Virus total security besoin d'aide merci
discus2008
Messages postés
21
Statut
Membre
-
Xplode Messages postés 9212 Statut Contributeur sécurité -
Xplode Messages postés 9212 Statut Contributeur sécurité -
Bonjour,
J'ai donc le virus total security , j'ai fait un scan anti malware ( j'ai mis en quarantaine et supprimé ) et voici le rapport:
Merci de bien vouloir m'aider et me dire quoi faire ensuite car je suis perdu ;-)
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2866
Windows 5.1.2600 Service Pack 3
28/09/2009 12:29:50
mbam-log-2009-09-28 (12-29-50).txt
Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 170302
Temps écoulé: 40 minute(s), 14 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 26
Processus mémoire infecté(s):
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ts (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux (Trojan.JSRedir.H) -> Bad: (C:\WINDOWS\system32\..\sdbf.tex) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\Fichiers communs\TSUninstall (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\sdbf.tex (Trojan.JSRedir.H) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U70Z8JEN\gibidl[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U70Z8JEN\gibsvc[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WXCTGHIB\gibcom[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Y7WJIN0L\gibupt[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Y7WJIN0L\gibusr[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095197.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095198.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095199.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095200.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP931\A0099563.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\TSUninstall\Uninstall.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\TOP\Bureau\Total Security.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Computer Scan.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Help.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Registration.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Security Center.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Settings.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Total Security.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Update.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\TOP\Application Data\Microsoft\Internet Explorer\Quick Launch\TS.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\TS\tsc.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
J'ai donc le virus total security , j'ai fait un scan anti malware ( j'ai mis en quarantaine et supprimé ) et voici le rapport:
Merci de bien vouloir m'aider et me dire quoi faire ensuite car je suis perdu ;-)
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2866
Windows 5.1.2600 Service Pack 3
28/09/2009 12:29:50
mbam-log-2009-09-28 (12-29-50).txt
Type de recherche: Examen complet (C:\|D:\|E:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 170302
Temps écoulé: 40 minute(s), 14 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 26
Processus mémoire infecté(s):
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.Gibmedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ts (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux (Trojan.JSRedir.H) -> Bad: (C:\WINDOWS\system32\..\sdbf.tex) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
C:\Program Files\Fichiers communs\TSUninstall (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\WINDOWS\sdbf.tex (Trojan.JSRedir.H) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U70Z8JEN\gibidl[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\U70Z8JEN\gibsvc[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WXCTGHIB\gibcom[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Y7WJIN0L\gibupt[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\Y7WJIN0L\gibusr[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibcom.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibidl.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibupt.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095197.dll (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095198.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095199.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP873\A0095200.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6C3CAB59-F87E-46DF-A7BC-F3653627E50C}\RP931\A0099563.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Fichiers communs\TSUninstall\Uninstall.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\TOP\Bureau\Total Security.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Computer Scan.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Help.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Registration.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Security Center.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Settings.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Total Security.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\TS\Update.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\TOP\Application Data\Microsoft\Internet Explorer\Quick Launch\TS.lnk (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\TS\tsc.exe (Rogue.TotalSecurity) -> Quarantined and deleted successfully.
A voir également:
- Virus total security besoin d'aide merci
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Total uninstall - Télécharger - Divers Utilitaires
- 360 total security - Télécharger - Antivirus & Antimalwares
- Virus mcafee - Accueil - Piratage
- Roland souhaite calculer le montant total des ventes de son magasin. le fichier contient, pour chaque produit, la quantité vendue et le prix unitaire. calculez le montant total des ventes. ✓ - Forum Excel
30 réponses
Salut, fais ceci maintenant :
SuperAntiSpyware ---->
[x] Télécharge SuperAntiSpyware à cette adresse : http://dl.commentcamarche.net/www.commentcamarche.net/download/files/SUPERAntiSpyware4.28.1010.exe
[x] Suis la procédure d'installation
[x] Séléctionne " French " dans la fenêtre " language " qui s'ouvrira
[x] Clique sur " Oui " dans la fenêtre qui te demanderas si tu veux mettre à jour SuperAntiSpyware
[x] Dans la fenêtre de configuration qui s'ouvrira avec la MaJ , laisse les options par défaut et clique sur suivant.
[x] Au menu principal, séléctionne " Scanner votre ordinateur "
[x] A droite de la fenêtre, coche " Executer scan complet " puis clique sur " Suivant "
[x] Patiente pendant le scan
[x] Si des éléments sont détectés, vérifie qu'ils sont tous cochés plus clique sur suivant
[x] Il te sera peut être proposé de redémarrer, fais le.
[x] Relance SaS, puis clique sur " Préférences "
[x] Va dans l'onglet " Statistiques/Journaux de bord "
[x] Clique sur le rapport puis sur " Voir le journal de bord "
[x] Copie/Colle son contenu ( CTRL+A pour tout séléctionner, CTRL+C pour copier, CTRL+V pour coller ) dans ton prochain message.
----------------
ESET Nod32 Scan en ligne ----->
[x] Rends toi sur ce site : https://www.eset.com/
/!\ Il faut que tu utilises internet explorer pour faire l'analyse en ligne /!\
[x] Coche " Oui, j'accepte.... " puis cliques sur " Start ".
[x] Attend un peu le chargement de la page, puis clique sur le bandeau jaune en haut de
l'écran " Ce site nécessite.... OnlineScanner.cab... "
-> Clique sur " Installer le contrôle ActiveX "
-> Confirme ensuite en cliquant sur " Installer " dans la petite fenêtre qui s'ouvre.
[x] Clique sur paramètre avancé, puis coche " Rechercher les applications potentiellement dangereuses " , vérifie que les deux premieres cases sont elles aussi cochées.
[x] Le scanner se mettra à jour, celà peut prendre un certain temps
[x] L'analyse va ensuite s'effectuer.
[x] Copie/Colle le rapport dans ton prochain message. ( C:\ESET\...\log.txt )
SuperAntiSpyware ---->
[x] Télécharge SuperAntiSpyware à cette adresse : http://dl.commentcamarche.net/www.commentcamarche.net/download/files/SUPERAntiSpyware4.28.1010.exe
[x] Suis la procédure d'installation
[x] Séléctionne " French " dans la fenêtre " language " qui s'ouvrira
[x] Clique sur " Oui " dans la fenêtre qui te demanderas si tu veux mettre à jour SuperAntiSpyware
[x] Dans la fenêtre de configuration qui s'ouvrira avec la MaJ , laisse les options par défaut et clique sur suivant.
[x] Au menu principal, séléctionne " Scanner votre ordinateur "
[x] A droite de la fenêtre, coche " Executer scan complet " puis clique sur " Suivant "
[x] Patiente pendant le scan
[x] Si des éléments sont détectés, vérifie qu'ils sont tous cochés plus clique sur suivant
[x] Il te sera peut être proposé de redémarrer, fais le.
[x] Relance SaS, puis clique sur " Préférences "
[x] Va dans l'onglet " Statistiques/Journaux de bord "
[x] Clique sur le rapport puis sur " Voir le journal de bord "
[x] Copie/Colle son contenu ( CTRL+A pour tout séléctionner, CTRL+C pour copier, CTRL+V pour coller ) dans ton prochain message.
----------------
ESET Nod32 Scan en ligne ----->
[x] Rends toi sur ce site : https://www.eset.com/
/!\ Il faut que tu utilises internet explorer pour faire l'analyse en ligne /!\
[x] Coche " Oui, j'accepte.... " puis cliques sur " Start ".
[x] Attend un peu le chargement de la page, puis clique sur le bandeau jaune en haut de
l'écran " Ce site nécessite.... OnlineScanner.cab... "
-> Clique sur " Installer le contrôle ActiveX "
-> Confirme ensuite en cliquant sur " Installer " dans la petite fenêtre qui s'ouvre.
[x] Clique sur paramètre avancé, puis coche " Rechercher les applications potentiellement dangereuses " , vérifie que les deux premieres cases sont elles aussi cochées.
[x] Le scanner se mettra à jour, celà peut prendre un certain temps
[x] L'analyse va ensuite s'effectuer.
[x] Copie/Colle le rapport dans ton prochain message. ( C:\ESET\...\log.txt )
salut,
voici le rapport du super antispyware:
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/
Generated 10/05/2009 at 04:28 PM
Application Version : 4.28.1010
Core Rules Database Version : 4145
Trace Rules Database Version: 2075
Scan type : Complete Scan
Total Scan Time : 00:37:23
Memory items scanned : 610
Memory threats detected : 0
Registry items scanned : 5024
Registry threats detected : 0
File items scanned : 21507
File threats detected : 54
Adware.Tracking Cookie
C:\Documents and Settings\TOP\Cookies\top@tradedoubler[1].txt
C:\Documents and Settings\TOP\Cookies\top@advertising[2].txt
C:\Documents and Settings\TOP\Cookies\top@adviva[2].txt
C:\Documents and Settings\TOP\Cookies\top@statse.webtrendslive[2].txt
C:\Documents and Settings\TOP\Cookies\top@burstnet[1].txt
C:\Documents and Settings\TOP\Cookies\top@bs.serving-sys[1].txt
C:\Documents and Settings\TOP\Cookies\top@ad.doctissimo[1].txt
C:\Documents and Settings\TOP\Cookies\top@xiti[1].txt
C:\Documents and Settings\TOP\Cookies\top@elle.solution.weborama[1].txt
C:\Documents and Settings\TOP\Cookies\top@msnportal.112.2o7[1].txt
C:\Documents and Settings\TOP\Cookies\top@at.atwola[2].txt
C:\Documents and Settings\TOP\Cookies\top@apmebf[1].txt
C:\Documents and Settings\TOP\Cookies\top@adrevolver[2].txt
C:\Documents and Settings\TOP\Cookies\top@fastclick[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[1].txt
C:\Documents and Settings\TOP\Cookies\top@atdmt[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[5].txt
C:\Documents and Settings\TOP\Cookies\top@media.adrevolver[1].txt
C:\Documents and Settings\TOP\Cookies\top@fortuneopub.solution.weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@www.smartadserver[1].txt
C:\Documents and Settings\TOP\Cookies\top@sarenza.db.advertising[2].txt
C:\Documents and Settings\TOP\Cookies\top@tracking.publicidees[1].txt
C:\Documents and Settings\TOP\Cookies\top@fr.sitestat[2].txt
C:\Documents and Settings\TOP\Cookies\top@ad.yieldmanager[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[4].txt
C:\Documents and Settings\TOP\Cookies\top@bluestreak[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[6].txt
C:\Documents and Settings\TOP\Cookies\top@weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@fr.sitestat[1].txt
C:\Documents and Settings\TOP\Cookies\top@hitbox[2].txt
C:\Documents and Settings\TOP\Cookies\top@stat.dealtime[1].txt
C:\Documents and Settings\TOP\Cookies\top@estat[1].txt
C:\Documents and Settings\TOP\Cookies\top@247realmedia[1].txt
C:\Documents and Settings\TOP\Cookies\top@mediaplex[1].txt
C:\Documents and Settings\TOP\Cookies\top@tracking.veille-referencement[1].txt
C:\Documents and Settings\TOP\Cookies\top@aimfar.solution.weborama[1].txt
C:\Documents and Settings\TOP\Cookies\top@doubleclick[1].txt
C:\Documents and Settings\TOP\Cookies\top@ad.zanox[1].txt
C:\Documents and Settings\TOP\Cookies\top@lagarderefrance.solution.weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@serving-sys[2].txt
C:\Documents and Settings\TOP\Cookies\top@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@tacoda[2].txt
C:\Documents and Settings\TOP\Cookies\top@advertstream[2].txt
C:\Documents and Settings\TOP\Cookies\top@smartadserver[2].txt
C:\Documents and Settings\TOP\Cookies\top@ww57.smartadserver[1].txt
C:\Documents and Settings\TOP\Cookies\top@1.sharkadnetwork[2].txt
C:\Documents and Settings\TOP\Cookies\top@www3.smartadserver[1].txt
C:\Documents and Settings\TOP\Cookies\top@adtech[2].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[2].txt
C:\Documents and Settings\TOP\Cookies\top@ehg-nestlefr.hitbox[1].txt
C:\Documents and Settings\TOP\Cookies\top@statsweb.bnpparibas[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[3].txt
C:\Documents and Settings\TOP\Cookies\top@baseco.solution.weborama[1].txt
C:\Documents and Settings\TOP\Cookies\top@adserver.aol[1].txt
voici le rapport du super antispyware:
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/
Generated 10/05/2009 at 04:28 PM
Application Version : 4.28.1010
Core Rules Database Version : 4145
Trace Rules Database Version: 2075
Scan type : Complete Scan
Total Scan Time : 00:37:23
Memory items scanned : 610
Memory threats detected : 0
Registry items scanned : 5024
Registry threats detected : 0
File items scanned : 21507
File threats detected : 54
Adware.Tracking Cookie
C:\Documents and Settings\TOP\Cookies\top@tradedoubler[1].txt
C:\Documents and Settings\TOP\Cookies\top@advertising[2].txt
C:\Documents and Settings\TOP\Cookies\top@adviva[2].txt
C:\Documents and Settings\TOP\Cookies\top@statse.webtrendslive[2].txt
C:\Documents and Settings\TOP\Cookies\top@burstnet[1].txt
C:\Documents and Settings\TOP\Cookies\top@bs.serving-sys[1].txt
C:\Documents and Settings\TOP\Cookies\top@ad.doctissimo[1].txt
C:\Documents and Settings\TOP\Cookies\top@xiti[1].txt
C:\Documents and Settings\TOP\Cookies\top@elle.solution.weborama[1].txt
C:\Documents and Settings\TOP\Cookies\top@msnportal.112.2o7[1].txt
C:\Documents and Settings\TOP\Cookies\top@at.atwola[2].txt
C:\Documents and Settings\TOP\Cookies\top@apmebf[1].txt
C:\Documents and Settings\TOP\Cookies\top@adrevolver[2].txt
C:\Documents and Settings\TOP\Cookies\top@fastclick[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[1].txt
C:\Documents and Settings\TOP\Cookies\top@atdmt[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[5].txt
C:\Documents and Settings\TOP\Cookies\top@media.adrevolver[1].txt
C:\Documents and Settings\TOP\Cookies\top@fortuneopub.solution.weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@www.smartadserver[1].txt
C:\Documents and Settings\TOP\Cookies\top@sarenza.db.advertising[2].txt
C:\Documents and Settings\TOP\Cookies\top@tracking.publicidees[1].txt
C:\Documents and Settings\TOP\Cookies\top@fr.sitestat[2].txt
C:\Documents and Settings\TOP\Cookies\top@ad.yieldmanager[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[4].txt
C:\Documents and Settings\TOP\Cookies\top@bluestreak[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[6].txt
C:\Documents and Settings\TOP\Cookies\top@weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@fr.sitestat[1].txt
C:\Documents and Settings\TOP\Cookies\top@hitbox[2].txt
C:\Documents and Settings\TOP\Cookies\top@stat.dealtime[1].txt
C:\Documents and Settings\TOP\Cookies\top@estat[1].txt
C:\Documents and Settings\TOP\Cookies\top@247realmedia[1].txt
C:\Documents and Settings\TOP\Cookies\top@mediaplex[1].txt
C:\Documents and Settings\TOP\Cookies\top@tracking.veille-referencement[1].txt
C:\Documents and Settings\TOP\Cookies\top@aimfar.solution.weborama[1].txt
C:\Documents and Settings\TOP\Cookies\top@doubleclick[1].txt
C:\Documents and Settings\TOP\Cookies\top@ad.zanox[1].txt
C:\Documents and Settings\TOP\Cookies\top@lagarderefrance.solution.weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@serving-sys[2].txt
C:\Documents and Settings\TOP\Cookies\top@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\TOP\Cookies\top@tacoda[2].txt
C:\Documents and Settings\TOP\Cookies\top@advertstream[2].txt
C:\Documents and Settings\TOP\Cookies\top@smartadserver[2].txt
C:\Documents and Settings\TOP\Cookies\top@ww57.smartadserver[1].txt
C:\Documents and Settings\TOP\Cookies\top@1.sharkadnetwork[2].txt
C:\Documents and Settings\TOP\Cookies\top@www3.smartadserver[1].txt
C:\Documents and Settings\TOP\Cookies\top@adtech[2].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[2].txt
C:\Documents and Settings\TOP\Cookies\top@ehg-nestlefr.hitbox[1].txt
C:\Documents and Settings\TOP\Cookies\top@statsweb.bnpparibas[1].txt
C:\Documents and Settings\TOP\Cookies\top@www.googleadservices[3].txt
C:\Documents and Settings\TOP\Cookies\top@baseco.solution.weborama[1].txt
C:\Documents and Settings\TOP\Cookies\top@adserver.aol[1].txt
je suis entrain de le faire
peux tu me donner l'adresse complete pour retrouver le log ensuite
car tu m'as mis C:\ESET\...\log.txt
merci
peux tu me donner l'adresse complete pour retrouver le log ensuite
car tu m'as mis C:\ESET\...\log.txt
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Je n'ai eu aucun rapport apres ESETcar aucun fichier detecté, mais quand je recherche dans executer il ne reconnait pas ESET.
Que dois je faire ensuite?
Merci pour ton aide
Que dois je faire ensuite?
Merci pour ton aide
Ok, tu peux désinstaller ESET via ajout/suppression de programme si ce n'est pas déjà fait.
Reposte un log RSIT
Reposte un log RSIT
ok c'est fait je te mets le log rsit
Logfile of random's system information tool 1.06 (written by random/random)
Run by TOP at 2009-10-05 21:17:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 62 GB (84%) free of 74 GB
Total RAM: 959 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:17:04, on 05/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\UMonit2K.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\TOP\Bureau\RSIT.exe
C:\Program Files\Trend Micro\TOP.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - C:\PROGRA~1\ORANGE~1\TOOLBA~2.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\UMonit2K.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\DOCUME~1\TOP\LOCALS~1\Temp\cce71D1.html
O8 - Extra context menu item: traduire la page - C:\DOCUME~1\TOP\LOCALS~1\Temp\cce71CF.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\TOP\LOCALS~1\Temp\cce71D0.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by TOP at 2009-10-05 21:17:01
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 62 GB (84%) free of 74 GB
Total RAM: 959 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:17:04, on 05/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\UMonit2K.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\TOP\Bureau\RSIT.exe
C:\Program Files\Trend Micro\TOP.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - C:\PROGRA~1\ORANGE~1\TOOLBA~2.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\UMonit2K.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\DOCUME~1\TOP\LOCALS~1\Temp\cce71D1.html
O8 - Extra context menu item: traduire la page - C:\DOCUME~1\TOP\LOCALS~1\Temp\cce71CF.html
O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\TOP\LOCALS~1\Temp\cce71D0.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Orange Toolbar FR\ToolbarContainer101000313.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
