BPS.AdwarePolice

Alice2010 Messages postés 9 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

J'ai fait un scanne avec Spybot - Search & Destroy, le logiciel à trouvé un Malware du nom BPS.AdwarePolice.

Quelqu'un pourrait il me dire ce que c'est et comment le supprimer car Spyboot ne le supprime pas.

Merci Pour votre aide.

Configuration: Windows Vista Internet Explorer 7.0

16 réponses

  1. Utilisateur anonyme
     
    bonjour

    • Télécharge : http://images.malwareremoval.com/random/RSIT.exe
    * Sous XP : double-cliquez sur RSIT.exe pour lancer l'outil.
    * Si vous êtes sous vista vous devez exécuter RSIT avec les droits d'administrateur, pour cela Clique droit sur RSIT et "Lancer en tant qu'administrateur"
    • Double clique sur RSIT.exe pour lancer l'outil.
    • Clique sur 'Continue' à l'écran Disclaimer.
    • Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
    • Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.
    ( C:\RSIT\log.txt et C:\RSIT\info.txt )
    • CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller
     a un.
    0
  2. Alice2010 Messages postés 9 Statut Membre
     
    Merci Nanar, voilà j'ai eu un bloc note qui c'est ouvert voici le copier coller.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by sanaa at 2009-12-03 20:27:46
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 263 GB (59%) free of 447 GB
    Total RAM: 2045 MB (40% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:27:58, on 3/12/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\HomeCinema\PlayMovie\PMVService.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Fuji_Service_Photo\Fuji Print\dd.exe
    C:\Program Files\Paltalk Messenger\paltalk.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\sanaa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOUQJ8T4\RSIT[1].exe
    C:\Program Files\trend micro\sanaa.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.aldi.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/?p=us
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
    O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Startup Cleaner] C:\Program Files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\HomeCinema\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
    O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [VoipDiscount] "C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [TypingSatellite] "C:\Program Files\TurboTyping\KBOOST.EXE"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [HiChatter] C:\Program Files\Beyluxe Messenger\Beyluxe Messenger.exe
    O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\Windows\TEMP\E_S1767.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [qbclv] c:\users\sanaa\appdata\local\qbclv.exe qbclv
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BeyluxeMessenger] C:\Program Files\Beyluxe Messenger\Beyluxe Messenger.exe
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [Device Detection] C:\Program Files\Fuji_Service_Photo\Fuji Print\dd.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-839697050-189894251-3829184322-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
    O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
    O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Service Google Update (gupdate1c9dba174f3d205) (gupdate1c9dba174f3d205) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
    O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
    O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
    O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    0
  3. Utilisateur anonyme
     
    • Téléchargez et enregistrez sur le Bureau : navilog1
    • Sous XP : double-cliquez sur l'icône pour lancer l'outil.
    • Sous vista : faites un clic droit sur Navilog1 présent sur le Bureau et choisissez "Exécuter en tant qu'administrateur".
    • Choisissez votre langue, appuyez sur F pour Français.
    • Appuyez sur une touche jusqu'à ce que vous arriviez au menu des options.
    • Choisissez l'option 1 (Recherche / Désinfection Automatique).
    • Laissez le programme travailler, il pourrait durer une dizaine de minutes.
    • Si l'outil trouve quelque chose, il sera amené à faire redémarrer l'ordinateur.
    • Lorsque le message "Scan terminé le..." s'affichera, appuyez sur une touche pour faire apparaitre le rapport dans le Bloc-notes (il sera aussi enregistré automatiquement sur votre disque dur : C:\cleannavi.txt)
    • Voici un tutoriel qui vous explique le fonctionnement de Navilog1 : http://il.mafioso.pagesperso-orange.fr/Navifix/presentation.htm

    0
  4. Alice2010 Messages postés 9 Statut Membre
     
    Merci nanar, je fais quoi maintenant?

    Fix Navipromo version 4.0.5 commencé le jeu. 03/12/2009 21:28:40,74

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Postez ce rapport sur le forum pour le faire analyser !!!

    Outil exécuté depuis C:\Program Files\navilog1

    Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz )
    BIOS : Phoenix - AwardBIOS v6.00PG
    USER : sanaa ( Not Administrator ! )
    BOOT : Normal boot

    Antivirus : avast! antivirus 4.8.1201 [VPS 090506-0] 4.8.1201 (Activated)

    C:\ (Local Disk) - NTFS - Total:436 Go (Free:255 Go)
    D:\ (Local Disk) - FAT32 - Total:29 Go (Free:18 Go)
    E:\ (CD or DVD)
    F:\ (USB)
    G:\ (USB)
    H:\ (USB)

    Recherche executée en mode normal

    Nettoyage exécuté au redémarrage de l'ordinateur

    Nettoyage contenu C:\Windows\Temp effectué !
    Nettoyage contenu C:\Users\sanaa\AppData\Local\Temp effectué !

    *** Sauvegarde du Registre vers dossier Safebackup ***

    sauvegarde du Registre réalisée avec succès !

    *** Nettoyage Registre ***

    Nettoyage Registre Ok

    Certificat Egroup supprimé !
    Certificat OOO-Favorit supprimé !

    *** Scan terminé jeu. 03/12/2009 21:36:52,94 ***
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    /!\ A l'attention de ceux qui passent sur ce sujet /!\
    Le logiciel qui suit n'est pas à utiliser à la légère et peut faire des dégâts s'il est mal utilisé ! Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé.

    /!\ Désactive tous tes logiciels de protection /!\

    • Télécharge combofix(de sUBs) sur ton Bureau.
    • Double-clique sur ComboFix.exe afin de le lancer.
    • Il va te demander d'installer la console de récupération : accepte. (important en cas de problème)
    • Ne touche à rien pendant le scan.
    • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
    #Si combofix ne veut pas se lancer renommes le en ccm.exe et éxécutes le en mode sans échec .
    Tutoriel officiel de Combofix : http://www.bleepingcomputer.com/combofix/fr/comment-utiliser¬-combofix
    0
  7. Utilisateur anonyme
     
    Est ce que c'est l'antivirus, le résident de spyboot, windows defender? oui
    0
  8. Alice2010 Messages postés 9 Statut Membre
     
    ComboFix 09-12-02.08 - sanaa 03/12/2009 23:24.1.2 - x86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1257.32.1037.18.2045.1107 [GMT 1:00]
    Lancé depuis: c:\users\sanaa\Desktop\ComboFix.exe
    AV: avast! antivirus 4.8.1201 [VPS 090506-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: avast! antivirus 4.8.1201 [VPS 090506-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
    SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\$recycle.bin\S-1-5-21-839697050-189894251-3829184322-1004
    c:\$recycle.bin\S-1-5-21-839697050-189894251-3829184322-1007
    C:\install.exe
    c:\users\sanaa\AppData\Roaming\mdbu.bin

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-11-03 au 2009-12-03 ))))))))))))))))))))))))))))))))))))
    .

    2009-12-03 22:43 . 2009-12-03 22:43 -------- d-----w- c:\users\oujdia\AppData\Local\temp
    2009-12-03 22:43 . 2009-12-03 22:43 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
    2009-12-03 22:43 . 2009-12-03 22:43 -------- d-----w- c:\users\Default\AppData\Local\temp
    2009-12-03 20:27 . 2009-12-03 20:36 4096 d-----w- c:\program files\Navilog1
    2009-12-03 19:03 . 2009-12-03 19:27 4096 d-----w- c:\program files\trend micro
    2009-12-03 19:03 . 2009-12-03 19:04 -------- d-----w- C:\rsit
    2009-12-03 19:02 . 2009-12-03 19:10 4096 d-----w- c:\program files\Microsoft Silverlight
    2009-11-29 23:32 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
    2009-11-29 23:32 . 2009-08-19 22:50 46928 ----a-r- c:\windows\system32\AdobePDF.dll
    2009-11-29 15:53 . 2009-11-29 15:57 -------- d-----w- c:\users\oujdia\AppData\Local\Corel
    2009-11-29 15:53 . 2009-11-29 15:53 -------- d-----w- c:\users\oujdia\AppData\Roaming\Corel
    2009-11-29 15:27 . 2009-11-29 15:27 -------- d-----w- c:\users\oujdia\AppData\Roaming\Paltalk
    2009-11-29 15:27 . 2009-11-29 23:40 4096 d-----w- c:\users\oujdia\Tracing
    2009-11-29 15:26 . 2009-11-29 15:26 229168 ----a-w- c:\users\oujdia\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-11-29 15:16 . 2009-11-29 15:16 -------- d-----w- c:\users\oujdia\AppData\Roaming\Yahoo!
    2009-11-29 15:16 . 2009-11-29 15:16 -------- d-----w- c:\users\oujdia\AppData\Roaming\Ulead Systems
    2009-11-29 15:16 . 2009-11-29 15:17 -------- d-----w- c:\users\oujdia\AppData\Local\Adobe
    2009-11-29 15:15 . 2009-11-29 15:40 -------- d-----w- c:\users\oujdia\AppData\Local\TVEnhance
    2009-11-29 15:15 . 2009-11-29 15:15 -------- d-----w- c:\users\oujdia\AppData\Local\PlayMovie
    2009-11-29 15:15 . 2009-11-29 16:34 4096 d-----w- c:\users\oujdia\AppData\Local\Google
    2009-11-29 15:14 . 2009-11-29 15:14 -------- d-sh--we c:\users\oujdia\Voisinage réseau
    2009-11-28 21:19 . 2009-11-28 21:19 -------- d-----w- c:\programdata\Messenger Plus!
    2009-11-28 21:15 . 2009-11-28 21:15 4096 d-----w- c:\program files\Messenger Plus! Live
    2009-11-26 02:09 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
    2009-11-25 12:27 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
    2009-11-25 12:27 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
    2009-11-24 11:49 . 2009-11-24 11:49 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb870C.tmp.exe
    2009-11-22 15:19 . 2009-11-22 15:19 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
    2009-11-22 12:50 . 2009-11-22 12:50 -------- d-----w- c:\program files\Microsoft.NET
    2009-11-22 12:48 . 2009-11-22 12:48 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2009-11-22 12:47 . 2009-11-22 13:00 4096 d-----w- c:\users\sanaa\AppData\Local\Microsoft Help
    2009-11-22 12:45 . 2009-11-22 12:45 -------- d-----r- C:\MSOCache
    2009-11-17 12:14 . 2009-11-17 12:14 -------- d-----w- c:\program files\Windows Portable Devices
    2009-11-16 22:47 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
    2009-11-16 22:46 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2009-11-16 22:46 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
    2009-11-16 22:46 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2009-11-11 20:38 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
    2009-11-11 20:38 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
    2009-11-04 21:02 . 2009-11-04 21:02 -------- d-----w- c:\windows\system32\ShellExt

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-12-03 19:06 . 2007-10-18 14:01 12288 d-----w- c:\programdata\Microsoft Help
    2009-12-03 19:01 . 2009-03-05 16:29 -------- d-----w- c:\program files\Microsoft
    2009-12-03 18:36 . 2008-11-05 22:03 4096 d-----w- c:\programdata\Google Updater
    2009-12-03 18:29 . 2006-11-02 15:48 713304 ----a-w- c:\windows\system32\perfh00C.dat
    2009-12-03 18:29 . 2006-11-02 15:48 143336 ----a-w- c:\windows\system32\perfc00C.dat
    2009-12-03 02:16 . 2007-12-29 16:23 4096 d-----w- c:\users\sanaa\AppData\Roaming\Skype
    2009-12-03 00:15 . 2007-12-29 16:26 4096 d-----w- c:\users\sanaa\AppData\Roaming\skypePM
    2009-12-01 23:38 . 2009-08-10 23:32 8192 d-----w- c:\program files\Paltalk Messenger
    2009-11-30 16:23 . 2008-07-03 19:15 8192 d-----w- c:\program files\Spybot - Search & Destroy
    2009-11-29 15:53 . 2008-08-01 11:08 20430 --sha-w- c:\windows\system32\KGyGaAvL.sys
    2009-11-29 15:16 . 2007-10-18 11:31 -------- d-----w- c:\programdata\NVIDIA
    2009-11-29 15:15 . 2009-11-29 15:15 -------- d-----w- c:\users\oujdia\AppData\Roaming\GTek
    2009-11-28 21:00 . 2009-05-23 14:13 4096 d-----w- c:\program files\Windows Live
    2009-11-22 15:32 . 2008-08-01 10:41 -------- d-----w- c:\users\sanaa\AppData\Roaming\gtk-2.0
    2009-11-22 12:57 . 2009-08-18 12:07 229168 ----a-w- c:\users\sanaa\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-11-22 12:52 . 2007-10-18 13:57 28672 d-----w- c:\program files\Microsoft Works
    2009-11-22 12:51 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
    2009-11-20 07:14 . 2009-03-18 21:44 1 ----a-w- c:\users\sanaa\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
    2009-11-20 07:14 . 2007-12-27 20:21 3834 ----a-w- c:\users\sanaa\AppData\Roaming\wklnhst.dat
    2009-11-17 12:13 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
    2009-11-17 12:05 . 2009-11-17 12:05 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
    2009-11-17 12:04 . 2009-11-17 12:04 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2009-11-12 04:08 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
    2009-11-09 19:00 . 2008-03-22 00:30 4096 d-----w- c:\program files\Java
    2009-11-08 14:15 . 2007-12-28 19:53 65536 d-----w- c:\users\sanaa\AppData\Roaming\VoipBuster
    2009-11-02 19:42 . 2009-10-03 11:06 195456 ------w- c:\windows\system32\MpSigStub.exe
    2009-10-30 22:26 . 2009-10-30 22:26 -------- d-----w- c:\programdata\McAfee
    2009-10-30 22:20 . 2009-10-30 22:20 -------- d-----w- c:\programdata\McAfee Security Scan
    2009-10-28 15:46 . 2009-10-18 12:15 -------- d-----w- c:\programdata\FLEXnet
    2009-10-26 20:17 . 2009-10-26 20:17 -------- d-----w- c:\program files\Fuji_Service_Photo
    2009-10-21 15:48 . 2009-08-07 17:52 4096 d-----w- c:\program files\Beyluxe Messenger
    2009-10-18 16:08 . 2009-10-10 21:20 8192 d-----w- c:\program files\SecondLife
    2009-10-18 12:12 . 2007-10-18 11:55 12288 d-----w- c:\program files\Common Files\Adobe
    2009-10-18 12:09 . 2009-10-18 12:09 -------- d-----w- c:\programdata\ALM
    2009-10-18 12:06 . 2009-08-29 12:33 4096 d-----w- c:\program files\Common Files\PX Storage Engine
    2009-10-18 11:49 . 2009-10-18 11:49 4096 d-----w- c:\program files\Adobe Media Player
    2009-10-18 11:48 . 2009-10-18 11:48 -------- d-----w- c:\program files\Common Files\Adobe AIR
    2009-10-18 11:44 . 2009-10-18 11:44 -------- d-----w- c:\program files\Common Files\Macrovision Shared
    2009-10-17 15:26 . 2009-10-17 15:26 -------- d-----w- c:\users\sanaa\AppData\Roaming\PhotoFiltre Studio X
    2009-10-17 15:26 . 2009-10-17 15:26 4096 d-----w- c:\program files\PhotoFiltre Studio X
    2009-10-16 19:50 . 2009-10-16 19:50 -------- d-----w- c:\program files\MSECache
    2009-10-11 03:17 . 2008-12-20 18:02 411368 ----a-w- c:\windows\system32\deploytk.dll
    2009-10-10 21:21 . 2009-04-15 08:25 4096 d-----w- c:\users\sanaa\AppData\Roaming\SecondLife
    2009-10-01 01:02 . 2009-11-16 22:47 2537472 ----a-w- c:\windows\system32\wpdshext.dll
    2009-10-01 01:02 . 2009-11-16 22:47 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
    2009-10-01 01:02 . 2009-11-16 22:47 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
    2009-10-01 01:02 . 2009-11-16 22:47 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
    2009-10-01 01:01 . 2009-11-16 22:47 546816 ----a-w- c:\windows\system32\wpd_ci.dll
    2009-10-01 01:01 . 2009-11-16 22:47 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
    2009-10-01 01:01 . 2009-11-16 22:47 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
    2009-10-01 01:01 . 2009-11-16 22:47 350208 ----a-w- c:\windows\system32\WPDSp.dll
    2009-10-01 01:01 . 2009-11-16 22:47 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
    2009-10-01 01:01 . 2009-11-16 22:47 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
    2009-10-01 01:01 . 2009-11-16 22:47 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
    2009-10-01 01:01 . 2009-11-16 22:47 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
    2009-10-01 01:01 . 2009-11-16 22:47 226816 ----a-w- c:\windows\system32\WpdMtp.dll
    2009-10-01 01:01 . 2009-11-16 22:47 33280 ----a-w- c:\windows\system32\WpdConns.dll
    2009-10-01 01:01 . 2009-11-16 22:47 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
    2009-09-25 02:10 . 2009-11-16 22:48 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2009-09-25 02:07 . 2009-11-16 22:48 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
    2009-09-25 02:04 . 2009-11-16 22:48 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
    2009-09-25 01:49 . 2009-11-16 22:48 1554432 ----a-w- c:\windows\system32\xpsservices.dll
    2009-09-25 01:48 . 2009-11-16 22:48 351232 ----a-w- c:\windows\system32\XpsPrint.dll
    2009-09-25 01:38 . 2009-11-16 22:48 847360 ----a-w- c:\windows\system32\OpcServices.dll
    2009-09-25 01:36 . 2009-11-16 22:48 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2009-09-25 01:35 . 2009-11-16 22:48 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
    2009-09-25 01:33 . 2009-11-16 22:48 195584 ----a-w- c:\windows\system32\dxdiagn.dll
    2009-09-25 01:33 . 2009-11-16 22:48 829440 ----a-w- c:\windows\system32\d3d10warp.dll
    2009-09-25 01:33 . 2009-11-16 22:48 369664 ----a-w- c:\windows\system32\WMPhoto.dll
    2009-09-25 01:32 . 2009-11-16 22:48 252928 ----a-w- c:\windows\system32\dxdiag.exe
    2009-09-25 01:31 . 2009-11-16 22:48 519680 ----a-w- c:\windows\system32\d3d11.dll
    2009-09-25 01:31 . 2009-11-16 22:48 486912 ----a-w- c:\windows\system32\d3d10level9.dll
    2009-09-25 01:31 . 2009-11-16 22:48 161280 ----a-w- c:\windows\system32\d3d10_1.dll
    2009-09-25 01:31 . 2009-11-16 22:48 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
    2009-09-25 01:31 . 2009-11-16 22:48 1030144 ----a-w- c:\windows\system32\d3d10.dll
    2009-09-25 01:31 . 2009-11-16 22:48 828928 ----a-w- c:\windows\system32\d2d1.dll
    2009-09-25 01:30 . 2009-11-16 22:48 481792 ----a-w- c:\windows\system32\dxgi.dll
    2009-09-25 01:30 . 2009-11-16 22:48 190464 ----a-w- c:\windows\system32\d3d10core.dll
    2009-09-25 01:27 . 2009-11-16 22:48 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2009-09-25 01:27 . 2009-11-16 22:48 37888 ----a-w- c:\windows\system32\cdd.dll
    2009-09-25 01:27 . 2009-11-16 22:48 793088 ----a-w- c:\windows\system32\FntCache.dll
    2009-09-25 01:27 . 2009-11-16 22:48 1064448 ----a-w- c:\windows\system32\DWrite.dll
    2009-09-24 22:54 . 2009-11-16 22:48 258048 ----a-w- c:\windows\system32\winspool.drv
    2009-09-24 22:54 . 2009-11-16 22:48 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
    2009-09-24 22:54 . 2009-11-16 22:48 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
    2009-09-14 09:29 . 2009-10-14 17:26 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
    2009-09-10 16:48 . 2009-10-14 17:27 218624 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-10 14:59 . 2009-10-27 17:09 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2009-09-10 14:58 . 2009-10-27 17:09 310784 ----a-w- c:\windows\system32\unregmp2.exe
    2009-09-10 02:01 . 2009-11-16 22:48 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2009-09-10 02:00 . 2009-11-16 22:48 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2009-09-10 02:00 . 2009-11-16 22:48 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2009-11-29 01:10 . 2009-11-29 01:10 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    2008-09-01 09:14 . 2008-08-01 11:12 88 --sh--r- c:\windows\System32\389385A08E.sys
    2009-07-18 11:29 . 2008-08-01 22:19 248 --sh--r- c:\windows\System32\C3C8592898.sys
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2009-12-02 9094448]
    "TypingSatellite"="c:\program files\TurboTyping\KBOOST.EXE" [2003-01-07 747008]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-05 39408]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "HiChatter"="c:\program files\Beyluxe Messenger\Beyluxe Messenger.exe" [2009-10-20 5316096]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "BeyluxeMessenger"="c:\program files\Beyluxe Messenger\Beyluxe Messenger.exe" [2009-10-20 5316096]
    "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-08-20 2000120]
    "Device Detection"="c:\program files\Fuji_Service_Photo\Fuji Print\dd.exe" [2009-03-02 139776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
    "Athan"="c:\program files\Athan\Athan.exe" [2007-09-06 1024000]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
    "TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2007-10-19 155648]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-21 198160]
    "Startup Cleaner"="c:\program files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe" [2006-10-08 122880]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-04 98304]
    "PlayMovie"="c:\program files\HomeCinema\PlayMovie\PMVService.exe" [2007-09-06 172032]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]
    "NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
    "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-29 30192]
    "Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2007-10-30 16200]
    "CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792]
    "Ulead AutoDetector v2"="c:\program files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2006-11-29 90112]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
    "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
    "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
    "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-08-03 1826816]
    "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-08-17 4702208]

    c:\users\sanaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-1-4 110592]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-1-4 110592]
    PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-10-29 11551744]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "VistaSp2"=hex(b):1c,a8,14,3a,ad,37,ca,01

    R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [7/05/2009 18:42 114768]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\HomeCinema\PlayMovie\000.fcl [24/10/2007 14:09 41456]
    R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [7/05/2009 18:42 20560]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [7/05/2009 18:41 53328]
    R2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [12/02/2007 10:46 208896]
    R2 NMSCore;Intel(R) NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [27/06/2007 9:14 317656]
    R2 nmsunidr;UniDriver for NMS;c:\windows\System32\drivers\nmsunidr.sys [18/02/2007 19:34 5376]
    R2 QualityManager;Intel(R) Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe [27/06/2007 9:17 272600]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [27/06/2009 16:27 1153368]
    R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [24/10/2007 14:09 290909]
    R2 TVESched;TVEnhance Task Scheduler (TTS));c:\program files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [24/10/2007 14:09 114779]
    R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [16/10/2007 13:07 1242976]
    R3 IntelDH;IntelDH Driver;c:\windows\System32\drivers\IntelDH.sys [24/10/2007 16:25 5632]
    R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\System32\drivers\netr28u.sys [16/10/2007 13:07 554496]
    R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\System32\drivers\CM108.sys [28/06/2007 6:18 1310720]
    R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [18/10/2007 12:38 13976]
    S2 gupdate1c9dba174f3d205;Service Google Update (gupdate1c9dba174f3d205);c:\program files\Google\Update\GoogleUpdate.exe [23/05/2009 13:24 133104]
    S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 4:46 284016]
    S3 DHTRACE;Intel(R) DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [27/06/2007 9:15 39640]
    S3 FontCache;Service de cache de police Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [20/06/2008 17:19 21504]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [27/12/2007 20:33 30192]
    S4 Adpseexin;Adpseexin; [x]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    Contenu du dossier 'Tâches planifiées'

    2009-12-03 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-05 16:38]

    2009-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-23 12:24]

    2009-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-05-23 12:24]

    2009-12-03 c:\windows\Tasks\User_Feed_Synchronization-{FF868D49-B796-4FC0-A928-50B3DA490DE6}.job
    - c:\windows\system32\msfeedssync.exe [2009-10-14 03:41]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.be/
    mStart Page = hxxp://fr.yahoo.com
    mSearch Bar = hxxp://www.google.com/ie
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Ajouter au fichier PDF existant
    IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Ajouter à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir au format PDF
    IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convertir la cible du lien en Adobe PDF
    IE: Convertir la cible du lien en un fichier PDF existant
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    FF - ProfilePath - c:\users\sanaa\AppData\Roaming\Mozilla\Firefox\Profiles\iqhha1v0.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
    FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll
    FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
    FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    HKCU-Run-AdobeBridge - (no file)
    HKLM-Run-FBSSA - c:\program files\SGPSA\ie3sh.exe
    AddRemove-GoldWave v5.10 - c:\program files\GoldWave\unstall.exe GoldWave v5.10
    AddRemove-NVIDIA Drivers - c:\windows\system32\NVUNINST.EXE UninstallGUI
    AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-03 23:44
    Windows 6.0.6002 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    FBSSA = c:\program files\SGPSA\ie3sh.exe????{??????????????????????????????????????????????????????????????

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
    "ImagePath"="\??\c:\program files\HomeCinema\PlayMovie\000.fcl"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
    "ImagePath"="\??\c:\program files\HomeCinema\PowerDVD\000.fcl"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-839697050-189894251-3829184322-1001_Classes\CLSID\{46bacad2-8854-4fb6-a882-ef2c9ee48288}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:0000003e
    "Therad"=dword:0000001e
    "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
    38,95,44,85,b1,12,f9,90,dd,23,a1,ac,16,db,d3,41,3e,62,7d,46,2a,df,50,7d,ca,\

    [HKEY_USERS\S-1-5-21-839697050-189894251-3829184322-1001_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "scansk"=hex(0):bd,83,ae,77,47,08,8b,bd,11,49,4f,f5,31,84,47,e6,d5,78,2a,da,3d,
    47,89,e6,f7,d5,fa,e5,a0,2e,02,68,cf,b2,eb,03,9e,5c,b1,66,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{01342aa2-76e1-4bdc-b5e2-de155975093b}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0f0015af
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{1d0b67b0-189e-46c7-bfc7-23b61467e7f7}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:16020054
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{47b9423e-f431-402c-9073-aa8c97e55ea5}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0f0015af
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{4c26a787-0cb0-486b-b05a-c95b0a8d1d13}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0d001d92
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{4ed86c88-3470-400d-9c8d-a9eb330e6716}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0d001d92
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{54e3fabb-dab2-49d7-916c-9e64bfcdcd0c}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:120012c9
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{5c6ef1f7-8778-4f37-b265-ed997f1914c6}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:17000000
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{67d5e1d8-cd63-40cc-99a4-ab1c712d1b5f}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:1a000000
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{6ff9062c-d808-4d40-a4ae-43cb1680a9ed}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0a001d92
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{7b85bcf6-961a-455f-bc48-804861d8a6a2}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0d001d92
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{841ef8d9-3aab-479e-a60d-7d354a60a616}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0c001617
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:07001422
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{a8715931-06c2-401f-bcc1-a8174240f026}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0f0015af
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{adc54b19-24fe-4d15-856a-3d995b4e582f}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0f0015af
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{e186c875-0d2c-4d73-88c1-e6018ef4ddc0}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0d001d92
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{e1e97d43-c08f-4371-8ddf-02f971c0c187}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0d0015af
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ec9c9d45-932f-4e89-8cd6-12e00370c72e}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0f0015af
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f446aead-47c3-42ce-9211-b777c76a08d2}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:0d001d92
    "Dhcpv6State"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}]
    @DACL=(02 0000)
    "Dhcpv6Iaid"=dword:06001422
    "Dhcpv6State"=dword:00000000
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'lsass.exe'(736)
    .
    Heure de fin: 2009-12-03 23:47
    ComboFix-quarantined-files.txt 2009-12-03 22:47

    Avant-CF: 271.061.237.760 octets libres
    Après-CF: 271.166.533.632 octets libres

    - - End Of File - - D0B9B4F62873DB36503781A61517599E
    0
  9. Alice2010 Messages postés 9 Statut Membre
     
    Bonjour NAnar

    voilà le rapport ci dessus, que dois je faire maintenant?

    Merci pour ton aide.
    0
  10. Utilisateur anonyme
     
    Post un nouveau rapport rsit.Merci
    0
  11. Alice2010 Messages postés 9 Statut Membre
     
    Voilà le rapport, merci encore pour ton aide.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by sanaa at 2009-12-04 22:37:59
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 256 GB (57%) free of 447 GB
    Total RAM: 2045 MB (37% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:38:27, on 4/12/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\HomeCinema\TV Enhance\TVEService.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\HomeCinema\PlayMovie\PMVService.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\IELowutil.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\sanaa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVZVO751\RSIT[1].exe
    C:\Program Files\trend micro\sanaa.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
    O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
    O4 - HKLM\..\Run: [TVEService] "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Startup Cleaner] C:\Program Files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\HomeCinema\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [TypingSatellite] "C:\Program Files\TurboTyping\KBOOST.EXE"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [HiChatter] C:\Program Files\Beyluxe Messenger\Beyluxe Messenger.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BeyluxeMessenger] C:\Program Files\Beyluxe Messenger\Beyluxe Messenger.exe
    O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    O4 - HKCU\..\Run: [Device Detection] C:\Program Files\Fuji_Service_Photo\Fuji Print\dd.exe
    O4 - HKUS\S-1-5-21-839697050-189894251-3829184322-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
    O4 - HKUS\S-1-5-21-839697050-189894251-3829184322-1000\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'IUSR_NMPR')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
    O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
    O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Service Google Update (gupdate1c9dba174f3d205) (gupdate1c9dba174f3d205) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
    O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
    O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
    O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    0
  12. Utilisateur anonyme
     
    • Bonjour

    • Télécharge et installe : Malwarebyte’s Anti-Malware
    • (NB : S'il te manque"COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
    • A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
    • Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
    • Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
    • Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
    • A la fin du scan, clique sur Afficher les résultats
    • Coche tous les éléments détectés puis clique sur Supprimer la sélection
    • Enregistre le rapport
    • S'il t'est demandé de redémarrer, clique sur Yes
    • Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
    • Si tu as besoin d’aide regarde ce tutorial
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    0
  13. Alice2010 Messages postés 9 Statut Membre
     
    Salut nanar il ne détecte rien. Que dois je faire maintenant?

    Malwarebytes' Anti-Malware 1.42
    Version de la base de données: 3300
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18828

    5/12/2009 19:12:57
    mbam-log-2009-12-05 (19-12-57).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 623098
    Temps écoulé: 2 hour(s), 12 minute(s), 50 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    0
  14. Utilisateur anonyme
     
    Toujours des problèmesa+ avec BPS.AdwarePolice.?

    a++
    0
  15. Alice2010 Messages postés 9 Statut Membre
     
    Salut nanard, quand j'effectue un scane avec spyboot il le détecte toujours.
    0
  16. Utilisateur anonyme
     
    Fais ca et dis moi s'il est toujours détecté.

    Désactiver/Réactiver la restauration système de Vista
    • Après une désinfection, il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés.
    • Cliquez sur le bouton Vista, faîtes un clic droit sur "Ordinateur" puis cliquez sur "Propriétés" .
    • Cliquez ensuite sur "Protection du système" .
    • Décochez la case du ou des disque(s) pour lesquels vous souhaitez désactiver la restauration du système .
    • Une confirmation est nécessaire et vous informe que les points de restaurations existants vont être supprimés sans possibilité de retour en arrière .
    • Pour réactiver la restauration système, il suffit de cocher à nouveau les cases.
    • Pensé a vider la corbeille.
    0