FichierC:\WINDOWS\system32\spads.dll manquant
Résolu/Fermé
perrine86
Messages postés
11
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
18 janvier 2011
-
25 août 2009 à 10:49
Utilisateur anonyme - 25 août 2009 à 18:57
Utilisateur anonyme - 25 août 2009 à 18:57
9 réponses
Utilisateur anonyme
25 août 2009 à 18:57
25 août 2009 à 18:57
RE
Ce n'est pas tout a fait fini.
*Supprimes RSIT et HijackThis sur le bureau, ainsi que le rapport et le dossier RSIT qui se trouve dans F:\.
*Fais un nettoyage avec CCleaner
-Tu le lances, clic sur Analyser, une fois fini sur Lancer le nettoyage,
-Clic sur Registre, chercher des erreurs, une fois fini, clic sur Reparer les erreurs (toutes), fais la sauvegardes demandee. Refais ces deux operations pour qu'il ne trouve plus rien.
*Vas dans Demarrer, clic droit sur Poste de travail, Proprietes, Restauration du systeme, coches la case Desactive, Appliquer et OK. tu redemarres le PC.
*Retournes au meme endroit pour redecocher cette case, Appliquer et OK.
*Vas creer un nouveau point de restauration, dans Demarrer, tous les programmes, Accessoires, Outils systeme, restauration du systeme: http://www.ac-nancy-metz.fr/services/monxp/restauration_syst%C3%A8me_xp.htm
*Fais une Defragmentation, c'est toujours dans les outils systeme.
*Retournes sur Windows Updates et installes le SP3, uniquement cette mise a jour.
*Tu te sers un peu de ton PC et tu retournes faire la suite des mises a jour au meme endroit.
*Verifies que Firefoxe soit a jour aussi, point d'interrogation et rechercher des mises a jour.
Tu peux garder Malwarebytes et faire un control de temps en temps, il suffit de faire la mise a jour avant de s'en servir. CCleaner aussi est a garder pour un nettoyage de temps en temps aussi, pas besoin de mise a jour pour lui.
A+
Ce n'est pas tout a fait fini.
*Supprimes RSIT et HijackThis sur le bureau, ainsi que le rapport et le dossier RSIT qui se trouve dans F:\.
*Fais un nettoyage avec CCleaner
-Tu le lances, clic sur Analyser, une fois fini sur Lancer le nettoyage,
-Clic sur Registre, chercher des erreurs, une fois fini, clic sur Reparer les erreurs (toutes), fais la sauvegardes demandee. Refais ces deux operations pour qu'il ne trouve plus rien.
*Vas dans Demarrer, clic droit sur Poste de travail, Proprietes, Restauration du systeme, coches la case Desactive, Appliquer et OK. tu redemarres le PC.
*Retournes au meme endroit pour redecocher cette case, Appliquer et OK.
*Vas creer un nouveau point de restauration, dans Demarrer, tous les programmes, Accessoires, Outils systeme, restauration du systeme: http://www.ac-nancy-metz.fr/services/monxp/restauration_syst%C3%A8me_xp.htm
*Fais une Defragmentation, c'est toujours dans les outils systeme.
*Retournes sur Windows Updates et installes le SP3, uniquement cette mise a jour.
*Tu te sers un peu de ton PC et tu retournes faire la suite des mises a jour au meme endroit.
*Verifies que Firefoxe soit a jour aussi, point d'interrogation et rechercher des mises a jour.
Tu peux garder Malwarebytes et faire un control de temps en temps, il suffit de faire la mise a jour avant de s'en servir. CCleaner aussi est a garder pour un nettoyage de temps en temps aussi, pas besoin de mise a jour pour lui.
A+
Utilisateur anonyme
25 août 2009 à 11:20
25 août 2009 à 11:20
Bonjour perrine86,
Telecharges HijackThis sur le bureau.
Tu le lances, clic sur " Do a scann system and save log file ".
A la fin, le bloc notes doit s'ouvrir, tu fais un copier/coller de ce rapport ci dessous.
A+
Telecharges HijackThis sur le bureau.
Tu le lances, clic sur " Do a scann system and save log file ".
A la fin, le bloc notes doit s'ouvrir, tu fais un copier/coller de ce rapport ci dessous.
A+
perrine86
Messages postés
11
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
18 janvier 2011
2
25 août 2009 à 11:31
25 août 2009 à 11:31
merci beaucoup pour ta réponse !
voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:15, on 25/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\system32\FsUsbExService.Exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\ATK0100\HControl.exe
F:\Program Files\Microsoft IntelliPoint\point32.exe
F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\sm56hlpr.exe
F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
F:\Program Files\Microsoft IntelliType Pro\itype.exe
F:\Program Files\QuickTime\QTTask.exe
F:\WINDOWS\ATK0100\ATKOSD.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
F:\Documents and Settings\Propriétaire\Bureau\HiJackThis(5).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://moteur.chat-land.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: mysidesearch search enhancer - {6C6CF3D4-5786-0504-994C-2D93EB7CEF20} - F:\WINDOWS\system32\uyqdojijrhmmu.dll
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - F:\WINDOWS\system32\nsd8D.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: dcads - {b4e76d80-9458-3759-3369-9b064f9e3d18} - F:\WINDOWS\system32\ca012092-cf84-add8-66e5-58c85b153874.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [HControl] F:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "F:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SynTPEnh] F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Trickler] "f:\documents and settings\propriétaire\local settings\temp\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [spa_start] F:\WINDOWS\System32\Rundll32.exe "F:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [itype] "F:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LaunchList] F:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = F:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - F:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - F:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:15, on 25/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\system32\FsUsbExService.Exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\ATK0100\HControl.exe
F:\Program Files\Microsoft IntelliPoint\point32.exe
F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\sm56hlpr.exe
F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
F:\Program Files\Microsoft IntelliType Pro\itype.exe
F:\Program Files\QuickTime\QTTask.exe
F:\WINDOWS\ATK0100\ATKOSD.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
F:\Documents and Settings\Propriétaire\Bureau\HiJackThis(5).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://moteur.chat-land.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: mysidesearch search enhancer - {6C6CF3D4-5786-0504-994C-2D93EB7CEF20} - F:\WINDOWS\system32\uyqdojijrhmmu.dll
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - F:\WINDOWS\system32\nsd8D.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: dcads - {b4e76d80-9458-3759-3369-9b064f9e3d18} - F:\WINDOWS\system32\ca012092-cf84-add8-66e5-58c85b153874.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [HControl] F:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "F:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SynTPEnh] F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Trickler] "f:\documents and settings\propriétaire\local settings\temp\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [spa_start] F:\WINDOWS\System32\Rundll32.exe "F:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [itype] "F:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LaunchList] F:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = F:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - F:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - F:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Utilisateur anonyme
25 août 2009 à 11:41
25 août 2009 à 11:41
RE
Telecharges Malwarebytes
Tu le lances, fais la mise a jour et une recherche rapide.
A la fin, clic sur Afficher les resultats, regardes que tout soit coche, clic sur Supprimer la selection.
Redemarres si c'est demande.
Postes moi le rapport qui se trouve dans l'onglet Rapport/log
A+
Telecharges Malwarebytes
Tu le lances, fais la mise a jour et une recherche rapide.
A la fin, clic sur Afficher les resultats, regardes que tout soit coche, clic sur Supprimer la selection.
Redemarres si c'est demande.
Postes moi le rapport qui se trouve dans l'onglet Rapport/log
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
perrine86
Messages postés
11
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
18 janvier 2011
2
25 août 2009 à 12:27
25 août 2009 à 12:27
voici le rapport !
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2693
Windows 5.1.2600 Service Pack 2
25/08/2009 12:09:47
mbam-log-2009-08-25 (12-09-47).txt
Type de recherche: Examen rapide
Eléments examinés: 111767
Temps écoulé: 16 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 32
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
F:\Program Files\Mozilla Firefox\components\nsBrowserCmp.dll (Adware.AdRotator) -> Delete on reboot.
F:\Program Files\Mozilla Firefox\components\nsdcads.dll (Adware.AdRotator) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\dc_ads.ads (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e94c3af8-d32c-4389-ac9a-be17471edc42} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63eadaa3-1cea-43e0-a7dd-eb46dba8a47e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dc_ads.ads.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp.1 (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fc3c36d-7635-4d43-ba62-0d9d2f2cd06e} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\superiorads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0f871e6a-cdea-dfb7-71a2-d0b6af581a7a} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cont_dcads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcadssearchassistant (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcadssocial (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.dll (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AdvRemoteDbg (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c6cf3d4-5786-0504-994c-2d93eb7cef20} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6c6cf3d4-5786-0504-994c-2d93eb7cef20} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4e76d80-9458-3759-3369-9b064f9e3d18} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b4e76d80-9458-3759-3369-9b064f9e3d18} (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spa_start (Adware.BHO) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
F:\WINDOWS\system32\nsd8D.dll (Trojan.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\uyqdojijrhmmu.dll-uninst.exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\superiorads-uninst.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\u_uyqdojijrhmmu.dll.exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 7 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 8 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 9 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 1 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 10 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 2 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 3 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 4 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 5 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 6 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\tmp48AD.tmp (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CVAHGBAJ\expl[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CZUTK12T\setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CZUTK12T\setup[3].exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\KTGV03YH\expl[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QZ89I5QL\setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Application Data\urlredir.cfg (Adware.RightOnAds) -> Quarantined and deleted successfully.
F:\Program Files\Mozilla Firefox\components\94ae3fc2-f8bb-e6a8-9d57-c5912e9da7ec.dll (Adware.Yoog) -> Quarantined and deleted successfully.
F:\Program Files\Mozilla Firefox\components\nsBrowserCmp.dll (Adware.AdRotator) -> Delete on reboot.
F:\Program Files\Mozilla Firefox\components\nsBrowserDc.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\Program Files\Mozilla Firefox\components\nsdcads.dll (Adware.AdRotator) -> Delete on reboot.
F:\WINDOWS\system32\cont_dcads-remove.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\dcads-remove.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\dcads_sidebar_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\DcadsSocial-Uninstall.exe (Adware.RightOnAds) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\uyqdojijrhmmu.dll (Adware.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\ca012092-cf84-add8-66e5-58c85b153874.dll (Trojan.BHO) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2693
Windows 5.1.2600 Service Pack 2
25/08/2009 12:09:47
mbam-log-2009-08-25 (12-09-47).txt
Type de recherche: Examen rapide
Eléments examinés: 111767
Temps écoulé: 16 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 32
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
F:\Program Files\Mozilla Firefox\components\nsBrowserCmp.dll (Adware.AdRotator) -> Delete on reboot.
F:\Program Files\Mozilla Firefox\components\nsdcads.dll (Adware.AdRotator) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\dc_ads.ads (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e94c3af8-d32c-4389-ac9a-be17471edc42} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63eadaa3-1cea-43e0-a7dd-eb46dba8a47e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{733716e1-76d2-4003-ac39-845281c0ef85} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\dc_ads.ads.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp.1 (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fc3c36d-7635-4d43-ba62-0d9d2f2cd06e} (Adware.Fotomoto) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\superiorads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0f871e6a-cdea-dfb7-71a2-d0b6af581a7a} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cont_dcads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcadssearchassistant (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcadssocial (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.dll (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AdvRemoteDbg (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c6cf3d4-5786-0504-994c-2d93eb7cef20} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6c6cf3d4-5786-0504-994c-2d93eb7cef20} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b4e76d80-9458-3759-3369-9b064f9e3d18} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b4e76d80-9458-3759-3369-9b064f9e3d18} (Trojan.BHO) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spa_start (Adware.BHO) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
F:\WINDOWS\system32\nsd8D.dll (Trojan.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\uyqdojijrhmmu.dll-uninst.exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\superiorads-uninst.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\u_uyqdojijrhmmu.dll.exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 7 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 8 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 9 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 1 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 10 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 2 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 3 (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 4 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 5 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\Antiphishing Component Update 6 (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temp\tmp48AD.tmp (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CVAHGBAJ\expl[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CZUTK12T\setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\CZUTK12T\setup[3].exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\KTGV03YH\expl[1].exe (Backdoor.Bot) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QZ89I5QL\setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.
F:\Documents and Settings\Propriétaire\Application Data\urlredir.cfg (Adware.RightOnAds) -> Quarantined and deleted successfully.
F:\Program Files\Mozilla Firefox\components\94ae3fc2-f8bb-e6a8-9d57-c5912e9da7ec.dll (Adware.Yoog) -> Quarantined and deleted successfully.
F:\Program Files\Mozilla Firefox\components\nsBrowserCmp.dll (Adware.AdRotator) -> Delete on reboot.
F:\Program Files\Mozilla Firefox\components\nsBrowserDc.dll (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\Program Files\Mozilla Firefox\components\nsdcads.dll (Adware.AdRotator) -> Delete on reboot.
F:\WINDOWS\system32\cont_dcads-remove.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\dcads-remove.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\dcads_sidebar_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\DcadsSocial-Uninstall.exe (Adware.RightOnAds) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\uyqdojijrhmmu.dll (Adware.BHO) -> Quarantined and deleted successfully.
F:\WINDOWS\system32\ca012092-cf84-add8-66e5-58c85b153874.dll (Trojan.BHO) -> Quarantined and deleted successfully.
Utilisateur anonyme
25 août 2009 à 12:50
25 août 2009 à 12:50
RE
*Redemarres ton PC si tu ne l'as pas encore fait apres Malwarebytes.
*Télécharges Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
*Double-cliques sur RSIT.exe.
*Cliques sur Continue à l'écran Disclaimer.
*Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
*Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Postes le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
A noter: Les rapports se trouvent également ici: C:\rsit.
A+
*Redemarres ton PC si tu ne l'as pas encore fait apres Malwarebytes.
*Télécharges Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
*Double-cliques sur RSIT.exe.
*Cliques sur Continue à l'écran Disclaimer.
*Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
*Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Postes le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
A noter: Les rapports se trouvent également ici: C:\rsit.
A+
perrine86
Messages postés
11
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
18 janvier 2011
2
25 août 2009 à 14:15
25 août 2009 à 14:15
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-08-25 14:04:25
Microsoft Windows XP Édition familiale Service Pack 2
System drive F: has 14 GB (25%) free of 56 GB
Total RAM: 1023 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:30, on 25/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\system32\FsUsbExService.Exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\ATK0100\HControl.exe
F:\Program Files\Microsoft IntelliPoint\point32.exe
F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\sm56hlpr.exe
F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
F:\Program Files\Microsoft IntelliType Pro\itype.exe
F:\Program Files\QuickTime\QTTask.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\WINDOWS\ATK0100\ATKOSD.exe
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
F:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
F:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://moteur.chat-land.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [HControl] F:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "F:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SynTPEnh] F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Trickler] "f:\documents and settings\propriétaire\local settings\temp\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [itype] "F:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LaunchList] F:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = F:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - F:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - F:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Run by Propriétaire at 2009-08-25 14:04:25
Microsoft Windows XP Édition familiale Service Pack 2
System drive F: has 14 GB (25%) free of 56 GB
Total RAM: 1023 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:30, on 25/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\system32\FsUsbExService.Exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\ATK0100\HControl.exe
F:\Program Files\Microsoft IntelliPoint\point32.exe
F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\sm56hlpr.exe
F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
F:\Program Files\Microsoft IntelliType Pro\itype.exe
F:\Program Files\QuickTime\QTTask.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\WINDOWS\ATK0100\ATKOSD.exe
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.exe
F:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
F:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
F:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
F:\Documents and Settings\Propriétaire\Bureau\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://moteur.chat-land.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: VMN Toolbar - {A057A204-BACC-4D26-8287-79A187E26987} - F:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [HControl] F:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "F:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "F:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "F:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SynTPEnh] F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Trickler] "f:\documents and settings\propriétaire\local settings\temp\gain_trickler_3202.exe"
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] F:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [itype] "F:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LaunchList] F:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] F:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = F:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FsUsbExService - Teruten - F:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - F:\WINDOWS\system32\drivers\pclepci.sys
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Utilisateur anonyme
25 août 2009 à 14:50
25 août 2009 à 14:50
RE
Pour toi, c'est dans F:\RSIT, ta partition principale, habituellement c'est C et je n'est pas repensé que c'etait F sur ton PC.
*Ton PC n'est pas a jour, commences par installer IE7: http://www.microsoft.com/downloads/details.aspx?FamilyID=9ae91ebe-3385-447c-8a30-081805b2f90b&DisplayLang=fr , tu l'ouvres une ou deux fois.
*Ensuite tu vas faire les mises a jours personnalisees sur Windows Updates ( Jusqu'au SP3, celle la tu ne la fait pas tout de suite)
*Vas dans le panneau de configuration, JAVA, et fais la mise a jour ( Version 6 update 15)
*Clic sur l'icone d'Adobe Reader, clic sur aide et rechercher les mises a jour, tu installes tout ce qui est propose.(version 9)
*Vas dans le panneau de configuration, Ajout et suppression de programmes, si tu vois des versions d'Adobe ou de Java plus anciennes que celles citees plus haut, tu les supprimes.
Repostes les resultats pour faire la suite.
Tu ne devrais plus avoir le message?
Comment se comporte le PC?
A+
Pour toi, c'est dans F:\RSIT, ta partition principale, habituellement c'est C et je n'est pas repensé que c'etait F sur ton PC.
*Ton PC n'est pas a jour, commences par installer IE7: http://www.microsoft.com/downloads/details.aspx?FamilyID=9ae91ebe-3385-447c-8a30-081805b2f90b&DisplayLang=fr , tu l'ouvres une ou deux fois.
*Ensuite tu vas faire les mises a jours personnalisees sur Windows Updates ( Jusqu'au SP3, celle la tu ne la fait pas tout de suite)
*Vas dans le panneau de configuration, JAVA, et fais la mise a jour ( Version 6 update 15)
*Clic sur l'icone d'Adobe Reader, clic sur aide et rechercher les mises a jour, tu installes tout ce qui est propose.(version 9)
*Vas dans le panneau de configuration, Ajout et suppression de programmes, si tu vois des versions d'Adobe ou de Java plus anciennes que celles citees plus haut, tu les supprimes.
Repostes les resultats pour faire la suite.
Tu ne devrais plus avoir le message?
Comment se comporte le PC?
A+
perrine86
Messages postés
11
Date d'inscription
mardi 13 février 2007
Statut
Membre
Dernière intervention
18 janvier 2011
2
25 août 2009 à 17:28
25 août 2009 à 17:28
c'est parfait ! je n'ai plus le message ! un grand merci pour la rapidité et surtout l'efficacité !
Perrine
Perrine
