Sujet Précédent Sujet Suivant

Pc tres lent

Fermé
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 - 12 oct. 2009 à 19:03
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 - 15 oct. 2009 à 13:29
Bonjour,
Depuis ce matin mon ordinateur est tres lent

J ai telecharger un fichier cela peut provenir de cela?

Merci de votre aide
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
12 oct. 2009 à 19:05
Télécharge RSIT" Random's System Information Tool " sur ton bureau : http://images.malwareremoval.com/random/RSIT.exe

- Ferme toutes les applications en cours et double clic sur RSIT.exe

- Sélectionne " Continue " à l'écran >> RSIT va analyser le pc et vérifier si l'outil hijackthis ( version à jour) est present sur le pc, si ce n'est pas le cas, RSIT le téléchargera >> accepte la licence

- Une fois l'analyse terminée, 2 rapports.txt s'ouvrent, log.txt à l'écran et info.txt dans la barre des taches

- Postes le contenu des 2 rapports
0
Réponse 2 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
12 oct. 2009 à 19:15
Merci de ton aide

voici le rapport log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Steve at 2009-10-12 19:12:28
Microsoft® Windows Vista™ Professionnel Service Pack 2
System drive C: has 75 GB (50%) free of 150 GB
Total RAM: 2045 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:45, on 12/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\msb.exe
C:\Users\Steve\AppData\Local\Temp\b.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\wiaacmgr.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Users\Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Users\Steve\Desktop\RSIT.exe
C:\Program Files\trend micro\Steve.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpriteService] "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SEO Soft] C:\Users\Steve\Desktop\Danwood\stat.exe 0 20
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PopRock] C:\Users\Steve\AppData\Local\Temp\b.exe
O4 - Startup: Spoon Sandbox Manager 3.14.lnk = Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://connect.ebm.ch/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks - C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
0
Réponse 3 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
12 oct. 2009 à 19:32
ok Télécharge genproc ici : http://www.genproc.com/GenProc.exe

Tu le lances (double clic) et tu le laisses faire, après tu réponds oui à la question et tu me postes le rapport.
0
Réponse 4 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
12 oct. 2009 à 19:51
voici le resultat

Rapport GenProc 2.637 [1] - 12/10/2009 à 19:42:59
@ Windows Vista Service Pack 2 - Mode normal
@ Internet Explorer (8.0.6001.18813) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


Poste un rapport NanoScan https://www.micro-astuce.com/securite/NanoScan-Panda.php





~~~~ INFORMATION COMPLEMENTAIRE ~~~~


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:44:06, on 12/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\msb.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\wiaacmgr.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Users\Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Steve\AppData\Local\Temp\b.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\cmd.exe
C:\GenProc\outil\Steve_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpriteService] "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SEO Soft] C:\Users\Steve\Desktop\Danwood\stat.exe 0 20
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PopRock] C:\Users\Steve\AppData\Local\Temp\b.exe
O4 - Startup: Spoon Sandbox Manager 3.14.lnk = Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://connect.ebm.ch/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks - C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
12 oct. 2009 à 19:57
Tu branches toutes tes clés usb, disque dur externe susbetiles d'être infecté.

Télécharge usbfix : http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

Tu le lances (brancher la clé, avant) et tu fais f puis enter. Puis 1 puis enter.

tuto ici : https://www.malekal.com/usbfix-supprimer-virus-usb/
0
Réponse 6 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
12 oct. 2009 à 20:12
voi ci le rapport


############################## | UsbFix V6.041 |

User : Steve (Administrateurs) # ORDI_BAS
Update on 12/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:06:46 | 12/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz
Microsoft® Windows Vista™ Professionnel (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18813
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 146,95 Go (72,87 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 2 Go (1,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 140,42 Mo (0 Mo free) [Berlin Sept 2009] # CDFS
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
K:\ -> Disque fixe local # 125,46 Go (28,32 Go free) [Ancien C] # NTFS
L:\ -> Disque fixe local # 97,65 Go (48,15 Go free) [Ancien D] # NTFS
M:\ -> Disque fixe local # 9,76 Go (5,4 Go free) [RECOVER] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\msb.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\wiaacmgr.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Users\Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wscript.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Steve\AppData\Local\Temp\b.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

C:\Users\Steve\AppData\Local\Temp\a.exe
C:\Users\Steve\AppData\Local\Temp\b.exe
C:\Users\Steve\AppData\Local\Temp\c.exe

################## | Registre # Clés Run infectieuses |

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PopRock"
[HKU\S-1-5-21-3693842778-762727053-2953552604-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PopRock"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |


################## | ! Fin du rapport # UsbFix V6.041 ! |
0
Réponse 7 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
12 oct. 2009 à 22:12
perzonne?
0
Réponse 8 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
13 oct. 2009 à 12:49
si pareil mais avec option 2 maintenant et poste le rapport.
Note : le pc va redémarrer, le bureau va disparaître, c'est normal, laisse l'outil travailler
0
Réponse 9 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
13 oct. 2009 à 18:29
Voici le resultat merci de ton aide
############################## | UsbFix V6.041 |

User : Steve (Administrateurs) # ORDI_BAS
Update on 12/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:16:48 | 13/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz
Microsoft® Windows Vista™ Professionnel (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18813
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 146,95 Go (71,03 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 2 Go (1,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 140,42 Mo (0 Mo free) [Berlin Sept 2009] # CDFS
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque CD-ROM
K:\ -> Disque fixe local # 125,46 Go (28,32 Go free) [Ancien C] # NTFS
L:\ -> Disque fixe local # 97,65 Go (48,15 Go free) [Ancien D] # NTFS
M:\ -> Disque fixe local # 9,76 Go (5,4 Go free) [RECOVER] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\wiaacmgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! C:\Users\Steve\AppData\Local\Temp\a.exe
Supprimé ! C:\Users\Steve\AppData\Local\Temp\c.exe

################## | Registre # Clés Run infectieuses |

Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Registre # Mountpoints2 |


################## | Listing des fichiers présent |

[13/10/2009 18:15|--a------|86091] C:\aaw7boot.log
[22/01/2008 00:13|--a------|224985] C:\acadminidump.dmp
[18/09/2006 23:43|--a------|24] C:\autoexec.bat
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[13/11/2006 11:14|-ra-s----|8192] C:\BOOTSECT.BAK
[03/09/2009 17:01|--a------|687927] C:\ComboFix.txt
[18/09/2006 23:43|--a------|10] C:\config.sys
[22/12/2007 10:35|-rah-----|3951] C:\dell.sdr
[03/05/2009 11:54|--a------|5326] C:\FindyKill.txt
[?|?|?] C:\hiberfil.sys
[27/08/2009 16:30|--a------|424] C:\INSTALL.LOG
[23/01/2008 10:33|-rahs----|0] C:\IO.SYS
[23/01/2008 10:33|-rahs----|0] C:\MSDOS.SYS
[11/07/2006 19:35|--a------|503808] C:\msvcp71.dll
[04/03/2008 23:31|--ah-----|671] C:\os745025.bin
[?|?|?] C:\pagefile.sys
[20/06/2009 07:41|--a------|20] C:\pending.un
[19/01/2008 16:05|--ah-----|268] C:\sqmdata00.sqm
[31/05/2008 18:38|--ah-----|232] C:\sqmdata01.sqm
[31/05/2008 19:10|--ah-----|268] C:\sqmdata02.sqm
[16/10/2008 15:59|--ah-----|268] C:\sqmdata03.sqm
[19/01/2008 16:05|--ah-----|244] C:\sqmnoopt00.sqm
[31/05/2008 18:38|--ah-----|244] C:\sqmnoopt01.sqm
[31/05/2008 19:10|--ah-----|244] C:\sqmnoopt02.sqm
[16/10/2008 15:59|--ah-----|244] C:\sqmnoopt03.sqm
[01/09/2009 19:53|--a------|1778] C:\TB.txt
[13/10/2009 18:27|--a------|4627] C:\UsbFix.txt
[14/11/2008 16:41|--a------|24186] C:\xscan.txt
[30/09/2009 21:34|-r-------|1144238] E:\Berlin Sept. 2009 001.jpg
[30/09/2009 21:34|-r-------|1087848] E:\Berlin Sept. 2009 002.jpg
[30/09/2009 21:34|-r-------|1270844] E:\Berlin Sept. 2009 003.jpg
[30/09/2009 21:34|-r-------|1122791] E:\Berlin Sept. 2009 004.jpg
[30/09/2009 21:34|-r-------|1179512] E:\Berlin Sept. 2009 005.jpg
[30/09/2009 21:34|-r-------|1132851] E:\Berlin Sept. 2009 006.jpg
[30/09/2009 21:34|-r-------|1204210] E:\Berlin Sept. 2009 007.jpg
[30/09/2009 21:34|-r-------|1109502] E:\Berlin Sept. 2009 008.jpg
[30/09/2009 21:34|-r-------|1183289] E:\Berlin Sept. 2009 009.jpg
[30/09/2009 21:34|-r-------|1119460] E:\Berlin Sept. 2009 010.jpg
[30/09/2009 21:34|-r-------|1252406] E:\Berlin Sept. 2009 011.jpg
[30/09/2009 21:34|-r-------|1478309] E:\Berlin Sept. 2009 012.jpg
[30/09/2009 21:34|-r-------|1242160] E:\Berlin Sept. 2009 013.jpg
[30/09/2009 21:34|-r-------|1402876] E:\Berlin Sept. 2009 014.jpg
[30/09/2009 21:34|-r-------|1180700] E:\Berlin Sept. 2009 015.jpg
[30/09/2009 21:34|-r-------|1351808] E:\Berlin Sept. 2009 016.jpg
[30/09/2009 21:34|-r-------|1179566] E:\Berlin Sept. 2009 017.jpg
[30/09/2009 21:34|-r-------|1097385] E:\Berlin Sept. 2009 018.jpg
[30/09/2009 21:34|-r-------|1268436] E:\Berlin Sept. 2009 019.jpg
[30/09/2009 21:34|-r-------|1215660] E:\Berlin Sept. 2009 020.jpg
[30/09/2009 21:34|-r-------|1177086] E:\Berlin Sept. 2009 021.jpg
[30/09/2009 21:34|-r-------|1037887] E:\Berlin Sept. 2009 022.jpg
[30/09/2009 21:34|-r-------|1114916] E:\Berlin Sept. 2009 023.jpg
[30/09/2009 21:34|-r-------|888342] E:\Berlin Sept. 2009 024.jpg
[30/09/2009 21:34|-r-------|1042404] E:\Berlin Sept. 2009 025.jpg
[30/09/2009 21:34|-r-------|1205468] E:\Berlin Sept. 2009 026.jpg
[30/09/2009 21:34|-r-------|1131272] E:\Berlin Sept. 2009 027.jpg
[30/09/2009 21:34|-r-------|1144447] E:\Berlin Sept. 2009 028.jpg
[30/09/2009 21:34|-r-------|1022961] E:\Berlin Sept. 2009 029.jpg
[30/09/2009 21:34|-r-------|1142010] E:\Berlin Sept. 2009 030.jpg
[30/09/2009 21:34|-r-------|1176137] E:\Berlin Sept. 2009 031.jpg
[30/09/2009 21:34|-r-------|1148847] E:\Berlin Sept. 2009 032.jpg
[30/09/2009 21:34|-r-------|1156750] E:\Berlin Sept. 2009 033.jpg
[30/09/2009 21:34|-r-------|1171410] E:\Berlin Sept. 2009 034.jpg
[30/09/2009 21:34|-r-------|974559] E:\Berlin Sept. 2009 035.jpg
[30/09/2009 21:34|-r-------|1037785] E:\Berlin Sept. 2009 036.jpg
[30/09/2009 21:34|-r-------|1150767] E:\Berlin Sept. 2009 038.jpg
[30/09/2009 21:34|-r-------|1098702] E:\Berlin Sept. 2009 039.jpg
[30/09/2009 21:34|-r-------|1058401] E:\Berlin Sept. 2009 040.jpg
[30/09/2009 21:34|-r-------|1112804] E:\Berlin Sept. 2009 041.jpg
[30/09/2009 21:34|-r-------|1095409] E:\Berlin Sept. 2009 042.jpg
[30/09/2009 21:34|-r-------|1054654] E:\Berlin Sept. 2009 043.jpg
[30/09/2009 21:34|-r-------|1298787] E:\Berlin Sept. 2009 044.jpg
[30/09/2009 21:34|-r-------|1174220] E:\Berlin Sept. 2009 045.jpg
[30/09/2009 21:34|-r-------|1221484] E:\Berlin Sept. 2009 046.jpg
[30/09/2009 21:34|-r-------|963353] E:\Berlin Sept. 2009 047.jpg
[30/09/2009 21:34|-r-------|1027498] E:\Berlin Sept. 2009 048.jpg
[30/09/2009 21:34|-r-------|1106430] E:\Berlin Sept. 2009 049.jpg
[30/09/2009 21:34|-r-------|1243987] E:\Berlin Sept. 2009 050.jpg
[30/09/2009 21:34|-r-------|1231951] E:\Berlin Sept. 2009 051.jpg
[30/09/2009 21:34|-r-------|1085510] E:\Berlin Sept. 2009 052.jpg
[30/09/2009 21:34|-r-------|1276209] E:\Berlin Sept. 2009 053.jpg
[30/09/2009 21:34|-r-------|1120199] E:\Berlin Sept. 2009 054.jpg
[30/09/2009 21:34|-r-------|1175322] E:\Berlin Sept. 2009 055.jpg
[30/09/2009 21:34|-r-------|1074203] E:\Berlin Sept. 2009 056.jpg
[30/09/2009 21:34|-r-------|1020136] E:\Berlin Sept. 2009 057.jpg
[30/09/2009 21:34|-r-------|1042854] E:\Berlin Sept. 2009 058.jpg
[30/09/2009 21:34|-r-------|1339614] E:\Berlin Sept. 2009 059.jpg
[30/09/2009 21:34|-r-------|1002263] E:\Berlin Sept. 2009 060.jpg
[30/09/2009 21:34|-r-------|1113473] E:\Berlin Sept. 2009 061.jpg
[30/09/2009 21:34|-r-------|1267158] E:\Berlin Sept. 2009 062.jpg
[30/09/2009 21:34|-r-------|1276583] E:\Berlin Sept. 2009 063.jpg
[30/09/2009 21:34|-r-------|1227818] E:\Berlin Sept. 2009 064.jpg
[30/09/2009 21:34|-r-------|1316394] E:\Berlin Sept. 2009 065.jpg
[30/09/2009 21:34|-r-------|1066680] E:\Berlin Sept. 2009 066.jpg
[30/09/2009 21:34|-r-------|1052098] E:\Berlin Sept. 2009 067.jpg
[30/09/2009 21:34|-r-------|1328987] E:\Berlin Sept. 2009 068.jpg
[30/09/2009 21:34|-r-------|1320424] E:\Berlin Sept. 2009 069.jpg
[30/09/2009 21:34|-r-------|1281199] E:\Berlin Sept. 2009 070.jpg
[30/09/2009 21:34|-r-------|977573] E:\Berlin Sept. 2009 071.jpg
[30/09/2009 21:34|-r-------|1171425] E:\Berlin Sept. 2009 072.jpg
[30/09/2009 21:34|-r-------|1005779] E:\Berlin Sept. 2009 073.jpg
[30/09/2009 21:34|-r-------|1256221] E:\Berlin Sept. 2009 074.jpg
[30/09/2009 21:34|-r-------|1199247] E:\Berlin Sept. 2009 075.jpg
[30/09/2009 21:34|-r-------|1254071] E:\Berlin Sept. 2009 076.jpg
[30/09/2009 21:34|-r-------|1084916] E:\Berlin Sept. 2009 077.jpg
[30/09/2009 21:34|-r-------|1030416] E:\Berlin Sept. 2009 078.jpg
[30/09/2009 21:34|-r-------|1006609] E:\Berlin Sept. 2009 079.jpg
[30/09/2009 21:34|-r-------|1095700] E:\Berlin Sept. 2009 080.jpg
[30/09/2009 21:34|-r-------|1152448] E:\Berlin Sept. 2009 081.jpg
[30/09/2009 21:34|-r-------|1239417] E:\Berlin Sept. 2009 082.jpg
[30/09/2009 21:34|-r-------|1257052] E:\Berlin Sept. 2009 083.jpg
[30/09/2009 21:34|-r-------|1055259] E:\Berlin Sept. 2009 084.jpg
[30/09/2009 21:34|-r-------|1079115] E:\Berlin Sept. 2009 085.jpg
[30/09/2009 21:34|-r-------|1097684] E:\Berlin Sept. 2009 086.jpg
[30/09/2009 21:34|-r-------|1147383] E:\Berlin Sept. 2009 087.jpg
[30/09/2009 21:34|-r-------|1056981] E:\Berlin Sept. 2009 088.jpg
[30/09/2009 21:34|-r-------|1033748] E:\Berlin Sept. 2009 089.jpg
[30/09/2009 21:34|-r-------|1245403] E:\Berlin Sept. 2009 090.jpg
[30/09/2009 21:34|-r-------|1001317] E:\Berlin Sept. 2009 091.jpg
[30/09/2009 21:34|-r-------|1073157] E:\Berlin Sept. 2009 092.jpg
[30/09/2009 21:34|-r-------|1056948] E:\Berlin Sept. 2009 093.jpg
[30/09/2009 21:34|-r-------|1141527] E:\Berlin Sept. 2009 094.jpg
[30/09/2009 21:34|-r-------|1041398] E:\Berlin Sept. 2009 095.jpg
[30/09/2009 21:34|-r-------|1261023] E:\Berlin Sept. 2009 096.jpg
[30/09/2009 21:34|-r-------|1344966] E:\Berlin Sept. 2009 097.jpg
[30/09/2009 21:34|-r-------|1454388] E:\Berlin Sept. 2009 098.jpg
[30/09/2009 21:34|-r-------|1189563] E:\Berlin Sept. 2009 099.jpg
[30/09/2009 21:34|-r-------|1257889] E:\Berlin Sept. 2009 100.jpg
[30/09/2009 21:34|-r-------|952977] E:\Berlin Sept. 2009 101.jpg
[30/09/2009 21:34|-r-------|1122593] E:\Berlin Sept. 2009 102.jpg
[30/09/2009 21:34|-r-------|1066163] E:\Berlin Sept. 2009 103.jpg
[30/09/2009 21:34|-r-------|1108887] E:\Berlin Sept. 2009 104.jpg
[30/09/2009 21:34|-r-------|977249] E:\Berlin Sept. 2009 105.jpg
[30/09/2009 21:34|-r-------|1112404] E:\Berlin Sept. 2009 106.jpg
[30/09/2009 21:34|-r-------|1065601] E:\Berlin Sept. 2009 107.jpg
[30/09/2009 21:34|-r-------|959479] E:\Berlin Sept. 2009 108.jpg
[30/09/2009 21:34|-r-------|896942] E:\Berlin Sept. 2009 109.jpg
[30/09/2009 21:34|-r-------|1069956] E:\Berlin Sept. 2009 110.jpg
[30/09/2009 21:34|-r-------|933125] E:\Berlin Sept. 2009 111.jpg
[30/09/2009 21:34|-r-------|1053253] E:\Berlin Sept. 2009 112.jpg
[30/09/2009 21:34|-r-------|1017400] E:\Berlin Sept. 2009 113.jpg
[30/09/2009 21:34|-r-------|1157223] E:\Berlin Sept. 2009 114.jpg
[30/09/2009 21:34|-r-------|1382139] E:\Berlin Sept. 2009 115.jpg
[30/09/2009 21:34|-r-------|1006008] E:\Berlin Sept. 2009 116.jpg
[30/09/2009 21:34|-r-------|1043134] E:\Berlin Sept. 2009 117.jpg
[30/09/2009 21:34|-r-------|1271548] E:\Berlin Sept. 2009 118.jpg
[30/09/2009 21:34|-r-------|1405265] E:\Berlin Sept. 2009 119.jpg
[30/09/2009 21:34|-r-------|1179736] E:\Berlin Sept. 2009 120.jpg
[30/09/2009 21:34|-r-------|1388473] E:\Berlin Sept. 2009 121.jpg
[30/09/2009 21:34|-r-------|1223730] E:\Berlin Sept. 2009 122.jpg
[30/09/2009 21:34|-r-------|1213935] E:\Berlin Sept. 2009 123.jpg
[30/09/2009 21:34|-r-------|1296357] E:\Berlin Sept. 2009 124.jpg
[30/09/2009 21:34|-r-------|1140195] E:\Berlin Sept. 2009 125.jpg
[30/09/2009 21:34|-r-------|1221831] E:\Berlin Sept. 2009 126.jpg
[30/09/2009 21:34|-r-------|1140806] E:\Berlin Sept. 2009 127.jpg
[30/09/2009 21:34|-r-------|1241371] E:\Berlin Sept. 2009 128.jpg
[30/09/2009 21:34|-r-------|1090007] E:\Berlin Sept. 2009 129.jpg
[14/10/2004 09:58|--a------|50] K:\AUTOEXEC.BAT
[04/12/2007 23:40|-rahs----|216] K:\boot.ini
[05/08/2004 14:00|-rahs----|4952] K:\Bootfont.bin
[13/10/2004 21:26|--a------|0] K:\CONFIG.SYS
[15/12/2007 09:05|--ahs----|536399872] K:\hiberfil.sys
[13/10/2004 21:26|-rahs----|0] K:\IO.SYS
[17/10/2004 12:59|--ah-----|831] K:\IPH.PH
[10/12/2007 19:26|--a------|61] K:\Log_UnInstallClean.txt
[13/10/2004 21:26|-rahs----|0] K:\MSDOS.SYS
[05/08/2004 14:00|-rahs----|47564] K:\NTDETECT.COM
[15/12/2007 22:17|-rahs----|6] K:\ntldr
[03/05/2007 09:06|--a------|476643] K:\wstpro.txt
[21/11/2008 07:18|--a------|28004] L:\DICOMDIR
[12/10/2004 12:35|--ahs----|4608] M:\Thumbs.db
[17/10/2004 14:27|--a------|38] M:\swconf.dat
[28/10/2004 22:12|--a------|49] M:\PASS.RPT
[14/03/2007 17:31|--a------|14993976] M:\GoogleEarthWin_EARX.exe

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.
# K:\autorun.inf -> Folder created by UsbFix.
# L:\autorun.inf -> Folder created by UsbFix.
# M:\autorun.inf -> Folder created by UsbFix.

################## | ! Fin du rapport # UsbFix V6.041 ! |
0
Réponse 10 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
13 oct. 2009 à 18:49
Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau. :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
--> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
--> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
--> Sélectionne Exécuter un examen complet.
--> Clique sur Rechercher. L'analyse démarre.
Poste le rapport qui s'ouvre.
0
Réponse 11 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
13 oct. 2009 à 22:04
Voici le resultat


Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2954
Windows 6.0.6002 Service Pack 2

13/10/2009 22:03:05
mbam-log-2009-10-13 (22-03-05).txt

Type de recherche: Examen complet (C:\|D:\|K:\|L:\|M:\|)
Eléments examinés: 644627
Temps écoulé: 3 hour(s), 9 minute(s), 50 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\poprock (Trojan.Downloader) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\Windows\System32\ca41b812-169b-a3ab-e876-d692112b405c.exe.vir (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\Windows\vsdbm32136.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
0
Réponse 12 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
14 oct. 2009 à 16:36
vide la qurentaine et refais moi un rapport rsit.
Sinon, encore des ralentissements ?
0
Réponse 13 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
14 oct. 2009 à 19:13
merci de ta reponse mais quel quarantaine je dois vider?
0
Réponse 14 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
14 oct. 2009 à 19:16
tu ouvres malwarebytes tu vas dans l'onglet quarentaine et tu fais tout supprimer

refais moi un rapport rsit après.
0
Réponse 15 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
14 oct. 2009 à 19:18
ok merci

voici le rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by Steve at 2009-10-14 19:17:58
Microsoft® Windows Vista™ Professionnel Service Pack 2
System drive C: has 71 GB (47%) free of 150 GB
Total RAM: 2045 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:06, on 14/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\wiaacmgr.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Steve\Desktop\RSIT.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\trend micro\Steve.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpriteService] "C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SEO Soft] C:\Users\Steve\Desktop\Danwood\stat.exe 0 20
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Spoon Sandbox Manager 3.14.lnk = Steve\AppData\Local\Spoon\3.14.0.5\Spoon-Sandbox.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks - C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
0
Réponse 16 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
14 oct. 2009 à 19:49
encore des ralentissements ?
0
Réponse 17 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
14 oct. 2009 à 19:59
oui un peu

mais l ordi s eteint defois et redemarre
0
Réponse 18 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
14 oct. 2009 à 20:12
télécharge hijackthis tu l'installes le lance et tu fais do a scan only, tu coches ces lignes :

C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)

Tu cliques sur fix checked en bas et tu réponds oui.
0
Réponse 19 / 22
audi68 Messages postés 571 Date d'inscription lundi 7 janvier 2008 Statut Membre Dernière intervention 5 août 2015 9
14 oct. 2009 à 20:22
je n est pas ces 2 lignes

C:\PROGRA~1\COMMON~1\Nokia\MPLATF~1\NOKIAM~1.EXE
C:\Windows\bdoscandel.exe (file missing)
0
Réponse 20 / 22
nico987 Messages postés 729 Date d'inscription jeudi 14 mai 2009 Statut Membre Dernière intervention 13 mai 2024 93
14 oct. 2009 à 20:26
ok t'as fais pour les autres ?
0