Sujet Précédent Sujet Suivant

Analyse rapport hijackthis

bupbup2222 Messages postés 4 Statut Membre -  
bupbup2222 Messages postés 4 Statut Membre -
Bonjour,
Je viens d'analyser mon ordi avec hijackthis mais malheuresement je ne comprends pas grand chose donc si quelqu'un pouvait m'aider et me dire si mon ordinateur était infecté ou non ce serait gentil merci d'avance.
Voilà le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:34, on 01/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\windows\system32\zgcvbg.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ludo\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: BatBHO - {63F7460B-C831-4142-A4AA-5EC303EC4343} - C:\Program Files\Bat\Bat.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Install5G] F:\Install.exe plug_ethernet
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [zgcvbg] "c:\windows\system32\zgcvbg.exe" zgcvbg
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
A voir également:

10 réponses

Réponse 1 / 10
nico987 Messages postés 783 Statut Membre 93
 
que des infections...

télécharge malwarebytes ici : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l'installes, le lances et tu fais un examen complet, tu laisses tourner et tu postes le rapport dans ton prochain message
0
Réponse 2 / 10
bupbup2222 Messages postés 4 Statut Membre
 
Voilà le rapport demandé

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2729
Windows 5.1.2600 Service Pack 2

02/09/2009 16:07:15
mbam-log-2009-09-02 (16-07-03).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 201326
Temps écoulé: 5 hour(s), 30 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 45
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 13
Fichier(s) infecté(s): 68

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\bat.batbho (Adware.Batco) -> No action taken.
HKEY_CLASSES_ROOT\bat.batbho.1 (Adware.Batco) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d279bc2b-a85b-4559-8fd9-ddc55f5d402d} (Adware.Batco) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{f663b917-591f-4172-8d87-3d7d729007ca} (Adware.Batco) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{b80a3586-caa5-41c8-89bf-e617f0b6cfbf} (Adware.Batco) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15651c7c-e812-44a2-a9ac-b467a2233e7d} (Adware.123Mania) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{622cc208-b014-4fe0-801b-874a5e5e403a} (Adware.123Mania) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000250-0320-4dd4-be4f-7566d2314352} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{13197ace-6851-45c3-a7ff-c281324d5489} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e1075f4-eec4-4a86-add7-cd5f52858c31} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5dafd089-24b1-4c5e-bd42-8ca72550717b} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{965a592f-8efa-4250-8630-7960230792f1} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9c5b2f29-1f46-4639-a6b4-828942301d3e} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cf021f40-3e14-23a5-cba2-717765728274} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fc3a74e5-f281-4f10-ae1e-733078684f3c} (Fake.Dropped.Malware) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ffff0001-0002-101a-a3c9-08002b2f49fb} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d} (Adware.123Mania) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a} (Adware.123Mania) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c} (Fake.Dropped.Malware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb} (Fake.Dropped.Malware) -> No action taken.
HKEY_CLASSES_ROOT\AppID\bat.dll (Adware.Batco) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\BATCO (Adware.Batco) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Batco (Adware.Batco) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bat (Adware.Batco) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bat (Adware.Batco) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zgcvbg (Trojan.Agent.H) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Rabio (Adware.Rabio) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Rabio\Search Enhancer (Adware.Rabio) -> No action taken.
C:\Program Files\180search assistant (Adware.180Solutions) -> No action taken.
C:\Program Files\180searchassistant (Adware.180Solutions) -> No action taken.
C:\Program Files\180solutions (Adware.180Solutions) -> No action taken.
C:\Program Files\Montorgueil (Trojan.Dialer) -> No action taken.
C:\Program Files\Montorgueil\Sophie (Trojan.Dialer) -> No action taken.
C:\Program Files\seekmo (Adware.180Solutions) -> No action taken.
C:\Program Files\stc (Fake.Dropped.Malware) -> No action taken.
C:\Program Files\Sysmnt (Fake.Dropped.Malware) -> No action taken.
C:\Program Files\webHancer (Adware.WebHancer) -> No action taken.
C:\Program Files\webHancer\Programs (Adware.WebHancer) -> No action taken.
C:\WINDOWS\FLEOK (Fake.Dropped.Malware) -> No action taken.

Fichier(s) infecté(s):
c:\WINDOWS\system32\zgcvbg.exe (Trojan.Agent.H) -> No action taken.
C:\Documents and Settings\ludo\Local Settings\Temp\syswcc32.exe (Adware.WebHancer) -> No action taken.
C:\Documents and Settings\ludo\Local Settings\Temp\BatSetup.exe (Adware.Batco) -> No action taken.
C:\Documents and Settings\ludo\Local Settings\Temporary Internet Files\Content.IE5\N18HDPTA\Everest_Casino[1].exe (Rogue.AdorableCasino) -> No action taken.
C:\Program Files\Everest Poker\var\Everest Casino.exe (Rogue.AdorableCasino) -> No action taken.
C:\System Volume Information\_restore{930A99BD-E41C-43C7-9C19-6E5D23A34D75}\RP376\A0310749.exe (Adware.Batco) -> No action taken.
C:\Program Files\180search assistant\180sa.exe (Adware.180Solutions) -> No action taken.
C:\Program Files\180search assistant\sau.exe (Adware.180Solutions) -> No action taken.
C:\Program Files\180searchassistant\saap.exe (Adware.180Solutions) -> No action taken.
C:\Program Files\180searchassistant\sac.exe (Adware.180Solutions) -> No action taken.
C:\Program Files\180solutions\sais.exe (Adware.180Solutions) -> No action taken.
C:\Program Files\Montorgueil\14.06268 (Trojan.Dialer) -> No action taken.
C:\Program Files\Montorgueil\Sophie\Sophie.ico (Trojan.Dialer) -> No action taken.
C:\Program Files\seekmo\seekmohook.dll (Adware.180Solutions) -> No action taken.
C:\Program Files\stc\csv5p070.exe (Fake.Dropped.Malware) -> No action taken.
C:\Program Files\Sysmnt\Ssmgr.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\FLEOK\180ax.exe (Fake.Dropped.Malware) -> No action taken.
C:\Documents and Settings\ludo\Menu Démarrer\Programmes\Démarrage\Bat - Auto Update.lnk (Adware.Batco) -> No action taken.
C:\WINDOWS\system32\zgcvbg_nav.dat (Adware.NaviPromo) -> No action taken.
C:\WINDOWS\system32\zgcvbg_navps.dat (Adware.NaviPromo) -> No action taken.
C:\WINDOWS\system32\MSIXU.DLL (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\MSNSA32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\ntnut32.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> No action taken.
C:\WINDOWS\system32\shdocpe.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\SIPSPI32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\WER8274.DLL (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\system32\winfrun32.bin (Malware.Trace) -> No action taken.
C:\WINDOWS\123messenger.per (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\180ax.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\2020search.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\2020search2.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\apphelp32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\asferror32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\asycfilt32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\athprxy32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\ati2dvaa32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\ati2dvag32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\audiosrv32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\autodisc32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\avifile32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\avisynthex32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\aviwrap32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\bjam.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\bokja.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\browserad.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\cdsm32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\changeurl_30.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\default.htm (Trojan.Agent) -> No action taken.
C:\WINDOWS\didduid.ini (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\Installer\id53.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\licencia.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\msa64chk.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\msapasrc.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\mspphe.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\mssvr.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\ntnut.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\saiemod.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\salm.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\shdocpe.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\shdocpl.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\stcloader.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\swin32.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\telefonos.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\textos.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\updatetc.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\voiceip.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\winsb.dll (Fake.Dropped.Malware) -> No action taken.

Merci
0
Réponse 3 / 10
nico987 Messages postés 783 Statut Membre 93
 
vire tous ce qui est en quarentaine. Tu télécharges genproc maintenant : http://www.genproc.com/GenProc.exe

Tu le lances (double clic) et tu le laisses faire, après tu réponds oui à la question et tu me postes le rapport.
0
Réponse 4 / 10
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Vire tous ce qui est en quarentaine.

--> No action taken.

De toutes façons, Malwarebytes ne résoudra pas le problème à lui seul

--> Navipromo par exemple, MBAM ne supprime pas les certificats, pour le reste il existe des outils adéquats

----------------------
bupbup2222,

Lance Hijackthis,
clique sur « do a system scan only », et coches les lignes suivantes :

O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file) 
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: BatBHO - {63F7460B-C831-4142-A4AA-5EC303EC4343} - C:\Program Files\Bat\Bat.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file) 
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file) 
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)


Et clique sur Fix-checked, réponds " oui " au message et referme le programme

---------------------------

Télécharge et installe ccleaner

- Durant l'installation, décoche la case proposant la barre d'outils yahoo et celle : " ajouter l'option des mises à jour"

- Une fois installé, fermes toutes les applications en cours et lance ccleaner

- clic -->>option -->> avancé et décoche " effacer les fichiers etc... plus vieux que 48h

- Sélectionne " nettoyeur " >> clic sur Analyse puis nettoyage, puis referme le..

-------------------------------

Télécharge Navilog1 sur ton bureau :

- Désactive la garde de ton Antivirus et celle de ton (es) antispyware (s)
- Lance l'installation en exécutant le fichier téléchargé
- Une fois installé, fermes tous les programmes en cours et double-cliques sur Navilog1.exe
- Choisi la langue et presse la touche " entrée " de ton clavier
- Une fenêtre s'ouvre, presse 1 touche pour passer aux etapes suivantes
- Le menu du fix s'ouvre, choisis l'option 1 et presses la touche " entrée "
- Laisses le fix travailler et patiente jusqu'au message *** Analyse terminée le***
- Un rapport c:\fixnavi.txt s'etablira, poste son contenu...

Note : tu trouveras également le rapport à C:\cleanavi.txt

--------------------------
♦ Télécharge Ad-remover ( de C_XX ) sur ton bureau :

♦ Déconnecte toi et ferme toutes applications en cours !

♦ Double-clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

♦ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

♦ Au menu principal choisis l'option "L" et tape sur [entrée] .

♦ Laisse travailler l'outil et ne touche à rien ...

♦ Un rapport est généré, postes le stp

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )

♦ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
nico987 Messages postés 783 Statut Membre 93
 
j'allai le faire je voulais attendre le rapport genproc pour voir ce qu'il en été, tu veux prendre la suite Ced_king ?
0
Réponse 6 / 10
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Salut rico, ;-)
pas de soucis pour prendre la suite mais c'était surtout pour t'informer...
0
Réponse 7 / 10
nico987 Messages postés 783 Statut Membre 93
 
oui mais je voulais faire par étape, je te laisse le sujet. =)
0
Réponse 8 / 10
bupbup2222 Messages postés 4 Statut Membre
 
voilà le rapport de ad-report

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_S | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 02/09/2009 à 3:00 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:46:15, 03/09/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: LUDOVIC | Utilisateur actuel: ludo
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
.
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Casino\Everest Casino.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Casino\Uninstall Everest Casino.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Casino
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker\Everest Poker.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker\Uninstall Everest Poker.lnk
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Everest Poker
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskSplash.exe
C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\Program Files\AskBarDis
C:\Program Files\Everest Poker\casino.exe
C:\Program Files\Everest Poker\cstart-tmp.exe
C:\Program Files\Everest Poker\CStart.exe
C:\Program Files\Everest Poker\data
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\var
C:\Program Files\Everest Poker\data\cpanel
C:\Program Files\Everest Poker\data\fonts
C:\Program Files\Everest Poker\data\mp-lobby
C:\Program Files\Everest Poker\data\mp-poker
C:\Program Files\Everest Poker\data\shared
C:\Program Files\Everest Poker\data\startup
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background
C:\Program Files\Everest Poker\data\mp-poker\fr
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\shared\fr
C:\Program Files\Everest Poker\data\shared\shared
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps
C:\Program Files\Everest Poker\data\shared\shared\sounds
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en
C:\Program Files\Everest Poker\data\startup\fr
C:\Program Files\Everest Poker\data\startup\shared
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps
C:\Program Files\Everest Poker\data\startup\shared\icons
C:\Program Files\Everest Poker\data\startup\shared\sounds
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\var\content-fr.dat
C:\Program Files\Everest Poker\var\Everest Casino.exe
C:\Program Files\Everest Poker
C:\Program Files\PartyGaming\PartyCasino
C:\Program Files\PartyGaming\PartyGaming.RPT
C:\Program Files\PartyGaming\PartyPoker
C:\Program Files\PartyGaming\tmpUpgrade
C:\Program Files\PartyGaming\PartyCasino\Images
C:\Program Files\PartyGaming\PartyCasino\Images\games
C:\Program Files\PartyGaming\PartyCasino\Images\sys_icons.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\cardgames
C:\Program Files\PartyGaming\PartyCasino\Images\games\cashier_button.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\exit_button.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\gamebalance_free.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\gamelogs_button.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\game_topbar_pff.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\version_button.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\cardgames\blackjack
C:\Program Files\PartyGaming\PartyCasino\Images\games\cardgames\pointer_R.gif
C:\Program Files\PartyGaming\PartyCasino\Images\games\cardgames\rules_button.jpg
C:\Program Files\PartyGaming\PartyCasino\Images\games\cardgames\blackjack\split_button.png
C:\Program Files\PartyGaming\PartyPoker\1177821.hhf
C:\Program Files\PartyGaming\PartyPoker\1185343.hhf
C:\Program Files\PartyGaming\PartyPoker\Articles
C:\Program Files\PartyGaming\PartyPoker\Images
C:\Program Files\PartyGaming\PartyPoker\Language
C:\Program Files\PartyGaming\PartyPoker\Notes.txt
C:\Program Files\PartyGaming\PartyPoker\Temp
C:\Program Files\PartyGaming\PartyPoker\tmpUpgrade
C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe
C:\Program Files\PartyGaming\PartyPoker\Articles\1.html
C:\Program Files\PartyGaming\PartyPoker\Articles\1066.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1082.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1222.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1224.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1228.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1244.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1256.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1260.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1947.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1949.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1953.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\1955.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\2.html
C:\Program Files\PartyGaming\PartyPoker\Articles\3.html
C:\Program Files\PartyGaming\PartyPoker\Articles\4.html
C:\Program Files\PartyGaming\PartyPoker\Articles\4876.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\4888.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5018.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5252.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5314.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5454.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5468.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5470.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5474.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5478.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5506.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5544.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5586.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5602.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5626.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5642.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5644.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5646.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5650.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5652.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5654.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5656.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\5696.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\824.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\880.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\964.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\966.atc
C:\Program Files\PartyGaming\PartyPoker\Articles\968.atc
C:\Program Files\PartyGaming\PartyPoker\Images\system_but_bingo.jpg
C:\Program Files\PartyGaming\PartyPoker\Images\system_but_gammon.jpg
C:\Program Files\PartyGaming\PartyPoker\Language\en_US
C:\Program Files\PartyGaming\PartyPoker\Language\en_US\articles
C:\Program Files\PartyGaming\PartyPoker\Temp\pop53.htm
C:\Program Files\PartyGaming\PartyPoker\Temp\pop53.tmp
C:\Program Files\PartyGaming\PartyPoker\tmpUpgrade\INSTALL.LOG
C:\Program Files\PartyGaming\PartyPoker\tmpUpgrade\upgradepp97-98man.exe
C:\Program Files\PartyGaming\tmpUpgrade\INSTALL.LOG
C:\Program Files\PartyGaming\tmpUpgrade\upgradePG95-96man.exe
C:\Program Files\PartyGaming
C:\DOCUME~1\ludo\APPLIC~1\Mozilla\Firefox\Profiles\pih6rbz7.default\searchplugins\ask.xml
C:\WINDOWS\System32\SIPSPI32.dll
C:\WINDOWS\gvcasinos.ini
C:\DOCUME~1\ludo\Bureau\Everest Poker.exe
C:\DOCUME~1\ALLUSE~1\Bureau\Everest Poker.lnk
C:\WINDOWS\Prefetch\EVEREST POKER.EXE-1046D877.pf
C:\DOCUME~1\ludo\Cookies\ludo@everestpokerblog[2].txt
C:\DOCUME~1\ludo\Cookies\ludo@everestpoker[1].txt
C:\DOCUME~1\ludo\Cookies\ludo@www.everestpoker[1].txt
C:\DOCUME~1\ludo\Cookies\ludo@partygaming.122.2o7[1].txt
C:\DOCUME~1\ludo\Cookies\ludo@partypoker[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.13 *
.
Nom du profil: pih6rbz7.default (ludo)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.13");
.
.
.
* Internet Explorer Version 7.0.5730.11 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: Window Title
Search Page: hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.372_375_to_5.0.376.exe
C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.383_384_to_5.0.385.exe
C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\Bases\Patches\patch_pers_5.0.388_390_to_5.0.391.exe
C:\Documents and Settings\ludo\Application Data\.ABC\torrent\Barbie.in.the.Nutcracker.FRENCH.DVDRiP.XviD-WhyNot.torrent
.
.
===================================
.
15467 Octet(s) - C:\Ad-Report-CLEAN.log
.
2 Fichier(s) - C:\DOCUME~1\ludo\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
34 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
50 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 15:11:02 | 03/09/2009
.
============== E.O.F ==============
.

Celui de navilog

Fix Navipromo version 4.0.2 commencé le 03/09/2009 14:21:15,65

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 27.08.2009 à 11h00 par IL-MAFIOSO

Recherche executée en mode normal

[b]Aucune Infection Navipromo/Egdaccess trouvée/b


*** Scan terminé 03/09/2009 14:40:21,54 ***

Voilà merc
0
Réponse 9 / 10
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Salut,

Telecharges RSIT " Random's System Information Tool " sur ton bureau : http://images.malwareremoval.com/random/RSIT.exe

- Fermes toutes les applications en cours et double clic sur RSIT.exe
- Selectionnes " Continue " à l'ecran >> RSIT va analyser le pc et verifier si l'outil hijackthis ( version à jour) est present sur le pc, si ce n'est pas le cas, RSIT le telechargera >> acceptes la license
- Une fois l'analyse terminée, 2 rapports.txt s'ouvrent, log.txt à l'écran et info.txt dans la barre des taches
- Postes le contenu des 2 rapports
0
Réponse 10 / 10
bupbup2222 Messages postés 4 Statut Membre
 
voilà le rapport log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by ludo at 2009-09-04 16:09:32
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 19 GB (40%) free of 48 GB
Total RAM: 1022 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:51, on 04/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ludo\Bureau\RSIT.exe
C:\Documents and Settings\ludo\Bureau\ludo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Window Title
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [VAIO Update 3] "C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Install5G] F:\Install.exe plug_ethernet
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Bat - Auto Update.lnk = C:\Program Files\Bat\Bat.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse