Sujet Précédent Sujet Suivant

Machine qui plante...

Fermé
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 - 5 nov. 2009 à 00:02
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 - 16 nov. 2009 à 06:44
Bonjour,
ça fait quelques jours que je surfe avec l'antivirus kaspersky (a jour) désactivé.
et aujourdhui, j'ai des comportements bizarres dans la machine
je vous met mon log rsit, pour que vous puissiez y voir clair.
merci

Logfile of random's system information tool 1.06 (written by random/random)
Run by NINA at 2009-11-04 23:55:14
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 1 GB (7%) free of 21 GB
Total RAM: 1014 MB (28% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{3026F836-7483-4F3D-8978-ABDC7300A697}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-10-28 153008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-08-11 1443112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-07 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{66886C4D-B307-4ECA-A228-52CA9B9851A4}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-16 761945]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-13 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-13 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-13 138008]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-09-16 185872]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe [2006-11-08 155751]
""= []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-07 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2008-04-17 932864]
"ares"=C:\Program Files\Ares\Ares.exe [2009-02-03 1004544]
"MediaDICO38"=C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe [2006-05-08 252416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Hyperappel du Petit Larousse 2009.lnk - C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe

C:\Documents and Settings\NINA\Menu Démarrer\Programmes\Démarrage
Aide mémoire.lnk - C:\Program Files\Aide mémoire\TrayIcon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2006-11-01 94314]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=128
"NoDriveTypeAutoRun"=128
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\AnalogX\Proxy\proxy.exe"="C:\Program Files\AnalogX\Proxy\proxy.exe:*:Enabled:AnalogX Proxy"
"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\Program Files\Anonymity Gateway\Anonymity Gateway.exe"="C:\Program Files\Anonymity Gateway\Anonymity Gateway.exe:*:Enabled:Anonymity Gateway"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jdk1.6.0_18\bin\java.exe"="C:\Program Files\Java\jdk1.6.0_18\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Documents and Settings\NINA\Bureau\u96.exe"="C:\Documents and Settings\NINA\Bureau\u96.exe:*:Enabled:u96"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6cd8b969-c152-11de-b1f0-001d72065fd5}]
shell\AutoRun\command - K:\p.exe
shell\open\command - K:\p.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90aed808-bcfd-11de-b1e9-001d72065fd5}]
shell\AutoRun\command - K:\ls0f92.bat
shell\open\command - K:\ls0f92.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aecebae6-9561-11de-8977-001e4c0a95b0}]
shell\AutoRun\command - RECYCLER\k-1-3542-4232123213-7676767-8888886\MsGv.exe
shell\open\command - RECYCLER\k-1-3542-4232123213-7676767-8888886\MsGv.exe


======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 months======

2009-11-04 23:55:14 ----D---- C:\rsit
2009-11-04 23:55:14 ----D---- C:\Program Files\trend micro
2009-11-03 18:05:33 ----A---- C:\WINDOWS\RACHook38.dll
2009-11-03 18:05:33 ----A---- C:\WINDOWS\MediaR38.ini
2009-11-03 18:05:33 ----A---- C:\WINDOWS\MediaR38.dll
2009-11-03 18:05:33 ----A---- C:\WINDOWS\MediaDico38Dll.dll
2009-11-03 10:55:53 ----D---- C:\WINDOWS\system32\yag
2009-10-28 16:12:03 ----A---- C:\Index.txt
2009-10-26 00:22:12 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-24 22:44:41 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2009-10-24 22:44:24 ----A---- C:\WINDOWS\temp.bat
2009-10-24 22:44:15 ----A---- C:\WINDOWS\softokn3.dll
2009-10-24 22:44:15 ----A---- C:\WINDOWS\plds4.dll
2009-10-24 22:44:15 ----A---- C:\WINDOWS\plc4.dll
2009-10-24 22:44:15 ----A---- C:\WINDOWS\nss3.dll
2009-10-24 22:44:15 ----A---- C:\WINDOWS\nspr4.dll
2009-10-24 22:44:15 ----A---- C:\WINDOWS\FirePassword.exe
2009-10-24 22:44:06 ----D---- C:\Program Files\IMMonitor
2009-10-24 15:04:13 ----D---- C:\Documents and Settings\NINA\Application Data\BitTorrent
2009-10-24 15:04:06 ----D---- C:\Program Files\BitTorrent
2009-10-24 15:03:55 ----D---- C:\Program Files\Ask.com
2009-10-23 18:53:17 ----D---- C:\Program Files\uTorrent
2009-10-23 17:22:12 ----D---- C:\Program Files\Nmap
2009-10-23 16:43:50 ----D---- C:\Program Files\Ares
2009-10-23 15:45:45 ----A---- C:\TCleaner.txt
2009-10-23 12:48:40 ----RASHD---- C:\autorun.inf
2009-10-23 12:28:27 ----HD---- C:\WINDOWS\PIF
2009-10-23 00:13:13 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-10-19 11:00:57 ----D---- C:\Program Files\WinDirStat
2009-10-19 03:00:42 ----D---- C:\Program Files\Aide mémoire
2009-10-17 16:59:46 ----D---- C:\Documents and Settings\NINA\Application Data\MySQL
2009-10-17 16:54:59 ----D---- C:\mysql
2009-10-17 16:54:09 ----D---- C:\Program Files\MySQL
2009-10-13 18:45:35 ----D---- C:\Program Files\Micro Application
2009-10-13 18:45:18 ----A---- C:\WINDOWS\NAVIGMA.INI
2009-10-13 09:14:31 ----A---- C:\WINDOWS\ModemLog_Modem standard.txt
2009-10-13 09:00:03 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem.txt
2009-10-13 08:55:17 ----D---- C:\Program Files\Avanquest update
2009-10-13 08:53:55 ----D---- C:\Program Files\Motorola Phone Tools
2009-10-13 08:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\BVRP Software
2009-10-12 17:12:41 ----D---- C:\Documents and Settings\NINA\Application Data\COWON
2009-10-12 17:10:28 ----D---- C:\Program Files\Fichiers communs\COWON
2009-10-12 17:10:25 ----D---- C:\Program Files\JetAudio
2009-10-09 02:52:30 ----D---- C:\Program Files\Cracks.amIEplugin Removal Tool
2009-10-09 01:17:11 ----D---- C:\Program Files\Larousse
2009-10-09 01:09:07 ----D---- C:\Program Files\MSXML 4.0
2009-10-08 08:12:18 ----D---- C:\Program Files\glassfish-v3-prelude
2009-10-08 08:09:25 ----D---- C:\Program Files\glassfish-v2ur2
2009-10-08 08:01:09 ----D---- C:\Program Files\NetBeans 6.5
2009-10-07 07:48:14 ----D---- C:\Program Files\Messenger Plus! Live
2009-10-07 01:40:13 ----D---- C:\Program Files\Sun
2009-10-07 01:05:16 ----D---- C:\Sun
2009-10-07 01:05:07 ----A---- C:\WINDOWS\system32\javaws.exe
2009-10-07 01:05:07 ----A---- C:\WINDOWS\system32\javaw.exe
2009-10-07 01:05:07 ----A---- C:\WINDOWS\system32\java.exe
2009-10-07 01:05:07 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-10-06 22:45:01 ----D---- C:\Documents and Settings\NINA\Application Data\gtk-2.0
2009-10-05 17:40:18 ----D---- C:\Program Files\Your Freedom
2009-10-05 06:26:01 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 months======

2009-11-04 23:55:22 ----D---- C:\WINDOWS\Prefetch
2009-11-04 23:55:14 ----RD---- C:\Program Files
2009-11-04 23:22:37 ----D---- C:\WINDOWS\Temp
2009-11-04 23:20:06 ----D---- C:\WINDOWS\system32
2009-11-04 23:20:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-04 23:19:37 ----A---- C:\WINDOWS\ModemLog_Nokia E65 USB Modem.txt
2009-11-04 23:18:56 ----D---- C:\Program Files\Mozilla Firefox
2009-11-04 23:15:55 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-04 23:15:42 ----D---- C:\Documents and Settings\NINA\Application Data\DMCache
2009-11-04 19:31:43 ----A---- C:\WINDOWS\win.ini
2009-11-04 19:31:43 ----A---- C:\WINDOWS\DHO.INI
2009-11-04 11:26:35 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2009-11-04 10:27:59 ----D---- C:\Documents and Settings\NINA\Application Data\Skype
2009-11-04 08:22:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-04 08:08:29 ----D---- C:\Documents and Settings\NINA\Application Data\skypePM
2009-11-04 01:23:51 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps.txt
2009-11-03 18:05:33 ----D---- C:\WINDOWS
2009-11-03 18:05:23 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-02 12:32:24 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-02 04:14:36 ----D---- C:\Documents and Settings\NINA\Application Data\uTorrent
2009-11-02 04:13:56 ----D---- C:\Documents and Settings\NINA\Application Data\dvdcss
2009-10-28 16:13:25 ----SHD---- C:\WINDOWS\Installer
2009-10-26 04:05:05 ----HD---- C:\WINDOWS\inf
2009-10-26 00:30:46 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-26 00:22:12 ----D---- C:\WINDOWS\Debug
2009-10-26 00:13:04 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-24 15:31:23 ----D---- C:\Documents and Settings\NINA\Application Data\Wireshark
2009-10-24 15:04:02 ----SD---- C:\WINDOWS\Tasks
2009-10-23 17:22:22 ----D---- C:\WINDOWS\WinSxS
2009-10-23 16:03:26 ----SHD---- C:\System Volume Information
2009-10-23 16:03:26 ----D---- C:\WINDOWS\system32\Restore
2009-10-23 15:44:39 ----D---- C:\UsbFix
2009-10-23 12:47:48 ----SHD---- C:\RECYCLER
2009-10-23 12:45:17 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-22 17:23:42 ----SD---- C:\Documents and Settings\NINA\Application Data\Microsoft
2009-10-18 18:28:28 ----RSD---- C:\WINDOWS\Fonts
2009-10-17 12:51:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-17 12:51:53 ----D---- C:\WINDOWS\system32\drivers
2009-10-17 00:32:08 ----D---- C:\Temp
2009-10-12 17:10:28 ----D---- C:\Program Files\Fichiers communs
2009-10-12 17:10:01 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-10-11 23:57:09 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-10-11 23:57:06 ----RSD---- C:\WINDOWS\assembly
2009-10-08 08:45:58 ----D---- C:\Documents and Settings\NINA\Application Data\Nokia
2009-10-07 01:38:40 ----D---- C:\Program Files\Java
2009-10-05 07:54:25 ----D---- C:\Program Files\AnalogX
2009-10-05 07:23:58 ----D---- C:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-03-09 1163616]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2007-06-14 17408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
R3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
R3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
R3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-09-28 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-03 67584]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
R3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
S3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-16 191936]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-07-22 28592]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\NINA\LOCALS~1\Temp\mc21.tmp []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 4.1\my.ini MySQL []
R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe [2006-11-08 155751]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-08-30 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-08-30 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-21 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-08-30 741376]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-20 306432]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-08-30 122880]

-----------------EOF-----------------
A voir également:

21 réponses

  • 1
  • 2
Réponse 1 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
5 nov. 2009 à 02:07
PERSONNE POUR UN AVIS???
0
Réponse 2 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
5 nov. 2009 à 09:34
j'espère bien que quelqu'un pourra m'aider, merci encore
0
Réponse 3 / 21
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 350
5 nov. 2009 à 10:21
salut
BitTorrent
Ask.com
uTorrent
Ares

tu cumul ce qu'il faut pour te faire veroler
************************************************************************
AD-Remover
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton bureau
● Au menu principal choisi l'option "SCAN"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
*************************************************************************

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

*****************************************************************************

télécharge hijackthis http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
>> enregistre la cible sous .... "le bureau" renomme HJTInstall.exe en par exemple HJT.exe

>> Fais un double-clic sur "HJT.exe" afin de lancer l'installation

>> Clique sur Install ensuite sur "I Accept"

>> Clique sur" Do a scan system and save log file"

>> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm


0
Réponse 4 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
5 nov. 2009 à 21:17
VOICI LES TROIS RAPPORTS, message après message
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:28:33, 05/11/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: KAMI | Utilisateur actuel: NINA
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKLM\Software\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKLM\Software\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKLM\Software\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
HKU\S-1-5-21-1060284298-796845957-725345543-1003\Software\Microsoft\Internet Explorer\Searchscopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\software\microsoft\internet explorer\searchscopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{66886C4D-B307-4ECA-A228-52CA9B9851A4}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
.
C:\DOCUME~1\NINA\APPLIC~1\DesktopIcon
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\askcom.xml
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\mywebsearch.xml
C:\Program Files\FunWebProducts
C:\DOCUME~1\NINA\LOCALS~1\Temp\AskSearch
C:\DOCUME~1\NINA\MENUDM~1\Ebay.lnk
C:\DOCUME~1\NINA\Bureau\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.4 [fr] *
.
Nom du profil: t3i2mr5p.default (NINA)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask.com");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask.com");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.4");
.
(prefs.js) TROUVÉ: user_pref("browser.search.defaultengine", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.defaultenginename", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.order.1", "Ask.com");
(prefs.js) TROUVÉ: user_pref("browser.search.selectedEngine", "Ask.com");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://www.google.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 2ab909813531ca01
Start Page Redirect Cache AcceptLangs: fr
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://fr.msn.com/
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\NINA\Application Data\uTorrent\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar.torrent
C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
.
===================================
.
1603 Octet(s) - C:\Ad-Report-SCAN[1].log
5057 Octet(s) - C:\Ad-Report-SCAN[2].log
.
726 Fichier(s) - C:\DOCUME~1\NINA\LOCALS~1\Temp
50 Fichier(s) - C:\WINDOWS\Temp
.
2 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 19:38:50 | 05/11/2009 - SCAN[2]
.
============== E.O.F ==============
.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
5 nov. 2009 à 21:21
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Ver 1.00PARTTBL
USER : NINA ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
C:\ (Local Disk) - NTFS - Total:20 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:34 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:59 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
J:\ (Local Disk) - NTFS - Total:50 Go (Free:15 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 05/11/2009|20:13 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\Installr
C:\Program Files\FunWebProducts\Installr\7.bin
C:\Program Files\FunWebProducts\Installr\setups
C:\DOCUME~1\NINA\LOCALS~1\Temp\nsr9C.tmp

-----------\\ Extensions

(NINA) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
(NINA) - {ada4b710-8346-4b82-8199-5de2b400a6ae} => reminderfox
(NINA) - {AE93811A-5C9A-4d34-8462-F7B864FC4696} => stumbleupon
(NINA) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(NINA) - {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} => searchstatus


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\NINA\Mes documents\Downloads\Colbie Caillat-Breakthrough-2009\12-colbie_caillat-breakin_at_the_cracks.mp3
C:\DOCUME~1\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe



1 - "C:\ToolBar SD\TB_1.txt" - 05/11/2009|20:13 - Option : [1]

-----------\\ Fin du rapport a 20:13:50,48
0
Réponse 6 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
5 nov. 2009 à 21:24
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:14:26, on 05/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\VM_STI.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDICO38.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\Rac38.EXE
C:\Program Files\Aide mémoire\Aide mémoire.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ping.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 7 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
5 nov. 2009 à 23:33
quelqu'un pourrait il me donner la suite svp?
0
Réponse 8 / 21
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 350
6 nov. 2009 à 08:58
Fais l'option 2 de ToolBar S&D.
puis
Déconnectes toi et fermes toutes applications en cours !

* Relances "Ad-remover" : au menu principal choisi l'option "nettoyage" .


--> le programme va travailler ...

* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

( le rapport est sauvegardé aussi sous C:\Ad-report.log )

/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
0
Réponse 9 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
6 nov. 2009 à 14:46
merci, voici les rapports



-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium II )
BIOS : Ver 1.00PARTTBL
USER : NINA ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 6.0.1.411 (Not Activated)
C:\ (Local Disk) - NTFS - Total:20 Go (Free:1 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:5 Go)
E:\ (Local Disk) - FAT32 - Total:34 Go (Free:3 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (Local Disk) - FAT32 - Total:59 Go (Free:7 Go)
I:\ (Local Disk) - NTFS - Total:39 Go (Free:4 Go)
J:\ (Local Disk) - NTFS - Total:50 Go (Free:15 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 06/11/2009|14:16 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\FunWebProducts\Installr
Supprime! - C:\DOCUME~1\NINA\LOCALS~1\Temp\nsr9C.tmp
Supprime! - C:\Program Files\FunWebProducts

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(NINA) - {5B52016C-D097-4aec-BE61-9F129D8FDDBA} => wj
(NINA) - {ada4b710-8346-4b82-8199-5de2b400a6ae} => reminderfox
(NINA) - {AE93811A-5C9A-4d34-8462-F7B864FC4696} => stumbleupon
(NINA) - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} => adblockplus
(NINA) - {d57c9ff1-6389-48fc-b770-f78bd89b6e8a} => searchstatus


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.com/?gws_rd=ssl"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\NINA\Mes documents\Downloads\Colbie Caillat-Breakthrough-2009\12-colbie_caillat-breakin_at_the_cracks.mp3
C:\DOCUME~1\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack
C:\DOCUME~1\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe



1 - "C:\ToolBar SD\TB_1.txt" - 05/11/2009|20:13 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 06/11/2009|14:18 - Option : [2]

-----------\\ Fin du rapport a 14:18:56,82
0
Réponse 10 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
6 nov. 2009 à 14:47
.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Z | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.10.2009 à 11:48
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:19:13, 06/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: KAMI | Utilisateur actuel: NINA
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{66886C4D-B307-4ECA-A228-52CA9B9851A4}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
.
C:\DOCUME~1\NINA\APPLIC~1\DesktopIcon
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\askcom.xml
C:\DOCUME~1\NINA\APPLIC~1\Mozilla\Firefox\Profiles\t3i2mr5p.default\searchplugins\mywebsearch.xml
C:\DOCUME~1\NINA\LOCALS~1\Temp\AskSearch
C:\DOCUME~1\NINA\MENUDM~1\Ebay.lnk
C:\DOCUME~1\NINA\Bureau\Ebay.lnk
C:\Program Files\Windows Live\Messenger\Riched20.dll

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.4 [fr] *
.
Nom du profil: t3i2mr5p.default (NINA)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Ask.com");
(Prefs.js) user_pref("browser.search.selectedEngine", "Ask.com");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.4");
.
(prefs.js) EFFACÉ: user_pref("browser.search.defaultengine", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.defaultenginename", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.order.1", "Ask.com");
(prefs.js) EFFACÉ: user_pref("browser.search.selectedEngine", "Ask.com");
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 2ab909813531ca01
Start Page Redirect Cache AcceptLangs: fr
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Documents and Settings\NINA\Application Data\uTorrent\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar.torrent
C:\Documents and Settings\NINA\Mes documents\Downloads\Programs\Cracks.amIEplugin-Removal-Tool.exe
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\Yahoo.Messenger.Monitor.Sniffer.3.2.WinALL.Cracked-NoPE.rar
C:\Documents and Settings\NINA\Mes documents\Downloads\ym\crack\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe
.
===================================
.
4222 Octet(s) - C:\Ad-Report-CLEAN[1].log
1603 Octet(s) - C:\Ad-Report-SCAN[1].log
5383 Octet(s) - C:\Ad-Report-SCAN[2].log
.
38 Fichier(s) - C:\DOCUME~1\NINA\LOCALS~1\Temp
0 Fichier(s) - C:\WINDOWS\Temp
.
21 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
8 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:28:53 | 06/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 11 / 21
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 350
6 nov. 2009 à 14:48
Ad-remover ?
0
Réponse 12 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
6 nov. 2009 à 14:48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:44, on 06/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\Aide mémoire\TrayIcon.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\MediaDICO38.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Aide mémoire\Aide mémoire.exe
C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\Rac38.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\DOCUME~1\NINA\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\NINA\Bureau\u96.exe
C:\WINDOWS\System32\wudfhost.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\explorer.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MediaDICO38] C:\Program Files\Micro Application\38 Dictionnaires et Recueils de Correspondance\LanceMediaDICO38.exe Lancement
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Aide mémoire.lnk = ?
O4 - Global Startup: Hyperappel du Petit Larousse 2009.lnk = C:\Program Files\Larousse\Petit Larousse 2009\bin\Hyperappel.exe
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Antivirus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
0
Réponse 13 / 21
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 350
6 nov. 2009 à 16:06
télécharge Malwarebyte's ici http://www.malwarebytes.org/mbam/program/mbam-setup.exe
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des éléments on été trouvés > click sur supprimer la sélection.

si il t´es demandé de redémarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum.

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
++++++++++++++++++++

puis
+++++++++++++++
Télécharge Superantispyware (SAS)
https://www.superantispyware.com/superantispywarefreevspro.html

une fois l'installation et la mise a jour effectuée

clic sur « scanner votre ordinateur »
coche scan complète
et suivant

Le rapport :
"Preferences" "Statistics/journaux de bord".
double-clique sur le dernier SUPERAntiSpyware Scan Log.
0
Réponse 14 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
7 nov. 2009 à 03:11
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3113
Windows 5.1.2600 Service Pack 2

07/11/2009 03:10:48
mbam-log-2009-11-07 (03-10-48).txt

Type de recherche: Examen rapide
Eléments examinés: 106439
Temps écoulé: 10 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\IMMonitor (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer (PUP.KeyLogger) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Config.ini (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Infomation.txt (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\License.txt (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\unins000.dat (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\unins000.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\Visit Home Page.url (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\WinPcap.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\yahoo.messenger.monitor.sniffer.3.2-NoPE.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\YahooMonitor.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Program Files\IMMonitor\Yahoo Messenger Monitor Sniffer\YahooMonitor.exe.BAK (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Uninstall.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Visit Our Web Site.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Yahoo Messenger Monitor Sniffer\Yahoo Messenger Monitor Sniffer.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
C:\Documents and Settings\NINA\Bureau\Yahoo Messenger Monitor Sniffer.lnk (PUP.KeyLogger) -> Quarantined and deleted successfully.
0
Réponse 15 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
7 nov. 2009 à 03:43
superantispyware prend beaucoup de temps pour finir, je le poste dès que c'est fini
0
Réponse 16 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
7 nov. 2009 à 07:45
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 11/07/2009 at 03:57 AM

Application Version : 4.29.1004

Core Rules Database Version : 4242
Trace Rules Database Version: 2138

Scan type : Complete Scan
Total Scan Time : 00:38:02

Memory items scanned : 503
Memory threats detected : 0
Registry items scanned : 5983
Registry threats detected : 0
File items scanned : 21824
File threats detected : 123

Adware.Tracking Cookie
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[4].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[5].txt
C:\Documents and Settings\NINA\Cookies\nina@kaspersky.122.2o7[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[9].txt
C:\Documents and Settings\NINA\Cookies\nina@bluestreak[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[4].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[9].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[1].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[4].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[3].txt
C:\Documents and Settings\NINA\Cookies\nina@pointroll[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[5].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.bridgetrack[3].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.zanox[1].txt
C:\Documents and Settings\NINA\Cookies\nina@a1.interclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@a1.interclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@cdn4.specificclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@t.bbtrack[1].txt
C:\Documents and Settings\NINA\Cookies\nina@specificclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@casalemedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@track.effiliation[1].txt
C:\Documents and Settings\NINA\Cookies\nina@insightexpressai[2].txt
C:\Documents and Settings\NINA\Cookies\nina@specificclick[3].txt
C:\Documents and Settings\NINA\Cookies\nina@samsung.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@adv.surinter[2].txt
C:\Documents and Settings\NINA\Cookies\nina@pointroll[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.bridgetrack[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[7].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[5].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[6].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[4].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[1].txt
C:\Documents and Settings\NINA\Cookies\nina@aimfar.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@lucidmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[2].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[3].txt
C:\Documents and Settings\NINA\Cookies\nina@advertstream[2].txt
C:\Documents and Settings\NINA\Cookies\nina@tracking.publicidees[1].txt
C:\Documents and Settings\NINA\Cookies\nina@tribalfusion[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[1].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.pointroll[2].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[2].txt
C:\Documents and Settings\NINA\Cookies\nina@msnportal.112.2o7[1].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[2].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[3].txt
C:\Documents and Settings\NINA\Cookies\nina@serving-sys[3].txt
C:\Documents and Settings\NINA\Cookies\nina@tradedoubler[2].txt
C:\Documents and Settings\NINA\Cookies\nina@apmebf[1].txt
C:\Documents and Settings\NINA\Cookies\nina@greysoundtracks.free[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.doctissimo[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[3].txt
C:\Documents and Settings\NINA\Cookies\nina@advertising[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[4].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[8].txt
C:\Documents and Settings\NINA\Cookies\nina@adviva[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[1].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[5].txt
C:\Documents and Settings\NINA\Cookies\nina@interclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[6].txt
C:\Documents and Settings\NINA\Cookies\nina@tradedoubler[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bouyguestelecom.solution.weborama[2].txt
C:\Documents and Settings\NINA\Cookies\nina@collective-media[2].txt
C:\Documents and Settings\NINA\Cookies\nina@www.googleadservices[1].txt
C:\Documents and Settings\NINA\Cookies\nina@collective-media[1].txt
C:\Documents and Settings\NINA\Cookies\nina@advertising[3].txt
C:\Documents and Settings\NINA\Cookies\nina@click-fr[1].txt
C:\Documents and Settings\NINA\Cookies\nina@overture[1].txt
C:\Documents and Settings\NINA\Cookies\nina@media6degrees[1].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[4].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[3].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bluestreak[2].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[3].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.proxad[2].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[1].txt
C:\Documents and Settings\NINA\Cookies\nina@chitika[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[3].txt
C:\Documents and Settings\NINA\Cookies\nina@revsci[1].txt
C:\Documents and Settings\NINA\Cookies\nina@realmedia[3].txt
C:\Documents and Settings\NINA\Cookies\nina@fl01.ct2.comclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@247realmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@adbrite[3].txt
C:\Documents and Settings\NINA\Cookies\nina@adbrite[2].txt
C:\Documents and Settings\NINA\Cookies\nina@weborama[1].txt
C:\Documents and Settings\NINA\Cookies\nina@ad.yieldmanager[2].txt
C:\Documents and Settings\NINA\Cookies\nina@247realmedia[2].txt
C:\Documents and Settings\NINA\Cookies\nina@ads.networldmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@adserver.adtechus[1].txt
C:\Documents and Settings\NINA\Cookies\nina@atdmt[1].txt
C:\Documents and Settings\NINA\Cookies\nina@bs.serving-sys[2].txt
C:\Documents and Settings\NINA\Cookies\nina@content.yieldmanager[2].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@doubleclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@fastclick[2].txt
C:\Documents and Settings\NINA\Cookies\nina@insightexpressai[1].txt
C:\Documents and Settings\NINA\Cookies\nina@interclick[1].txt
C:\Documents and Settings\NINA\Cookies\nina@kaspersky.122.2o7[1].txt
C:\Documents and Settings\NINA\Cookies\nina@media6degrees[2].txt
C:\Documents and Settings\NINA\Cookies\nina@mediaplex[2].txt
C:\Documents and Settings\NINA\Cookies\nina@oasn04.247realmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@networldmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@realmedia[2].txt
C:\Documents and Settings\NINA\Cookies\nina@questionmarket[2].txt
C:\Documents and Settings\NINA\Cookies\nina@smartadserver[1].txt
C:\Documents and Settings\NINA\Cookies\nina@specificmedia[1].txt
C:\Documents and Settings\NINA\Cookies\nina@statcounter[2].txt
C:\Documents and Settings\NINA\Cookies\nina@trafficmp[2].txt
C:\Documents and Settings\NINA\Cookies\nina@tribalfusion[1].txt
C:\Documents and Settings\NINA\Cookies\nina@xiti[1].txt
C:\Documents and Settings\NINA\Cookies\nina@xiti[2].txt
C:\Documents and Settings\NINA\Cookies\nina@zedo[1].txt
C:\Documents and Settings\NINA\Cookies\nina@zedo[3].txt

Adware.MyWebSearch-Installer
C:\DOCUMENTS AND SETTINGS\NINA\MES DOCUMENTS\DOWNLOADS\PROGRAMS\MYWEBFACESETUP2.3.50.56.GRMAN000.EXE

Adware.Vundo/Variant-MSFake
C:\DOCUMENTS AND SETTINGS\NINA\APPLICATION DATA\MICROSOFT\LIVE SEARCH\SUPPRESSION-LIVE-SEARCH.EXE
H:\SOFTWARES\EMOTICONES3D.EXE
J:\DISKFORMATTE\MES DOCUMENTS\DOWNLOADS\PROGRAMS\EMOTICONES3D.EXE
0
Réponse 17 / 21
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 350
7 nov. 2009 à 07:48
comment ce comporte ton pc ?
0
Réponse 18 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
7 nov. 2009 à 09:42
ça va nettement mieux! suis je guéris?lol
0
Réponse 19 / 21
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 350
8 nov. 2009 à 07:57
télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport
0
Réponse 20 / 21
zanu Messages postés 1175 Date d'inscription samedi 16 août 2008 Statut Membre Dernière intervention 14 janvier 2020 38
15 nov. 2009 à 20:24
j'ai fais ce test genproc, mais je sais pas ou est situé le rapport crée, si tu peux m'indiquer stp; merci
0

Discussions similaires

Carte bancaire passée à la machine à laver
Nicolas -
kusanagi79 -

5 réponses
Carte bleu passé a la machine à laver
Fi -
Jmichel -

8 réponses
Cherche Pokemon plante/electrique [HG]
Hurmel -
Mavel Fullbuster -

9 réponses
Machine à laver CB
Imane -
fabul -

2 réponses
portable passer a la machine a laver a 60°
quintin -
mamayoungg -

40 réponses