A voir également:
- Fenêtres pub intempestives besoin d'aide
- Youtube sans pub - Accueil - Streaming
- Netflix avec pub avis - Accueil - Streaming
- Bloqueur de pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer pub - Guide
11 réponses
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
29 sept. 2009 à 16:37
29 sept. 2009 à 16:37
Bonjour,
télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau
dézippe le dossier, double-clique sur GenProc.bat [img]http://forum.telecharger.01net.com/forum/[/img] et poste le contenu du rapport qui s'ouvre
Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
télécharge GenProc http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip sur ton bureau
dézippe le dossier, double-clique sur GenProc.bat [img]http://forum.telecharger.01net.com/forum/[/img] et poste le contenu du rapport qui s'ouvre
Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html
marseillais76
Messages postés
153
Date d'inscription
lundi 28 septembre 2009
Statut
Membre
Dernière intervention
19 mars 2010
5
29 sept. 2009 à 16:40
29 sept. 2009 à 16:40
bonjour,
à mon avis, il faut virer les 3 lignes suivantes.
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
à mon avis, il faut virer les 3 lignes suivantes.
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
Merci pour ces promptes réponses voilà le rapport GenProc. Vos deux avis sont les bienvenus
Rapport GenProc 2.633 [1] - 30/09/2009 à 7:55:22
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.5.3) [Navigateur par défaut]
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:57:24, on 30/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Paul Maheke\Bureau\GenProc\GenProc\outil\Paul Maheke_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.liberation.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c9b23fdd1c23e4) (gupdate1c9b23fdd1c23e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Rapport GenProc 2.633 [1] - 30/09/2009 à 7:55:22
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.5.3) [Navigateur par défaut]
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:57:24, on 30/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Paul Maheke\Bureau\GenProc\GenProc\outil\Paul Maheke_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.liberation.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c9b23fdd1c23e4) (gupdate1c9b23fdd1c23e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
30 sept. 2009 à 09:39
30 sept. 2009 à 09:39
Scanne ce fichier C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll sur le site VirusTotal et poste le rapport
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Je ne sais pas ce qui fait office de rapport mais voilà ce que j'ai eu une fois le fichier scanné, apparemment un fichier connu du site.
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.09.15 -
AhnLab-V3 5.0.0.2 2009.09.15 -
AntiVir 7.9.1.18 2009.09.15 -
Antiy-AVL 2.0.3.7 2009.09.15 -
Authentium 5.1.2.4 2009.09.15 -
Avast 4.8.1351.0 2009.09.15 -
AVG 8.5.0.412 2009.09.15 -
BitDefender 7.2 2009.09.15 -
CAT-QuickHeal 10.00 2009.09.15 -
ClamAV 0.94.1 2009.09.15 -
Comodo 2329 2009.09.15 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.09.15 -
eSafe 7.0.17.0 2009.09.15 -
eTrust-Vet 31.6.6738 2009.09.15 -
F-Prot 4.5.1.85 2009.09.15 -
F-Secure 8.0.14470.0 2009.09.15 -
Fortinet 3.120.0.0 2009.09.15 Adware/DoubleD
GData 19 2009.09.15 -
Ikarus T3.1.1.72.0 2009.09.15 -
Jiangmin 11.0.800 2009.09.15 -
K7AntiVirus 7.10.845 2009.09.15 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.15 -
McAfee 5742 2009.09.15 potentially unwanted program Adware-DoubleD
McAfee+Artemis 5742 2009.09.15 potentially unwanted program Adware-DoubleD
McAfee-GW-Edition 6.8.5 2009.09.15 -
Microsoft 1.5005 2009.09.15 -
NOD32 4427 2009.09.15 Win32/Adware.DoubleD.AE
Norman 6.01.09 2009.09.15 -
nProtect 2009.1.8.0 2009.09.15 -
Panda 10.0.2.2 2009.09.14 Trj/CI.A
PCTools 4.4.2.0 2009.09.14 -
Prevx 3.0 2009.09.15 -
Rising 21.47.14.00 2009.09.15 -
Sophos 4.45.0 2009.09.15 Internet Saving Optimizer
Sunbelt 3.2.1858.2 2009.09.15 -
Symantec 1.4.4.12 2009.09.15 SecurityRisk.Downldr
TheHacker 6.3.4.4.404 2009.09.15 -
TrendMicro 8.950.0.1094 2009.09.15 -
VBA32 3.12.10.10 2009.09.15 -
ViRobot 2009.9.15.1937 2009.09.15 -
VirusBuster 4.6.5.0 2009.09.15 -
Information additionnelle
File size: 196608 bytes
MD5 : 066b7aaeabb39a0b8ef11acdcb3a85de
SHA1 : 77805576dfaa41bd46d4089c68ce5c8c0cbfabad
SHA256: 3e9af651a912fc8e36c810d603ca44f62706fb0290ec08dc3aec16be0550d6eb
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10C5F
timedatestamp.....: 0x4A9B2FE4 (Mon Aug 31 04:05:24 2009)
machinetype.......: 0x14C (Intel I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1DDD4 0x1E000 6.68 8a30ea5b2db005e94c63eb6c2d732862
.rdata 0x1F000 0x7768 0x8000 4.67 96ed88cdfcc1443e0b0fae0525bbb019
.data 0x27000 0x3C00 0x2000 3.92 62c8268a975d6b9f72f1bf14dcadbbfc
NPHELPER 0x2B000 0x4 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x2C000 0x10A8 0x2000 4.70 6a34d6526c89c53c1033404ef979bd1f
.reloc 0x2E000 0x3742 0x4000 4.20 d33b193aea146cc39662f811721913d7
( 11 imports )
> advapi32.dll: SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegCreateKeyW, RegEnumKeyExW, RegQueryValueExW
> kernel32.dll: CreateThread, ExitThread, Sleep, GetExitCodeProcess, WaitForSingleObject, CreateProcessW, GetCurrentThreadId, GetModuleHandleW, LoadLibraryExW, FindResourceW, LoadResource, SizeofResource, FreeLibrary, DisableThreadLibraryCalls, GetModuleFileNameW, FindFirstFileW, DeleteFileW, FindNextFileW, FindClose, RemoveDirectoryW, OutputDebugStringW, DebugBreak, lstrlenA, InterlockedIncrement, InterlockedDecrement, MultiByteToWideChar, lstrcmpiW, GetLastError, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, lstrlenW, WaitForMultipleObjects, CreateEventW, GetExitCodeThread, ResetEvent, TerminateThread, SetEvent, CreateMutexW, ReleaseMutex, SetEnvironmentVariableA, CompareStringW, CompareStringA, CreateFileA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetStringTypeW, GetStringTypeA, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, CloseHandle, LoadLibraryA, GetModuleHandleA, WideCharToMultiByte, GetCurrentProcess, SetLastError, GlobalAlloc, GetTickCount, GlobalFree, GetProcAddress, GetVersionExW, LoadLibraryW, HeapAlloc, HeapFree, RtlUnwind, MoveFileW, HeapReAlloc, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCommandLineA, GetProcessHeap, VirtualFree, VirtualAlloc, HeapDestroy, HeapCreate, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCPInfo, GetOEMCP, IsValidCodePage, HeapSize, GetTimeZoneInformation, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetCurrentProcessId, SetFilePointer, GetConsoleCP, GetConsoleMode, FlushFileBuffers, LCMapStringA, LCMapStringW
> npcommon.dll: __1CNPConfigMgr@@UAE@XZ, __0CNPConfigMgr@@QAE@XZ
> ole32.dll: CoTaskMemFree, CoInitialize, CoUninitialize, StringFromGUID2, CoTaskMemAlloc, CoTaskMemRealloc, CoCreateInstance
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> shell32.dll: SHGetFolderPathW
> shlwapi.dll: UrlGetPartW
> urlmon.dll: URLDownloadToFileW
> user32.dll: GetParent, UnregisterClassA, FindWindowExW, CharNextW, CharLowerW, wvsprintfW, wsprintfW, DestroyWindow, IsWindow, ShowWindow, SetWindowPos, SwitchToThisWindow, LoadStringW
> version.dll: GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
> wininet.dll: InternetConnectW, InternetCloseHandle, HttpQueryInfoW, HttpOpenRequestW, HttpSendRequestW, InternetOpenW
( 1 exports )
> DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
TrID : File type identification
DirectShow filter (52.6%)
Windows OCX File (32.2%)
Win32 Executable MS Visual C++ (generic) (9.8%)
Win32 Executable Generic (2.2%)
Win32 Dynamic Link Library (generic) (1.9%)
ssdeep: 3072:fhzFucA0nXHmvsgr3chhVPvDSokZI9tjEK0:fr52x3SV+okUE
PEiD : -
RDS : NSRL Reference Data Set
-
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.09.15 -
AhnLab-V3 5.0.0.2 2009.09.15 -
AntiVir 7.9.1.18 2009.09.15 -
Antiy-AVL 2.0.3.7 2009.09.15 -
Authentium 5.1.2.4 2009.09.15 -
Avast 4.8.1351.0 2009.09.15 -
AVG 8.5.0.412 2009.09.15 -
BitDefender 7.2 2009.09.15 -
CAT-QuickHeal 10.00 2009.09.15 -
ClamAV 0.94.1 2009.09.15 -
Comodo 2329 2009.09.15 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.09.15 -
eSafe 7.0.17.0 2009.09.15 -
eTrust-Vet 31.6.6738 2009.09.15 -
F-Prot 4.5.1.85 2009.09.15 -
F-Secure 8.0.14470.0 2009.09.15 -
Fortinet 3.120.0.0 2009.09.15 Adware/DoubleD
GData 19 2009.09.15 -
Ikarus T3.1.1.72.0 2009.09.15 -
Jiangmin 11.0.800 2009.09.15 -
K7AntiVirus 7.10.845 2009.09.15 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.09.15 -
McAfee 5742 2009.09.15 potentially unwanted program Adware-DoubleD
McAfee+Artemis 5742 2009.09.15 potentially unwanted program Adware-DoubleD
McAfee-GW-Edition 6.8.5 2009.09.15 -
Microsoft 1.5005 2009.09.15 -
NOD32 4427 2009.09.15 Win32/Adware.DoubleD.AE
Norman 6.01.09 2009.09.15 -
nProtect 2009.1.8.0 2009.09.15 -
Panda 10.0.2.2 2009.09.14 Trj/CI.A
PCTools 4.4.2.0 2009.09.14 -
Prevx 3.0 2009.09.15 -
Rising 21.47.14.00 2009.09.15 -
Sophos 4.45.0 2009.09.15 Internet Saving Optimizer
Sunbelt 3.2.1858.2 2009.09.15 -
Symantec 1.4.4.12 2009.09.15 SecurityRisk.Downldr
TheHacker 6.3.4.4.404 2009.09.15 -
TrendMicro 8.950.0.1094 2009.09.15 -
VBA32 3.12.10.10 2009.09.15 -
ViRobot 2009.9.15.1937 2009.09.15 -
VirusBuster 4.6.5.0 2009.09.15 -
Information additionnelle
File size: 196608 bytes
MD5 : 066b7aaeabb39a0b8ef11acdcb3a85de
SHA1 : 77805576dfaa41bd46d4089c68ce5c8c0cbfabad
SHA256: 3e9af651a912fc8e36c810d603ca44f62706fb0290ec08dc3aec16be0550d6eb
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10C5F
timedatestamp.....: 0x4A9B2FE4 (Mon Aug 31 04:05:24 2009)
machinetype.......: 0x14C (Intel I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1DDD4 0x1E000 6.68 8a30ea5b2db005e94c63eb6c2d732862
.rdata 0x1F000 0x7768 0x8000 4.67 96ed88cdfcc1443e0b0fae0525bbb019
.data 0x27000 0x3C00 0x2000 3.92 62c8268a975d6b9f72f1bf14dcadbbfc
NPHELPER 0x2B000 0x4 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x2C000 0x10A8 0x2000 4.70 6a34d6526c89c53c1033404ef979bd1f
.reloc 0x2E000 0x3742 0x4000 4.20 d33b193aea146cc39662f811721913d7
( 11 imports )
> advapi32.dll: SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegCreateKeyW, RegEnumKeyExW, RegQueryValueExW
> kernel32.dll: CreateThread, ExitThread, Sleep, GetExitCodeProcess, WaitForSingleObject, CreateProcessW, GetCurrentThreadId, GetModuleHandleW, LoadLibraryExW, FindResourceW, LoadResource, SizeofResource, FreeLibrary, DisableThreadLibraryCalls, GetModuleFileNameW, FindFirstFileW, DeleteFileW, FindNextFileW, FindClose, RemoveDirectoryW, OutputDebugStringW, DebugBreak, lstrlenA, InterlockedIncrement, InterlockedDecrement, MultiByteToWideChar, lstrcmpiW, GetLastError, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, lstrlenW, WaitForMultipleObjects, CreateEventW, GetExitCodeThread, ResetEvent, TerminateThread, SetEvent, CreateMutexW, ReleaseMutex, SetEnvironmentVariableA, CompareStringW, CompareStringA, CreateFileA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetStringTypeW, GetStringTypeA, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, CloseHandle, LoadLibraryA, GetModuleHandleA, WideCharToMultiByte, GetCurrentProcess, SetLastError, GlobalAlloc, GetTickCount, GlobalFree, GetProcAddress, GetVersionExW, LoadLibraryW, HeapAlloc, HeapFree, RtlUnwind, MoveFileW, HeapReAlloc, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCommandLineA, GetProcessHeap, VirtualFree, VirtualAlloc, HeapDestroy, HeapCreate, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCPInfo, GetOEMCP, IsValidCodePage, HeapSize, GetTimeZoneInformation, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetCurrentProcessId, SetFilePointer, GetConsoleCP, GetConsoleMode, FlushFileBuffers, LCMapStringA, LCMapStringW
> npcommon.dll: __1CNPConfigMgr@@UAE@XZ, __0CNPConfigMgr@@QAE@XZ
> ole32.dll: CoTaskMemFree, CoInitialize, CoUninitialize, StringFromGUID2, CoTaskMemAlloc, CoTaskMemRealloc, CoCreateInstance
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> shell32.dll: SHGetFolderPathW
> shlwapi.dll: UrlGetPartW
> urlmon.dll: URLDownloadToFileW
> user32.dll: GetParent, UnregisterClassA, FindWindowExW, CharNextW, CharLowerW, wvsprintfW, wsprintfW, DestroyWindow, IsWindow, ShowWindow, SetWindowPos, SwitchToThisWindow, LoadStringW
> version.dll: GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW
> wininet.dll: InternetConnectW, InternetCloseHandle, HttpQueryInfoW, HttpOpenRequestW, HttpSendRequestW, InternetOpenW
( 1 exports )
> DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
TrID : File type identification
DirectShow filter (52.6%)
Windows OCX File (32.2%)
Win32 Executable MS Visual C++ (generic) (9.8%)
Win32 Executable Generic (2.2%)
Win32 Dynamic Link Library (generic) (1.9%)
ssdeep: 3072:fhzFucA0nXHmvsgr3chhVPvDSokZI9tjEK0:fr52x3SV+okUE
PEiD : -
RDS : NSRL Reference Data Set
-
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
30 sept. 2009 à 17:10
30 sept. 2009 à 17:10
Désinstalle ce programme "Internet Saving Optimizer" il n'a pas l'air très net
ensuite fais le scan nod32 suggéré par GenProc
ensuite fais le scan nod32 suggéré par GenProc
Voilà supprimé, j'ai fait un deuxième scan je ne sais pas si c'est bien ça que tu appelles nod32.
Rapport GenProc 2.633 [2] - 30/09/2009 à 17:20:47
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.5.3) [Navigateur par défaut]
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:22:06, on 30/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Paul Maheke\Bureau\GenProc\GenProc\outil\Paul Maheke_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.liberation.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c9b23fdd1c23e4) (gupdate1c9b23fdd1c23e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Rapport GenProc 2.633 [2] - 30/09/2009 à 17:20:47
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.5.3) [Navigateur par défaut]
GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:22:06, on 30/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Paul Maheke\Bureau\GenProc\GenProc\outil\Paul Maheke_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.liberation.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1.4630\NPIEAddOn.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.1.1010\ssd.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate1c9b23fdd1c23e4) (gupdate1c9b23fdd1c23e4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
30 sept. 2009 à 17:34
30 sept. 2009 à 17:34
Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
scan fait
voici le résultat de l'analyse
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CPER4H2R\upgrade[1].cab Win32/Adware.OneStep.A application supprimé - mis en quarantaine
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\S5URWTIB\upgrade[1].cab Win32/Adware.OneStep.A application supprimé - mis en quarantaine
voici le résultat de l'analyse
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CPER4H2R\upgrade[1].cab Win32/Adware.OneStep.A application supprimé - mis en quarantaine
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\S5URWTIB\upgrade[1].cab Win32/Adware.OneStep.A application supprimé - mis en quarantaine
eZula
Messages postés
3391
Date d'inscription
samedi 26 avril 2008
Statut
Contributeur
Dernière intervention
8 mai 2021
392
30 sept. 2009 à 19:02
30 sept. 2009 à 19:02
où en sont tes problèmes ?
PS / installe IE8
PS / installe IE8