de la barre de liens )
puis cliquer sur scan pour le lancer.
A la fin du scan clique sur Remove Found Threats ( --> suprime la sélection )
A la fin, colle le rapport ; il se trouve en : C:\Program Files\EsetOnlineScanner\log.txt
A+
Bonjour,
Je ne peux lancer IE, iexplore.exe se ferme avec ce rapport d'erreurs:
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="iexplore.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="hmmapi.dll" SIZE="38912" CHECKSUM="0x3D8DE311" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Microsoft HTTP Mail Simple MAPI" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="HMMAPI.DLL" INTERNAL_NAME="HMMAPI" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE3EC" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:36" UPTO_LINK_DATE="04/14/2008 02:31:36" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="iedw.exe" SIZE="18432" CHECKSUM="0x30FEED5F" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="IE Crash Detection" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="iedw.exe" INTERNAL_NAME="iedw.exe" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF52F" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/13/2008 18:34:47" UPTO_LINK_DATE="04/13/2008 18:34:47" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="iexplore.exe" SIZE="832512" CHECKSUM="0x48DC9A5" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Internet Explorer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="IEXPLORE.EXE" INTERNAL_NAME="iexplore" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD17D6" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:34:13" UPTO_LINK_DATE="04/13/2008 18:34:13" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn.dll" SIZE="61440" CHECKSUM="0x8C20B461" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwconn.dll" INTERNAL_NAME="icwconn" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1949B" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:36" UPTO_LINK_DATE="04/14/2008 02:31:36" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn1.exe" SIZE="218624" CHECKSUM="0x84D8B68B" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwconn1.exe" INTERNAL_NAME="icwconn1" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x42096" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:35" UPTO_LINK_DATE="04/13/2008 18:31:35" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn2.exe" SIZE="86016" CHECKSUM="0x5A085B13" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="ICWCONN2.EXE" INTERNAL_NAME="ICWCONN2" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x16652" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:39" UPTO_LINK_DATE="04/13/2008 18:31:39" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwdl.dll" SIZE="32768" CHECKSUM="0xB66242F5" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Téléchargement multipartie MIME du service Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="ICWDL.DLL" INTERNAL_NAME="ICWDL" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x84ED" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:38" UPTO_LINK_DATE="04/14/2008 02:31:38" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwhelp.dll" SIZE="176128" CHECKSUM="0x288E9C88" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Fonctions de l'application d'assistance de l'Assistant Connexion Internet." COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwhelp.dll" INTERNAL_NAME="icwhelp" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x32452" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:39" UPTO_LINK_DATE="04/14/2008 02:31:39" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwres.dll" SIZE="65536" CHECKSUM="0x47F8A8C3" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwres.dll" INTERNAL_NAME="icwres" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x162CC" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/23/2001 16:46:01" UPTO_LINK_DATE="08/23/2001 16:46:01" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwrmind.exe" SIZE="24576" CHECKSUM="0x54D34B7A" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Rappel Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="ICWRMIND.EXE" INTERNAL_NAME="ICWRMIND" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1235A" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:25" UPTO_LINK_DATE="04/13/2008 18:31:25" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwtutor.exe" SIZE="73728" CHECKSUM="0xE7916B08" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwtutor.exe" INTERNAL_NAME="icwtutor" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x17C0E" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:49:08" UPTO_LINK_DATE="08/17/2001 20:49:08" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwutil.dll" SIZE="49152" CHECKSUM="0x628E941C" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwutil.dll" INTERNAL_NAME="icwutil" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x136B3" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:41" UPTO_LINK_DATE="04/14/2008 02:31:41" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\inetwiz.exe" SIZE="20480" CHECKSUM="0xF311E566" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="INETWIZ.EXE" INTERNAL_NAME="INETWIZ" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x13204" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:41" UPTO_LINK_DATE="04/13/2008 18:31:41" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\isignup.exe" SIZE="16384" CHECKSUM="0x2A95232D" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Signup" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="ISIGNUP.EXE" INTERNAL_NAME="ISIGNUP" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAD94" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:48:46" UPTO_LINK_DATE="08/17/2001 20:48:46" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\trialoc.dll" SIZE="40960" CHECKSUM="0x86999B46" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard Trial Reminder Helper" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="trialoc.dll" INTERNAL_NAME="trialoc" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAF8D" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/23/2001 16:46:42" UPTO_LINK_DATE="08/23/2001 16:46:42" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="MUI\0409\mscorier.dll" SIZE="150016" CHECKSUM="0x474583EB" BIN_FILE_VERSION="2.0.50727.42" BIN_PRODUCT_VERSION="2.0.50727.42" PRODUCT_VERSION="2.0.50727.42" FILE_DESCRIPTION="Ressources IE du runtime Microsoft .NET" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® .NET Framework" FILE_VERSION="2.0.50727.42 (RTM.050727-4200)" ORIGINAL_FILENAME="mscorier.dll" INTERNAL_NAME="mscorier.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x29FD4" LINKER_VERSION="0x80000" UPTO_BIN_FILE_VERSION="2.0.50727.42" UPTO_BIN_PRODUCT_VERSION="2.0.50727.42" LINK_DATE="09/23/2005 07:14:22" UPTO_LINK_DATE="09/23/2005 07:14:22" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="MUI\040C\mscorier.dll" SIZE="16896" CHECKSUM="0xCA915362" BIN_FILE_VERSION="1.1.4322.573" BIN_PRODUCT_VERSION="1.1.4322.573" PRODUCT_VERSION="1.1.4322.573" FILE_DESCRIPTION="Microsoft .NET Runtime IE resources" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft .NET Framework" FILE_VERSION="1.1.4322.573" ORIGINAL_FILENAME="mscorier.dll" INTERNAL_NAME="MSCORIER.DLL" LEGAL_COPYRIGHT="Copyright © Microsoft Corporation 1998-2002. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1388C" LINKER_VERSION="0x50000" UPTO_BIN_FILE_VERSION="1.1.4322.573" UPTO_BIN_PRODUCT_VERSION="1.1.4322.573" LINK_DATE="02/21/2003 02:43:37" UPTO_LINK_DATE="02/21/2003 02:43:37" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\nppdf32.dll" SIZE="133376" CHECKSUM="0x4906ED95" BIN_FILE_VERSION="6.0.0.878" BIN_PRODUCT_VERSION="6.0.0.878" PRODUCT_VERSION="6.0.0.2003051500" FILE_DESCRIPTION="Adobe Acrobat Plug-In Version 6.00 for Netscape" COMPANY_NAME="Adobe Systems Inc." PRODUCT_NAME="Adobe Acrobat" FILE_VERSION="6.0.0.2003051500" ORIGINAL_FILENAME="NPPDF32.DLL" LEGAL_COPYRIGHT="Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x28D49" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="6.0.0.878" UPTO_BIN_PRODUCT_VERSION="6.0.0.878" LINK_DATE="05/15/2003 08:01:47" UPTO_LINK_DATE="05/15/2003 08:01:47" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
</EXE>
<EXE NAME="MSVCR80.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="msvcr80.dll" SIZE="626688" CHECKSUM="0x6923D5B9" BIN_FILE_VERSION="8.0.50727.762" BIN_PRODUCT_VERSION="8.0.50727.762" PRODUCT_VERSION="8.00.50727.762" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2005" FILE_VERSION="8.00.50727.762" ORIGINAL_FILENAME="MSVCR80.DLL" INTERNAL_NAME="MSVCR80.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA1D19" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="8.0.50727.762" UPTO_BIN_PRODUCT_VERSION="8.0.50727.762" LINK_DATE="12/02/2006 06:50:32" UPTO_LINK_DATE="12/02/2006 06:50:32" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="1054720" CHECKSUM="0x98676D5" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="DLL du client API BASE Windows NT" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2111)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1049F8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 02:33:02" UPTO_LINK_DATE="04/14/2008 02:33:02" VER_LANGUAGE="Français (France) [0x40c]" />
</EXE>
</DATABASE>
Je ne peux lancer IE, iexplore.exe se ferme avec ce rapport d'erreurs:
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="iexplore.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="hmmapi.dll" SIZE="38912" CHECKSUM="0x3D8DE311" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Microsoft HTTP Mail Simple MAPI" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="HMMAPI.DLL" INTERNAL_NAME="HMMAPI" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE3EC" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:36" UPTO_LINK_DATE="04/14/2008 02:31:36" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="iedw.exe" SIZE="18432" CHECKSUM="0x30FEED5F" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="IE Crash Detection" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="iedw.exe" INTERNAL_NAME="iedw.exe" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF52F" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/13/2008 18:34:47" UPTO_LINK_DATE="04/13/2008 18:34:47" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="iexplore.exe" SIZE="832512" CHECKSUM="0x48DC9A5" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Internet Explorer" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="IEXPLORE.EXE" INTERNAL_NAME="iexplore" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD17D6" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:34:13" UPTO_LINK_DATE="04/13/2008 18:34:13" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn.dll" SIZE="61440" CHECKSUM="0x8C20B461" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Internet Connection Wizard" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwconn.dll" INTERNAL_NAME="icwconn" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1949B" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:36" UPTO_LINK_DATE="04/14/2008 02:31:36" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn1.exe" SIZE="218624" CHECKSUM="0x84D8B68B" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwconn1.exe" INTERNAL_NAME="icwconn1" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x42096" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:35" UPTO_LINK_DATE="04/13/2008 18:31:35" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwconn2.exe" SIZE="86016" CHECKSUM="0x5A085B13" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="ICWCONN2.EXE" INTERNAL_NAME="ICWCONN2" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x16652" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:39" UPTO_LINK_DATE="04/13/2008 18:31:39" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwdl.dll" SIZE="32768" CHECKSUM="0xB66242F5" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Téléchargement multipartie MIME du service Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="ICWDL.DLL" INTERNAL_NAME="ICWDL" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x84ED" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:38" UPTO_LINK_DATE="04/14/2008 02:31:38" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwhelp.dll" SIZE="176128" CHECKSUM="0x288E9C88" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Fonctions de l'application d'assistance de l'Assistant Connexion Internet." COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwhelp.dll" INTERNAL_NAME="icwhelp" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x32452" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:39" UPTO_LINK_DATE="04/14/2008 02:31:39" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwres.dll" SIZE="65536" CHECKSUM="0x47F8A8C3" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwres.dll" INTERNAL_NAME="icwres" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x162CC" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/23/2001 16:46:01" UPTO_LINK_DATE="08/23/2001 16:46:01" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwrmind.exe" SIZE="24576" CHECKSUM="0x54D34B7A" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Rappel Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="ICWRMIND.EXE" INTERNAL_NAME="ICWRMIND" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1235A" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:25" UPTO_LINK_DATE="04/13/2008 18:31:25" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwtutor.exe" SIZE="73728" CHECKSUM="0xE7916B08" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="icwtutor.exe" INTERNAL_NAME="icwtutor" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x17C0E" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:49:08" UPTO_LINK_DATE="08/17/2001 20:49:08" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\icwutil.dll" SIZE="49152" CHECKSUM="0x628E941C" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="icwutil.dll" INTERNAL_NAME="icwutil" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x136B3" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/14/2008 02:31:41" UPTO_LINK_DATE="04/14/2008 02:31:41" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\inetwiz.exe" SIZE="20480" CHECKSUM="0xF311E566" BIN_FILE_VERSION="6.0.2900.5512" BIN_PRODUCT_VERSION="6.0.2900.5512" PRODUCT_VERSION="6.00.2900.5512" FILE_DESCRIPTION="Assistant Connexion Internet" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="6.00.2900.5512 (xpsp.080413-2105)" ORIGINAL_FILENAME="INETWIZ.EXE" INTERNAL_NAME="INETWIZ" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x13204" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2900.5512" UPTO_BIN_PRODUCT_VERSION="6.0.2900.5512" LINK_DATE="04/13/2008 18:31:41" UPTO_LINK_DATE="04/13/2008 18:31:41" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="Connection Wizard\isignup.exe" SIZE="16384" CHECKSUM="0x2A95232D" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Signup" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="ISIGNUP.EXE" INTERNAL_NAME="ISIGNUP" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAD94" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/17/2001 20:48:46" UPTO_LINK_DATE="08/17/2001 20:48:46" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="Connection Wizard\trialoc.dll" SIZE="40960" CHECKSUM="0x86999B46" BIN_FILE_VERSION="6.0.2600.0" BIN_PRODUCT_VERSION="6.0.2600.0" PRODUCT_VERSION="6.00.2600.0000" FILE_DESCRIPTION="Internet Connection Wizard Trial Reminder Helper" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="6.00.2600.0000 (xpclient.010817-1148)" ORIGINAL_FILENAME="trialoc.dll" INTERNAL_NAME="trialoc" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xAF8D" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2600.0" UPTO_BIN_PRODUCT_VERSION="6.0.2600.0" LINK_DATE="08/23/2001 16:46:42" UPTO_LINK_DATE="08/23/2001 16:46:42" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="MUI\0409\mscorier.dll" SIZE="150016" CHECKSUM="0x474583EB" BIN_FILE_VERSION="2.0.50727.42" BIN_PRODUCT_VERSION="2.0.50727.42" PRODUCT_VERSION="2.0.50727.42" FILE_DESCRIPTION="Ressources IE du runtime Microsoft .NET" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® .NET Framework" FILE_VERSION="2.0.50727.42 (RTM.050727-4200)" ORIGINAL_FILENAME="mscorier.dll" INTERNAL_NAME="mscorier.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x29FD4" LINKER_VERSION="0x80000" UPTO_BIN_FILE_VERSION="2.0.50727.42" UPTO_BIN_PRODUCT_VERSION="2.0.50727.42" LINK_DATE="09/23/2005 07:14:22" UPTO_LINK_DATE="09/23/2005 07:14:22" VER_LANGUAGE="Français (France) [0x40c]" />
<MATCHING_FILE NAME="MUI\040C\mscorier.dll" SIZE="16896" CHECKSUM="0xCA915362" BIN_FILE_VERSION="1.1.4322.573" BIN_PRODUCT_VERSION="1.1.4322.573" PRODUCT_VERSION="1.1.4322.573" FILE_DESCRIPTION="Microsoft .NET Runtime IE resources" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft .NET Framework" FILE_VERSION="1.1.4322.573" ORIGINAL_FILENAME="mscorier.dll" INTERNAL_NAME="MSCORIER.DLL" LEGAL_COPYRIGHT="Copyright © Microsoft Corporation 1998-2002. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1388C" LINKER_VERSION="0x50000" UPTO_BIN_FILE_VERSION="1.1.4322.573" UPTO_BIN_PRODUCT_VERSION="1.1.4322.573" LINK_DATE="02/21/2003 02:43:37" UPTO_LINK_DATE="02/21/2003 02:43:37" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
<MATCHING_FILE NAME="PLUGINS\nppdf32.dll" SIZE="133376" CHECKSUM="0x4906ED95" BIN_FILE_VERSION="6.0.0.878" BIN_PRODUCT_VERSION="6.0.0.878" PRODUCT_VERSION="6.0.0.2003051500" FILE_DESCRIPTION="Adobe Acrobat Plug-In Version 6.00 for Netscape" COMPANY_NAME="Adobe Systems Inc." PRODUCT_NAME="Adobe Acrobat" FILE_VERSION="6.0.0.2003051500" ORIGINAL_FILENAME="NPPDF32.DLL" LEGAL_COPYRIGHT="Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x28D49" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="6.0.0.878" UPTO_BIN_PRODUCT_VERSION="6.0.0.878" LINK_DATE="05/15/2003 08:01:47" UPTO_LINK_DATE="05/15/2003 08:01:47" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
</EXE>
<EXE NAME="MSVCR80.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="msvcr80.dll" SIZE="626688" CHECKSUM="0x6923D5B9" BIN_FILE_VERSION="8.0.50727.762" BIN_PRODUCT_VERSION="8.0.50727.762" PRODUCT_VERSION="8.00.50727.762" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2005" FILE_VERSION="8.00.50727.762" ORIGINAL_FILENAME="MSVCR80.DLL" INTERNAL_NAME="MSVCR80.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA1D19" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="8.0.50727.762" UPTO_BIN_PRODUCT_VERSION="8.0.50727.762" LINK_DATE="12/02/2006 06:50:32" UPTO_LINK_DATE="12/02/2006 06:50:32" VER_LANGUAGE="Anglais (États-Unis) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="1054720" CHECKSUM="0x98676D5" BIN_FILE_VERSION="5.1.2600.5512" BIN_PRODUCT_VERSION="5.1.2600.5512" PRODUCT_VERSION="5.1.2600.5512" FILE_DESCRIPTION="DLL du client API BASE Windows NT" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Système d'exploitation Microsoft® Windows®" FILE_VERSION="5.1.2600.5512 (xpsp.080413-2111)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Tous droits réservés." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1049F8" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.5512" UPTO_BIN_PRODUCT_VERSION="5.1.2600.5512" LINK_DATE="04/14/2008 02:33:02" UPTO_LINK_DATE="04/14/2008 02:33:02" VER_LANGUAGE="Français (France) [0x40c]" />
</EXE>
</DATABASE>
Je vois que tu utilises Firefox et non Internet explorer.
Installe tout de même cette version de IE ( la 7 ou la 8 ) et vérifie si tu as toujours ce problème pour l'ouverture du navigateur.
IE8 : http://www.commentcamarche.net/telecharger/telecharger 34058667 internet explorer 8
IE7 : http://www.commentcamarche.net/telecharger/telecharger 220 internet explorer
Sinon, fais le scan en ligne suivant ( avec Firefox )
https://forum.pcastuces.com/kaspersky_online_scanner___firefox___tutoriel-f31s26.htm
A+
Installe tout de même cette version de IE ( la 7 ou la 8 ) et vérifie si tu as toujours ce problème pour l'ouverture du navigateur.
IE8 : http://www.commentcamarche.net/telecharger/telecharger 34058667 internet explorer 8
IE7 : http://www.commentcamarche.net/telecharger/telecharger 220 internet explorer
Sinon, fais le scan en ligne suivant ( avec Firefox )
https://forum.pcastuces.com/kaspersky_online_scanner___firefox___tutoriel-f31s26.htm
A+
Voici le rapport de Kaspersky :
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, February 9, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, February 08, 2009 20:36:40
Records in database: 1770445
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
Scan statistics:
Files scanned: 52085
Threat name: 5
Infected objects: 7
Suspicious objects: 0
Duration of the scan: 02:23:11
File name / Threat name / Threats count
C:\WINDOWS\Drivers\IgfxSys.dll/C:\WINDOWS\Drivers\IgfxSys.dll Infected: not-a-virus:AdWare.Win32.Agent.kdo 1
C:\Documents and Settings\Utilisateur\Bureau\Crack\no cd command § conquer genera.zip Infected: not-a-virus:AdWare.Win32.Agent.dva 1
C:\System Volume Information\_restore{E97C0404-D396-4FE4-9567-8ED2CC4ABB40}\RP5\A0000461.dll Infected: not-a-virus:AdWare.Win32.OneStep.sv 1
C:\System Volume Information\_restore{E97C0404-D396-4FE4-9567-8ED2CC4ABB40}\RP5\A0000462.exe Infected: not-a-virus:AdWare.Win32.OneStep.atl 1
C:\WINDOWS\Drivers\IgfxSys.dll Infected: not-a-virus:AdWare.Win32.Agent.kdo 1
C:\WINDOWS\Drivers\phuninst.dll Infected: not-a-virus:AdWare.Win32.Agent.kdp 1
C:\_OTMoveIt\MovedFiles\01292009_103327\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe Infected: not-a-virus:AdWare.Win32.OneStep.atl 1
The selected area was scanned.
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, February 9, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, February 08, 2009 20:36:40
Records in database: 1770445
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
Scan statistics:
Files scanned: 52085
Threat name: 5
Infected objects: 7
Suspicious objects: 0
Duration of the scan: 02:23:11
File name / Threat name / Threats count
C:\WINDOWS\Drivers\IgfxSys.dll/C:\WINDOWS\Drivers\IgfxSys.dll Infected: not-a-virus:AdWare.Win32.Agent.kdo 1
C:\Documents and Settings\Utilisateur\Bureau\Crack\no cd command § conquer genera.zip Infected: not-a-virus:AdWare.Win32.Agent.dva 1
C:\System Volume Information\_restore{E97C0404-D396-4FE4-9567-8ED2CC4ABB40}\RP5\A0000461.dll Infected: not-a-virus:AdWare.Win32.OneStep.sv 1
C:\System Volume Information\_restore{E97C0404-D396-4FE4-9567-8ED2CC4ABB40}\RP5\A0000462.exe Infected: not-a-virus:AdWare.Win32.OneStep.atl 1
C:\WINDOWS\Drivers\IgfxSys.dll Infected: not-a-virus:AdWare.Win32.Agent.kdo 1
C:\WINDOWS\Drivers\phuninst.dll Infected: not-a-virus:AdWare.Win32.Agent.kdp 1
C:\_OTMoveIt\MovedFiles\01292009_103327\Documents and Settings\All Users\Application Data\Seekeen\seekeen140.exe Infected: not-a-virus:AdWare.Win32.OneStep.atl 1
The selected area was scanned.
Il y a des cracks et certains sont infectés sur ton PC.
Supprime-les si tu ne veux pas avoir une mauvaise surprise à venir.
1) Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste Instructions for Items to be Moved.
:Files
C:\WINDOWS\Drivers\IgfxSys.dll
C:\Documents and Settings\Utilisateur\Bureau\Crack\no cd command § conquer genera.zip
C:\WINDOWS\Drivers\phuninst.dll
clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport ( fichier .log ) situé dans C:\_OTMoveIt\MovedFiles.
Il est possible que ton ordinateur redémarre pour supprimer les fichiers.
2) As-tu installé IE7 ( pas IE8 --> Vista ) ?
A+
Supprime-les si tu ne veux pas avoir une mauvaise surprise à venir.
1) Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous et colle-la dans le cadre de gauche de OTMoveIt sous Paste Instructions for Items to be Moved.
:Files
C:\WINDOWS\Drivers\IgfxSys.dll
C:\Documents and Settings\Utilisateur\Bureau\Crack\no cd command § conquer genera.zip
C:\WINDOWS\Drivers\phuninst.dll
clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre "Results".
Clique sur Exit pour fermer.
Poste le rapport ( fichier .log ) situé dans C:\_OTMoveIt\MovedFiles.
Il est possible que ton ordinateur redémarre pour supprimer les fichiers.
2) As-tu installé IE7 ( pas IE8 --> Vista ) ?
A+
voici le log OTMoveIt3
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\Drivers\IgfxSys.dll
C:\WINDOWS\Drivers\IgfxSys.dll NOT unregistered.
C:\WINDOWS\Drivers\IgfxSys.dll moved successfully.
C:\Documents and Settings\Utilisateur\Bureau\Crack\no cd command § conquer genera.zip moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\Drivers\phuninst.dll
C:\WINDOWS\Drivers\phuninst.dll NOT unregistered.
C:\WINDOWS\Drivers\phuninst.dll moved successfully.
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02092009_184321
J'ai installé IE7, celà semble fonctionner, je vais donc faire un scan nod 32
Merci
A+
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\Drivers\IgfxSys.dll
C:\WINDOWS\Drivers\IgfxSys.dll NOT unregistered.
C:\WINDOWS\Drivers\IgfxSys.dll moved successfully.
C:\Documents and Settings\Utilisateur\Bureau\Crack\no cd command § conquer genera.zip moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\Drivers\phuninst.dll
C:\WINDOWS\Drivers\phuninst.dll NOT unregistered.
C:\WINDOWS\Drivers\phuninst.dll moved successfully.
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02092009_184321
J'ai installé IE7, celà semble fonctionner, je vais donc faire un scan nod 32
Merci
A+
Je viens d'essayer le lien nod 32 puis "plantage" à nouveau fermeture Ie7 et rapport d'erreur. Ie7 ne fonctionne donc pas. Les mises à jour Windows Update sont donc impossilbes.
Pour le scan en ligne, vu que tu as fait celui de kaspersky, pas la peine de faire celui de Nod32.
Pour les mises à jour de Windows, tu vas essayer ce logiciel :
télécharge Zeb Restore sur ton bureau.
http://telechargement.zebulon.fr/zeb-restore.html
Fais un Click-droit sur le fichier ZebRestore.zip , puis choisis Extraire tout.
Un dossier Zebrestore sera crée. Ouvre-le.
Double-clique sur Zeb-Restore.exe. Une fenêtre s’ouvre.
Sélectionne uniquement « Windows Update» puis clique sur Restaurer.
Esaie ensuite de faire ces mises à jour de Windows.
A+
Pour les mises à jour de Windows, tu vas essayer ce logiciel :
télécharge Zeb Restore sur ton bureau.
http://telechargement.zebulon.fr/zeb-restore.html
Fais un Click-droit sur le fichier ZebRestore.zip , puis choisis Extraire tout.
Un dossier Zebrestore sera crée. Ouvre-le.
Double-clique sur Zeb-Restore.exe. Une fenêtre s’ouvre.
Sélectionne uniquement « Windows Update» puis clique sur Restaurer.
Esaie ensuite de faire ces mises à jour de Windows.
A+
J'ai suivi ta procedure, toutefois toujours le même probleme "plantage IE7" fermeture Windows update puis rapport d'erreur....
Quand tu me dis que tu fais les mises à jour de windows, c'est en utilisant IE.
Sinon, en passant par le panneau de configuration et Windows Update, tu n'as pas de problème pour faire les mises à jour ?
Si c'est le cas, fais ces mises à jour.
Je ne crois que cela vienne d'un problème de virus.
Tu peux essayer de faire une réparation avec ton CD de windows.
A+
Sinon, en passant par le panneau de configuration et Windows Update, tu n'as pas de problème pour faire les mises à jour ?
Si c'est le cas, fais ces mises à jour.
Je ne crois que cela vienne d'un problème de virus.
Tu peux essayer de faire une réparation avec ton CD de windows.
A+
