Machine qui plante...
Fermé
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
-
5 nov. 2009 à 00:02
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 - 16 nov. 2009 à 06:44
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 - 16 nov. 2009 à 06:44
A voir également:
- Machine qui plante...
- Time machine - Guide
- Machine virtuelle windows - Guide
- Machine virtuelle gratuite - Télécharger - Émulation & Virtualisation
- Press any key to reboot the machine - Forum Windows
- Explorateur windows plante - Guide
21 réponses
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
5 nov. 2009 à 02:07
5 nov. 2009 à 02:07
PERSONNE POUR UN AVIS???
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
5 nov. 2009 à 09:34
5 nov. 2009 à 09:34
j'espère bien que quelqu'un pourra m'aider, merci encore
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
5 nov. 2009 à 10:21
5 nov. 2009 à 10:21
salut
BitTorrent
Ask.com
uTorrent
Ares
tu cumul ce qu'il faut pour te faire veroler
************************************************************************
AD-Remover
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton bureau
● Au menu principal choisi l'option "SCAN"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
*************************************************************************
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
*****************************************************************************
télécharge hijackthis http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
>> enregistre la cible sous .... "le bureau" renomme HJTInstall.exe en par exemple HJT.exe
>> Fais un double-clic sur "HJT.exe" afin de lancer l'installation
>> Clique sur Install ensuite sur "I Accept"
>> Clique sur" Do a scan system and save log file"
>> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
BitTorrent
Ask.com
uTorrent
Ares
tu cumul ce qu'il faut pour te faire veroler
************************************************************************
AD-Remover
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton bureau
● Au menu principal choisi l'option "SCAN"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
*************************************************************************
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
*****************************************************************************
télécharge hijackthis http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
>> enregistre la cible sous .... "le bureau" renomme HJTInstall.exe en par exemple HJT.exe
>> Fais un double-clic sur "HJT.exe" afin de lancer l'installation
>> Clique sur Install ensuite sur "I Accept"
>> Clique sur" Do a scan system and save log file"
>> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
5 nov. 2009 à 21:17
5 nov. 2009 à 21:17
VOICI LES TROIS RAPPORTS, message après message
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:28:33, 05/11/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: KAMI | Utilisateur actuel: NINA
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKU\S-1-5-21-1060284298-796845957-725345543-1003\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{66886C4D-B307-4ECA-A228-52CA9B9851A4}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
.
C:\DOCUME~1\NINA\APPLIC~1\DesktopIcon
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\askcom.xml
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\mywebsearch.xml
C:\Program Files\FunWebProducts
C:\DOCUME~1\NINA\LOCALS~1\Temp\AskSearch
C:\DOCUME~1\NINA\MENUDM~1\Ebay.lnk
C:\DOCUME~1\NINA\Bureau\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.4 [fr] *
.
Nom du profil: t3i2mr5p.default (NINA)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask.com");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask.com");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.4");
.
(prefs.js) TROUVÉ: user_pref("browser.search.defaultengine", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.defaultenginename", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.order.1", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.selectedEngine", "Ask.com");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://www.google.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 2ab909813531ca01
Start Page Redirect Cache AcceptLangs: fr
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\NINA\Application Data\uTorrent\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar.torrent
C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
.
===================================
.
1603 Octet(s) - C:\Ad-Report-SCAN[1].log
5057 Octet(s) - C:\Ad-Report-SCAN[2].log
.
726 Fichier(s) - C:\DOCUME~1\NINA\LOCALS~1\Temp
50 Fichier(s) - C:\WINDOWS\Temp
.
2 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 19:38:50 | 05/11/2009 - SCAN[2]
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:28:33, 05/11/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: KAMI | Utilisateur actuel: NINA
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKU\S-1-5-21-1060284298-796845957-725345543-1003\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{66886C4D-B307-4ECA-A228-52CA9B9851A4}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
.
C:\DOCUME~1\NINA\APPLIC~1\DesktopIcon
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\askcom.xml
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\mywebsearch.xml
C:\Program Files\FunWebProducts
C:\DOCUME~1\NINA\LOCALS~1\Temp\AskSearch
C:\DOCUME~1\NINA\MENUDM~1\Ebay.lnk
C:\DOCUME~1\NINA\Bureau\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.4 [fr] *
.
Nom du profil: t3i2mr5p.default (NINA)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask.com");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask.com");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.4");
.
(prefs.js) TROUVÉ: user_pref("browser.search.defaultengine", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.defaultenginename", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.order.1", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.selectedEngine", "Ask.com");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://www.google.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 2ab909813531ca01
Start Page Redirect Cache AcceptLangs: fr
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\NINA\Application Data\uTorrent\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar.torrent
C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
.
===================================
.
1603 Octet(s) - C:\Ad-Report-SCAN[1].log
5057 Octet(s) - C:\Ad-Report-SCAN[2].log
.
726 Fichier(s) - C:\DOCUME~1\NINA\LOCALS~1\Temp
50 Fichier(s) - C:\WINDOWS\Temp
.
2 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 19:38:50 | 05/11/2009 - SCAN[2]
.
============== E.O.F ==============
.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
5 nov. 2009 à 21:21
5 nov. 2009 à 21:21
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Ver 1.00PARTTBL
USER : NINA ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
C:\ (Local Disk) - NTFS - Total:20 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:34 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:59 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
J:\ (Local Disk) - NTFS - Total:50 Go (Free:15 Go)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 05/11/2009|20:13 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\Installr
C:\Program Files\FunWebProducts\Installr\7.bin
C:\Program Files\FunWebProducts\Installr\setups
C:\DOCUME~1\NINA\LOCALS~1\Temp\nsr9C.tmp
-----------\\ Extensions
(NINA) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
(NINA) - {ada4b710-8346-4b82-8199-5de2b400a6ae} => reminderfox
(NINA) - {AE93811A-5C9A-4d34-8462-F7B864FC4696} => stumbleupon
(NINA) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(NINA) - {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} => searchstatus
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\NINA\Mes documents\Downloads\Colbie Caillat-Breakthrough-2009\12-colbie_caillat-breakin_at_the_cracks.mp3
C:\DOCUME~1\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
1 - "C:\ToolBar SD\TB_1.txt" - 05/11/2009|20:13 - Option : [1]
-----------\\ Fin du rapport a 20:13:50,48
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Ver 1.00PARTTBL
USER : NINA ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
C:\ (Local Disk) - NTFS - Total:20 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:34 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:59 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
J:\ (Local Disk) - NTFS - Total:50 Go (Free:15 Go)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 05/11/2009|20:13 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\Installr
C:\Program Files\FunWebProducts\Installr\7.bin
C:\Program Files\FunWebProducts\Installr\setups
C:\DOCUME~1\NINA\LOCALS~1\Temp\nsr9C.tmp
-----------\\ Extensions
(NINA) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
(NINA) - {ada4b710-8346-4b82-8199-5de2b400a6ae} => reminderfox
(NINA) - {AE93811A-5C9A-4d34-8462-F7B864FC4696} => stumbleupon
(NINA) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(NINA) - {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} => searchstatus
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\NINA\Mes documents\Downloads\Colbie Caillat-Breakthrough-2009\12-colbie_caillat-breakin_at_the_cracks.mp3
C:\DOCUME~1\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
1 - "C:\ToolBar SD\TB_1.txt" - 05/11/2009|20:13 - Option : [1]
-----------\\ Fin du rapport a 20:13:50,48
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
5 nov. 2009 à 21:24
5 nov. 2009 à 21:24
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:26, on 05/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\VM_STI.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDICO38.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\Rac38.EXE
C:\Program Files\Aide mémoire\Aide mémoire.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Scan saved at 20:14:26, on 05/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\VM_STI.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDICO38.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\Rac38.EXE
C:\Program Files\Aide mémoire\Aide mémoire.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
5 nov. 2009 à 23:33
5 nov. 2009 à 23:33
quelqu'un pourrait il me donner la suite svp?
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
6 nov. 2009 à 08:58
6 nov. 2009 à 08:58
Fais l'option 2 de ToolBar S&D.
puis
Déconnectes toi et fermes toutes applications en cours !
* Relances "Ad-remover" : au menu principal choisi l'option "nettoyage" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
puis
Déconnectes toi et fermes toutes applications en cours !
* Relances "Ad-remover" : au menu principal choisi l'option "nettoyage" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
6 nov. 2009 à 14:46
6 nov. 2009 à 14:46
merci, voici les rapports
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Ver 1.00PARTTBL
USER : NINA ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
C:\ (Local Disk) - NTFS - Total:20 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:34 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:59 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
J:\ (Local Disk) - NTFS - Total:50 Go (Free:15 Go)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 06/11/2009|14:16 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\FunWebProducts\Installr
Supprime! - C:\DOCUME~1\NINA\LOCALS~1\Temp\nsr9C.tmp
Supprime! - C:\Program Files\FunWebProducts
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(NINA) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
(NINA) - {ada4b710-8346-4b82-8199-5de2b400a6ae} => reminderfox
(NINA) - {AE93811A-5C9A-4d34-8462-F7B864FC4696} => stumbleupon
(NINA) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(NINA) - {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} => searchstatus
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\NINA\Mes documents\Downloads\Colbie Caillat-Breakthrough-2009\12-colbie_caillat-breakin_at_the_cracks.mp3
C:\DOCUME~1\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
1 - "C:\ToolBar SD\TB_1.txt" - 05/11/2009|20:13 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/11/2009|14:18 - Option : [2]
-----------\\ Fin du rapport a 14:18:56,82
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Ver 1.00PARTTBL
USER : NINA ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
C:\ (Local Disk) - NTFS - Total:20 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:34 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:59 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
J:\ (Local Disk) - NTFS - Total:50 Go (Free:15 Go)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 06/11/2009|14:16 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\FunWebProducts\Installr
Supprime! - C:\DOCUME~1\NINA\LOCALS~1\Temp\nsr9C.tmp
Supprime! - C:\Program Files\FunWebProducts
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ Extensions
(NINA) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
(NINA) - {ada4b710-8346-4b82-8199-5de2b400a6ae} => reminderfox
(NINA) - {AE93811A-5C9A-4d34-8462-F7B864FC4696} => stumbleupon
(NINA) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(NINA) - {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} => searchstatus
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\NINA\Mes documents\Downloads\Colbie Caillat-Breakthrough-2009\12-colbie_caillat-breakin_at_the_cracks.mp3
C:\DOCUME~1\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
1 - "C:\ToolBar SD\TB_1.txt" - 05/11/2009|20:13 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/11/2009|14:18 - Option : [2]
-----------\\ Fin du rapport a 14:18:56,82
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
6 nov. 2009 à 14:47
6 nov. 2009 à 14:47
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:19:13, 06/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: KAMI | Utilisateur actuel: NINA
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{66886C4D-B307-4ECA-A228-52CA9B9851A4}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
.
C:\DOCUME~1\NINA\APPLIC~1\DesktopIcon
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\askcom.xml
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\mywebsearch.xml
C:\DOCUME~1\NINA\LOCALS~1\Temp\AskSearch
C:\DOCUME~1\NINA\MENUDM~1\Ebay.lnk
C:\DOCUME~1\NINA\Bureau\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.4 [fr] *
.
Nom du profil: t3i2mr5p.default (NINA)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask.com");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask.com");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.4");
.
(prefs.js) EFFACÉ: user_pref("browser.search.defaultengine", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.defaultenginename", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.order.1", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.selectedEngine", "Ask.com");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 2ab909813531ca01
Start Page Redirect Cache AcceptLangs: fr
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\NINA\Application Data\uTorrent\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar.torrent
C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
.
===================================
.
4222 Octet(s) - C:\Ad-Report-CLEAN[1].log
1603 Octet(s) - C:\Ad-Report-SCAN[1].log
5383 Octet(s) - C:\Ad-Report-SCAN[2].log
.
38 Fichier(s) - C:\DOCUME~1\NINA\LOCALS~1\Temp
0 Fichier(s) - C:\WINDOWS\Temp
.
21 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
8 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:28:53 | 06/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:19:13, 06/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: KAMI | Utilisateur actuel: NINA
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{66886C4D-B307-4ECA-A228-52CA9B9851A4}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
.
C:\DOCUME~1\NINA\APPLIC~1\DesktopIcon
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\askcom.xml
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\mywebsearch.xml
C:\DOCUME~1\NINA\LOCALS~1\Temp\AskSearch
C:\DOCUME~1\NINA\MENUDM~1\Ebay.lnk
C:\DOCUME~1\NINA\Bureau\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.4 [fr] *
.
Nom du profil: t3i2mr5p.default (NINA)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask.com");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask.com");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.4");
.
(prefs.js) EFFACÉ: user_pref("browser.search.defaultengine", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.defaultenginename", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.order.1", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.selectedEngine", "Ask.com");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 2ab909813531ca01
Start Page Redirect Cache AcceptLangs: fr
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\NINA\Application Data\uTorrent\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar.torrent
C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
.
===================================
.
4222 Octet(s) - C:\Ad-Report-CLEAN[1].log
1603 Octet(s) - C:\Ad-Report-SCAN[1].log
5383 Octet(s) - C:\Ad-Report-SCAN[2].log
.
38 Fichier(s) - C:\DOCUME~1\NINA\LOCALS~1\Temp
0 Fichier(s) - C:\WINDOWS\Temp
.
21 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
8 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:28:53 | 06/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
6 nov. 2009 à 14:48
6 nov. 2009 à 14:48
Ad-remover ?
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
6 nov. 2009 à 14:48
6 nov. 2009 à 14:48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:44, on 06/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDICO38.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Aide mémoire\Aide mémoire.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\Rac38.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\NINA\Bureau\u96.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\explorer.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
Scan saved at 14:29:44, on 06/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDICO38.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Aide mémoire\Aide mémoire.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\Rac38.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\NINA\Bureau\u96.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\explorer.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
6 nov. 2009 à 16:06
6 nov. 2009 à 16:06
télécharge Malwarebyte's ici http://www.malwarebytes.org/mbam/program/mbam-setup.exe
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des éléments on été trouvés > click sur supprimer la sélection.
si il t´es demandé de redémarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
++++++++++++++++++++
puis
+++++++++++++++
Télécharge Superantispyware (SAS)
https://www.superantispyware.com/superantispywarefreevspro.html
une fois l'installation et la mise a jour effectuée
clic sur « scanner votre ordinateur »
coche scan complète
et suivant
Le rapport :
"Preferences" "Statistics/journaux de bord".
double-clique sur le dernier SUPERAntiSpyware Scan Log.
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des éléments on été trouvés > click sur supprimer la sélection.
si il t´es demandé de redémarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
++++++++++++++++++++
puis
+++++++++++++++
Télécharge Superantispyware (SAS)
https://www.superantispyware.com/superantispywarefreevspro.html
une fois l'installation et la mise a jour effectuée
clic sur « scanner votre ordinateur »
coche scan complète
et suivant
Le rapport :
"Preferences" "Statistics/journaux de bord".
double-clique sur le dernier SUPERAntiSpyware Scan Log.
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
7 nov. 2009 à 03:11
7 nov. 2009 à 03:11
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3113
Windows 5.1.2600 Service Pack 2
07/11/2009 03:10:48
mbam-log-2009-11-07 (03-10-48).txt
Type de recherche: Examen rapide
Eléments examinés: 106439
Temps écoulé: 10 minute(s), 33 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 14
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\IMMonitor (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer (PUP.KeyLogger) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Config.ini (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Infomation.txt (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\License.txt (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\unins000.dat (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\unins000.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Visit Home Page.url (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\WinPcap.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\YahooMonitor.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\YahooMonitor.exe.BAK (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Uninstall.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Visit Our Web Site.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Yahoo Messenger Monitor Sniffer.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\NINA\Bureau\Yahoo Messenger Monitor Sniffer.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
Version de la base de données: 3113
Windows 5.1.2600 Service Pack 2
07/11/2009 03:10:48
mbam-log-2009-11-07 (03-10-48).txt
Type de recherche: Examen rapide
Eléments examinés: 106439
Temps écoulé: 10 minute(s), 33 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 14
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\IMMonitor (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer (PUP.KeyLogger) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Config.ini (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Infomation.txt (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\License.txt (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\unins000.dat (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\unins000.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Visit Home Page.url (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\WinPcap.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\YahooMonitor.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\YahooMonitor.exe.BAK (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Uninstall.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Visit Our Web Site.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Yahoo Messenger Monitor Sniffer.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\NINA\Bureau\Yahoo Messenger Monitor Sniffer.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
7 nov. 2009 à 03:43
7 nov. 2009 à 03:43
superantispyware prend beaucoup de temps pour finir, je le poste dès que c'est fini
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
7 nov. 2009 à 07:45
7 nov. 2009 à 07:45
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/
Generated 11/07/2009 at 03:57 AM
Application Version : 4.29.1004
Core Rules Database Version : 4242
Trace Rules Database Version: 2138
Scan type : Complete Scan
Total Scan Time : 00:38:02
Memory items scanned : 503
Memory threats detected : 0
Registry items scanned : 5983
Registry threats detected : 0
File items scanned : 21824
File threats detected : 123
Adware.Tracking Cookie
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[4].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[5].txt
C:\Documents and Settings\NINA\Cookies\nina@kaspersky.122.2o7[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[9].txt
C:\Documents and Settings\NINA\Cookies\nina@bluestreak[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[4].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[9].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[1].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[4].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[3].txt
C:\Documents and Settings\NINA\Cookies\nina@pointroll[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[5].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.bridgetrack[3].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.zanox[1].txt
C:\Documents and Settings\NINA\Cookies\nina@a1.interclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@a1.interclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@cdn4.specificclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@t.bbtrack[1].txt
C:\Documents and Settings\NINA\Cookies\nina@specificclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@casalemedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@track.effiliation[1].txt
C:\Documents and Settings\NINA\Cookies\nina@insightexpressai[2].txt
C:\Documents and Settings\NINA\Cookies\nina@specificclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@samsung.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@adv.surinter[2].txt
C:\Documents and Settings\NINA\Cookies\nina@pointroll[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.bridgetrack[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[7].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[5].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[6].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[1].txt
C:\Documents and Settings\NINA\Cookies\nina@aimfar.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@lucidmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[2].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[3].txt
C:\Documents and Settings\NINA\Cookies\nina@advertstream[2].txt
C:\Documents and Settings\NINA\Cookies\nina@tracking.publicidees[1].txt
C:\Documents and Settings\NINA\Cookies\nina@tribalfusion[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[1].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[2].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[2].txt
C:\Documents and Settings\NINA\Cookies\nina@msnportal.112.2o7[1].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[2].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[3].txt
C:\Documents and Settings\NINA\Cookies\nina@tradedoubler[2].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[1].txt
C:\Documents and Settings\NINA\Cookies\nina@greysoundtracks.free[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.doctissimo[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[3].txt
C:\Documents and Settings\NINA\Cookies\nina@advertising[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[4].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[8].txt
C:\Documents and Settings\NINA\Cookies\nina@adviva[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[5].txt
C:\Documents and Settings\NINA\Cookies\nina@interclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[6].txt
C:\Documents and Settings\NINA\Cookies\nina@tradedoubler[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bouyguestelecom.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@collective-media[2].txt
C:\Documents and Settings\NINA\Cookies\nina@www.googleadservices[1].txt
C:\Documents and Settings\NINA\Cookies\nina@collective-media[1].txt
C:\Documents and Settings\NINA\Cookies\nina@advertising[3].txt
C:\Documents and Settings\NINA\Cookies\nina@click-fr[1].txt
C:\Documents and Settings\NINA\Cookies\nina@overture[1].txt
C:\Documents and Settings\NINA\Cookies\nina@media6degrees[1].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[4].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[3].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bluestreak[2].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.proxad[2].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[1].txt
C:\Documents and Settings\NINA\Cookies\nina@chitika[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[3].txt
C:\Documents and Settings\NINA\Cookies\nina@revsci[1].txt
C:\Documents and Settings\NINA\Cookies\nina@realmedia[3].txt
C:\Documents and Settings\NINA\Cookies\nina@fl01.ct2.comclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@247realmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@adbrite[3].txt
C:\Documents and Settings\NINA\Cookies\nina@adbrite[2].txt
C:\Documents and Settings\NINA\Cookies\nina@weborama[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[2].txt
C:\Documents and Settings\NINA\Cookies\nina@247realmedia[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.networldmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@adserver.adtechus[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[2].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@insightexpressai[1].txt
C:\Documents and Settings\NINA\Cookies\nina@interclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@kaspersky.122.2o7[1].txt
C:\Documents and Settings\NINA\Cookies\nina@media6degrees[2].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[2].txt
C:\Documents and Settings\NINA\Cookies\nina@oasn04.247realmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@networldmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@realmedia[2].txt
C:\Documents and Settings\NINA\Cookies\nina@questionmarket[2].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[1].txt
C:\Documents and Settings\NINA\Cookies\nina@specificmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[2].txt
C:\Documents and Settings\NINA\Cookies\nina@trafficmp[2].txt
C:\Documents and Settings\NINA\Cookies\nina@tribalfusion[1].txt
C:\Documents and Settings\NINA\Cookies\nina@xiti[1].txt
C:\Documents and Settings\NINA\Cookies\nina@xiti[2].txt
C:\Documents and Settings\NINA\Cookies\nina@zedo[1].txt
C:\Documents and Settings\NINA\Cookies\nina@zedo[3].txt
Adware.MyWebSearch-Installer
C:\DOCUMENTS AND SETTINGS\NINA\MES DOCUMENTS\DOWNLOADS\PROGRAMS\MYWEBFACESETUP2.3.50.56.GRMAN000.EXE
Adware.Vundo/Variant-MSFake
C:\DOCUMENTS AND SETTINGS\NINA\APPLICATION DATA\MICROSOFT\LIVE SEARCH\SUPPRESSION-LIVE-SEARCH.EXE
H:\SOFTWARES\EMOTICONES3D.EXE
J:\DISKFORMATTE\MES DOCUMENTS\DOWNLOADS\PROGRAMS\EMOTICONES3D.EXE
https://www.superantispyware.com/
Generated 11/07/2009 at 03:57 AM
Application Version : 4.29.1004
Core Rules Database Version : 4242
Trace Rules Database Version: 2138
Scan type : Complete Scan
Total Scan Time : 00:38:02
Memory items scanned : 503
Memory threats detected : 0
Registry items scanned : 5983
Registry threats detected : 0
File items scanned : 21824
File threats detected : 123
Adware.Tracking Cookie
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[4].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[5].txt
C:\Documents and Settings\NINA\Cookies\nina@kaspersky.122.2o7[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[9].txt
C:\Documents and Settings\NINA\Cookies\nina@bluestreak[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[4].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[9].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[1].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[4].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[3].txt
C:\Documents and Settings\NINA\Cookies\nina@pointroll[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[5].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.bridgetrack[3].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.zanox[1].txt
C:\Documents and Settings\NINA\Cookies\nina@a1.interclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@a1.interclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@cdn4.specificclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@t.bbtrack[1].txt
C:\Documents and Settings\NINA\Cookies\nina@specificclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@casalemedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@track.effiliation[1].txt
C:\Documents and Settings\NINA\Cookies\nina@insightexpressai[2].txt
C:\Documents and Settings\NINA\Cookies\nina@specificclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@samsung.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@adv.surinter[2].txt
C:\Documents and Settings\NINA\Cookies\nina@pointroll[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.bridgetrack[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[7].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[5].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[6].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[1].txt
C:\Documents and Settings\NINA\Cookies\nina@aimfar.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@lucidmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[2].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[3].txt
C:\Documents and Settings\NINA\Cookies\nina@advertstream[2].txt
C:\Documents and Settings\NINA\Cookies\nina@tracking.publicidees[1].txt
C:\Documents and Settings\NINA\Cookies\nina@tribalfusion[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[1].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[2].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[2].txt
C:\Documents and Settings\NINA\Cookies\nina@msnportal.112.2o7[1].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[2].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[3].txt
C:\Documents and Settings\NINA\Cookies\nina@tradedoubler[2].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[1].txt
C:\Documents and Settings\NINA\Cookies\nina@greysoundtracks.free[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.doctissimo[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[3].txt
C:\Documents and Settings\NINA\Cookies\nina@advertising[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[4].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[8].txt
C:\Documents and Settings\NINA\Cookies\nina@adviva[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[5].txt
C:\Documents and Settings\NINA\Cookies\nina@interclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[6].txt
C:\Documents and Settings\NINA\Cookies\nina@tradedoubler[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bouyguestelecom.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@collective-media[2].txt
C:\Documents and Settings\NINA\Cookies\nina@www.googleadservices[1].txt
C:\Documents and Settings\NINA\Cookies\nina@collective-media[1].txt
C:\Documents and Settings\NINA\Cookies\nina@advertising[3].txt
C:\Documents and Settings\NINA\Cookies\nina@click-fr[1].txt
C:\Documents and Settings\NINA\Cookies\nina@overture[1].txt
C:\Documents and Settings\NINA\Cookies\nina@media6degrees[1].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[4].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[3].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bluestreak[2].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.proxad[2].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[1].txt
C:\Documents and Settings\NINA\Cookies\nina@chitika[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[3].txt
C:\Documents and Settings\NINA\Cookies\nina@revsci[1].txt
C:\Documents and Settings\NINA\Cookies\nina@realmedia[3].txt
C:\Documents and Settings\NINA\Cookies\nina@fl01.ct2.comclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@247realmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@adbrite[3].txt
C:\Documents and Settings\NINA\Cookies\nina@adbrite[2].txt
C:\Documents and Settings\NINA\Cookies\nina@weborama[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[2].txt
C:\Documents and Settings\NINA\Cookies\nina@247realmedia[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.networldmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@adserver.adtechus[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[2].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@insightexpressai[1].txt
C:\Documents and Settings\NINA\Cookies\nina@interclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@kaspersky.122.2o7[1].txt
C:\Documents and Settings\NINA\Cookies\nina@media6degrees[2].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[2].txt
C:\Documents and Settings\NINA\Cookies\nina@oasn04.247realmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@networldmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@realmedia[2].txt
C:\Documents and Settings\NINA\Cookies\nina@questionmarket[2].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[1].txt
C:\Documents and Settings\NINA\Cookies\nina@specificmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[2].txt
C:\Documents and Settings\NINA\Cookies\nina@trafficmp[2].txt
C:\Documents and Settings\NINA\Cookies\nina@tribalfusion[1].txt
C:\Documents and Settings\NINA\Cookies\nina@xiti[1].txt
C:\Documents and Settings\NINA\Cookies\nina@xiti[2].txt
C:\Documents and Settings\NINA\Cookies\nina@zedo[1].txt
C:\Documents and Settings\NINA\Cookies\nina@zedo[3].txt
Adware.MyWebSearch-Installer
C:\DOCUMENTS AND SETTINGS\NINA\MES DOCUMENTS\DOWNLOADS\PROGRAMS\MYWEBFACESETUP2.3.50.56.GRMAN000.EXE
Adware.Vundo/Variant-MSFake
C:\DOCUMENTS AND SETTINGS\NINA\APPLICATION DATA\MICROSOFT\LIVE SEARCH\SUPPRESSION-LIVE-SEARCH.EXE
H:\SOFTWARES\EMOTICONES3D.EXE
J:\DISKFORMATTE\MES DOCUMENTS\DOWNLOADS\PROGRAMS\EMOTICONES3D.EXE
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
7 nov. 2009 à 07:48
7 nov. 2009 à 07:48
comment ce comporte ton pc ?
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
7 nov. 2009 à 09:42
7 nov. 2009 à 09:42
ça va nettement mieux! suis je guéris?lol
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
8 nov. 2009 à 07:57
8 nov. 2009 à 07:57
télécharge GenProc http://www.genproc.com/GenProc.exe
double-clique sur GenProc.exe et poste le contenu du rapport
double-clique sur GenProc.exe et poste le contenu du rapport
zanu
Messages postés
1175
Date d'inscription
samedi 16 août 2008
Statut
Membre
Dernière intervention
14 janvier 2020
38
15 nov. 2009 à 20:24
15 nov. 2009 à 20:24
j'ai fais ce test genproc, mais je sais pas ou est situé le rapport crée, si tu peux m'indiquer stp; merci