Worms et compagnie ont infescté mon PC
Fermé
Knox
-
17 déc. 2009 à 13:17
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 - 20 déc. 2009 à 08:26
sherred Messages postés 8346 Date d'inscription samedi 26 janvier 2008 Statut Membre Dernière intervention 25 mars 2024 - 20 déc. 2009 à 08:26
A voir également:
- Worms et compagnie ont infescté mon PC
- Test performance pc - Guide
- Mon pc rame que faire - Guide
- Reinitialiser pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Plus de son sur mon pc - Guide
12 réponses
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
17 déc. 2009 à 14:13
17 déc. 2009 à 14:13
Télécharge Superantispyware (SAS)
https://www.superantispyware.com/superantispywarefreevspro.html
une fois l'installation et la mise a jour effectuée
clic sur « scanner votre ordinateur »
coche scan complète
et suivant
Le rapport :
"Preferences" "Statistics/journaux de bord".
double-clique sur le dernier SUPERAntiSpyware Scan Log.
https://www.superantispyware.com/superantispywarefreevspro.html
une fois l'installation et la mise a jour effectuée
clic sur « scanner votre ordinateur »
coche scan complète
et suivant
Le rapport :
"Preferences" "Statistics/journaux de bord".
double-clique sur le dernier SUPERAntiSpyware Scan Log.
D'accord merci de la rapidité pourta réponse je vais faire ce que tu as dis sinon je viens de refaire un scan et voici le rapport :
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
17/12/2009 14:48:41 Fin de la tâche
17/12/2009 14:48:40 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Consigné dans le rapport
17/12/2009 14:48:40 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
17/12/2009 14:48:40 Mis en quarantaine: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp
17/12/2009 14:48:40 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 14:48:40 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 14:48:40 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 14:48:39 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
17/12/2009 14:48:39 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
17/12/2009 14:48:39 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe
17/12/2009 14:48:39 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe
17/12/2009 14:48:39 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
17/12/2009 14:48:27 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
17/12/2009 14:40:05 Détectés: https://securelist.fr/ C:\windows\system32\Macromed\Flash\NPSWF32.dll
17/12/2009 14:38:16 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
17/12/2009 13:52:39 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact Reporté
17/12/2009 13:52:39 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 13:52:38 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe Reporté
17/12/2009 13:52:37 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 13:50:25 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe Reporté
17/12/2009 13:50:23 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe Reporté
17/12/2009 13:50:22 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
17/12/2009 13:50:20 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe
17/12/2009 13:50:17 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe Reporté
17/12/2009 13:50:17 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
17/12/2009 13:44:56 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
17/12/2009 13:44:47 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Reporté
17/12/2009 13:44:35 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
17/12/2009 13:44:05 Détectés: https://securelist.fr/ C:\program files\Java\jre1.6.0_01\bin\java.exe
17/12/2009 13:41:43 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
17/12/2009 13:40:04 Lancement de la tâche
17/12/2009 13:40:00 Tâche arrêtée
17/12/2009 13:39:25 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
17/12/2009 13:39:25 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
17/12/2009 13:39:12 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
17/12/2009 13:39:12 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
17/12/2009 13:39:06 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
17/12/2009 13:38:58 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
17/12/2009 13:38:58 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
17/12/2009 13:38:37 Détectés: https://securelist.fr/ C:\windows\system32\Macromed\Flash\NPSWF32.dll
17/12/2009 13:38:37 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
17/12/2009 13:38:36 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
16/12/2009 23:59:52 Fin de la tâche
16/12/2009 23:59:52 Impossible de mettre en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:51 Sera placé en quarantaine lors du redémarrage: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:51 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:50 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
16/12/2009 23:59:50 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
16/12/2009 23:59:50 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:59:46 Réparés: HEUR:Worm.Win32.Generic HKEY_USERS\S-1-5-21-4250453228-2727491811-2252994522-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
16/12/2009 23:59:46 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:59:46 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe Reporté
16/12/2009 23:59:46 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:45 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe Reporté
16/12/2009 23:59:45 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
16/12/2009 23:59:45 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe Reporté
16/12/2009 23:59:45 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:59:45 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
17/12/2009 13:13:41 Fin de la tâche
17/12/2009 13:13:40 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe
17/12/2009 13:13:25 Réparés: HEUR:Worm.Win32.Generic HKEY_USERS\S-1-5-21-4250453228-2727491811-2252994522-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
17/12/2009 13:13:24 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe
17/12/2009 13:13:22 Mis en quarantaine: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net
17/12/2009 13:13:22 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 13:13:22 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
17/12/2009 13:12:00 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
17/12/2009 01:04:21 Détectés: https://securelist.fr/ C:\windows\system32\Macromed\Flash\NPSWF32.dll
17/12/2009 00:53:11 Protégé par un mot de passe C:\Users\Jipeh\Documents\TELECHARGEMENT\Desobeir - Enhancer.zip/ Enhancer - Desobeir - album -.zip
17/12/2009 00:53:11 Protégé par un mot de passe C:\Users\Jipeh\Documents\TELECHARGEMENT\Desobeir - Enhancer.zip/ Enhancer - Desobeir - album -.zip
17/12/2009 00:41:39 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
17/12/2009 00:10:28 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe Reporté
17/12/2009 00:10:28 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe
17/12/2009 00:10:27 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact Reporté
17/12/2009 00:10:27 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 00:09:47 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe Reporté
17/12/2009 00:09:44 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
17/12/2009 00:09:44 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact Reporté
17/12/2009 00:09:44 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe Reporté
17/12/2009 00:09:44 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 00:09:39 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 00:06:35 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe Reporté
17/12/2009 00:06:30 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
16/12/2009 23:59:29 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
16/12/2009 23:58:58 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Reporté
16/12/2009 23:58:56 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
16/12/2009 23:58:40 Détectés: https://securelist.fr/ C:\program files\Java\jre1.6.0_01\bin\java.exe
16/12/2009 23:56:17 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
16/12/2009 23:52:23 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:52:23 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:51:59 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
16/12/2009 23:51:58 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
16/12/2009 23:51:57 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
16/12/2009 23:51:56 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
16/12/2009 23:51:53 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe Reporté
16/12/2009 23:51:53 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:51:45 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe Reporté
16/12/2009 23:51:45 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe
16/12/2009 23:51:33 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
16/12/2009 23:46:04 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:45:38 Sera supprimé lors du redémarrage de l'ordinateur: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:45:38 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:45:38 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
16/12/2009 23:46:08 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:46:08 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:45:58 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
16/12/2009 23:45:56 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
16/12/2009 23:45:56 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
16/12/2009 23:45:53 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
16/12/2009 23:45:14 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe Reporté
16/12/2009 23:45:14 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:44:58 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe Reporté
16/12/2009 23:44:58 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:44:37 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
12/12/2009 03:22:37 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
12/12/2009 02:35:18 Non réparés: Trojan-PSW.Win32.Agent.lta C:\Users\Jipeh\Desktop\WNX_private_WET_1.7_PBUNDETECTED.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe Reporté
12/12/2009 02:35:18 Détectés: Trojan-PSW.Win32.Agent.lta C:\Users\Jipeh\Desktop\WNX_private_WET_1.7_PBUNDETECTED.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe
12/12/2009 02:32:34 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact Reporté
12/12/2009 02:32:33 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact
12/12/2009 02:32:15 Non réparés: Trojan-Mailfinder.Win32.Blen.le C:\Users\Jipeh\AppData\Local\Temp\~temp\aounml11\spoolsv.exe/PE_Patch.UPX/UPX Reporté
12/12/2009 02:32:15 Détectés: Trojan-Mailfinder.Win32.Blen.le C:\Users\Jipeh\AppData\Local\Temp\~temp\aounml11\spoolsv.exe/PE_Patch.UPX/UPX
12/12/2009 02:31:12 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe Reporté
12/12/2009 02:31:10 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
12/12/2009 02:31:10 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact Reporté
12/12/2009 02:31:10 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
12/12/2009 02:31:10 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe Reporté
12/12/2009 02:31:06 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
12/12/2009 02:27:17 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe Reporté
12/12/2009 02:27:17 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
12/12/2009 02:27:13 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe Reporté
12/12/2009 02:27:10 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
12/12/2009 02:13:11 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Reporté
12/12/2009 02:13:07 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
12/12/2009 02:12:43 Détectés: https://securelist.fr/ C:\program files\Java\jre1.6.0_01\bin\java.exe
12/12/2009 01:57:07 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
12/12/2009 01:43:40 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
12/12/2009 01:43:40 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
12/12/2009 01:43:40 Non réparés: Trojan-PSW.Win32.Agent.lta C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RNZCJBI.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe Reporté
12/12/2009 01:43:40 Détectés: Trojan-PSW.Win32.Agent.lta C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RNZCJBI.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe
12/12/2009 01:43:33 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
12/12/2009 01:43:31 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
12/12/2009 01:43:30 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
12/12/2009 01:43:23 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
12/12/2009 01:43:11 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe Reporté
12/12/2009 01:43:11 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
12/12/2009 01:42:54 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe Reporté
12/12/2009 01:42:54 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe
12/12/2009 01:42:39 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
17/12/2009 14:48:41 Fin de la tâche
17/12/2009 14:48:40 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Consigné dans le rapport
17/12/2009 14:48:40 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
17/12/2009 14:48:40 Mis en quarantaine: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp
17/12/2009 14:48:40 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 14:48:40 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 14:48:40 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 14:48:39 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
17/12/2009 14:48:39 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
17/12/2009 14:48:39 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe
17/12/2009 14:48:39 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe
17/12/2009 14:48:39 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
17/12/2009 14:48:27 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
17/12/2009 14:40:05 Détectés: https://securelist.fr/ C:\windows\system32\Macromed\Flash\NPSWF32.dll
17/12/2009 14:38:16 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
17/12/2009 13:52:39 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact Reporté
17/12/2009 13:52:39 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 13:52:38 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe Reporté
17/12/2009 13:52:37 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 13:50:25 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe Reporté
17/12/2009 13:50:23 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe Reporté
17/12/2009 13:50:22 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
17/12/2009 13:50:20 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\mstsc.exe
17/12/2009 13:50:17 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe Reporté
17/12/2009 13:50:17 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
17/12/2009 13:44:56 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
17/12/2009 13:44:47 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Reporté
17/12/2009 13:44:35 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
17/12/2009 13:44:05 Détectés: https://securelist.fr/ C:\program files\Java\jre1.6.0_01\bin\java.exe
17/12/2009 13:41:43 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
17/12/2009 13:40:04 Lancement de la tâche
17/12/2009 13:40:00 Tâche arrêtée
17/12/2009 13:39:25 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
17/12/2009 13:39:25 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
17/12/2009 13:39:12 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
17/12/2009 13:39:12 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
17/12/2009 13:39:06 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
17/12/2009 13:38:58 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
17/12/2009 13:38:58 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
17/12/2009 13:38:37 Détectés: https://securelist.fr/ C:\windows\system32\Macromed\Flash\NPSWF32.dll
17/12/2009 13:38:37 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
17/12/2009 13:38:36 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
16/12/2009 23:59:52 Fin de la tâche
16/12/2009 23:59:52 Impossible de mettre en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:51 Sera placé en quarantaine lors du redémarrage: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:51 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:50 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
16/12/2009 23:59:50 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
16/12/2009 23:59:50 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:59:46 Réparés: HEUR:Worm.Win32.Generic HKEY_USERS\S-1-5-21-4250453228-2727491811-2252994522-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
16/12/2009 23:59:46 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:59:46 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe Reporté
16/12/2009 23:59:46 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:59:45 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe Reporté
16/12/2009 23:59:45 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
16/12/2009 23:59:45 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe Reporté
16/12/2009 23:59:45 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:59:45 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
17/12/2009 13:13:41 Fin de la tâche
17/12/2009 13:13:40 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe
17/12/2009 13:13:25 Réparés: HEUR:Worm.Win32.Generic HKEY_USERS\S-1-5-21-4250453228-2727491811-2252994522-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load
17/12/2009 13:13:24 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe
17/12/2009 13:13:22 Mis en quarantaine: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net
17/12/2009 13:13:22 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 13:13:22 Mis en quarantaine: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
17/12/2009 13:12:00 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
17/12/2009 01:04:21 Détectés: https://securelist.fr/ C:\windows\system32\Macromed\Flash\NPSWF32.dll
17/12/2009 00:53:11 Protégé par un mot de passe C:\Users\Jipeh\Documents\TELECHARGEMENT\Desobeir - Enhancer.zip/ Enhancer - Desobeir - album -.zip
17/12/2009 00:53:11 Protégé par un mot de passe C:\Users\Jipeh\Documents\TELECHARGEMENT\Desobeir - Enhancer.zip/ Enhancer - Desobeir - album -.zip
17/12/2009 00:41:39 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
17/12/2009 00:10:28 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe Reporté
17/12/2009 00:10:28 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Roaming\clipsrv.exe
17/12/2009 00:10:27 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact Reporté
17/12/2009 00:10:27 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 00:09:47 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe Reporté
17/12/2009 00:09:44 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
17/12/2009 00:09:44 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact Reporté
17/12/2009 00:09:44 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe Reporté
17/12/2009 00:09:44 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
17/12/2009 00:09:39 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
17/12/2009 00:06:35 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe Reporté
17/12/2009 00:06:30 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
16/12/2009 23:59:29 Détectés: https://securelist.fr/ C:\program files\Mozilla Firefox\firefox.exe
16/12/2009 23:58:58 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Reporté
16/12/2009 23:58:56 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
16/12/2009 23:58:40 Détectés: https://securelist.fr/ C:\program files\Java\jre1.6.0_01\bin\java.exe
16/12/2009 23:56:17 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
16/12/2009 23:52:23 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:52:23 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:51:59 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
16/12/2009 23:51:58 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
16/12/2009 23:51:57 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
16/12/2009 23:51:56 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
16/12/2009 23:51:53 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe Reporté
16/12/2009 23:51:53 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\spoolsv.exe
16/12/2009 23:51:45 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe Reporté
16/12/2009 23:51:45 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\spoolsv.exe
16/12/2009 23:51:33 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
16/12/2009 23:46:04 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:45:38 Sera supprimé lors du redémarrage de l'ordinateur: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:45:38 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:45:38 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
16/12/2009 23:46:08 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:46:08 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
16/12/2009 23:45:58 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
16/12/2009 23:45:56 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
16/12/2009 23:45:56 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
16/12/2009 23:45:53 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
16/12/2009 23:45:14 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe Reporté
16/12/2009 23:45:14 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\mstsc.exe
16/12/2009 23:44:58 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe Reporté
16/12/2009 23:44:58 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\mstsc.exe
16/12/2009 23:44:37 Lancement de la tâche
Analyse complète: terminée le 17/12/2009 14:48:40 (événements : 42, objets : 306179, durée : 01:08:36)
12/12/2009 03:22:37 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
12/12/2009 02:35:18 Non réparés: Trojan-PSW.Win32.Agent.lta C:\Users\Jipeh\Desktop\WNX_private_WET_1.7_PBUNDETECTED.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe Reporté
12/12/2009 02:35:18 Détectés: Trojan-PSW.Win32.Agent.lta C:\Users\Jipeh\Desktop\WNX_private_WET_1.7_PBUNDETECTED.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe
12/12/2009 02:32:34 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact Reporté
12/12/2009 02:32:33 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\VirtualStore\Windows\System32\net.net/PE_Patch.PECompact/PecBundle/PECompact
12/12/2009 02:32:15 Non réparés: Trojan-Mailfinder.Win32.Blen.le C:\Users\Jipeh\AppData\Local\Temp\~temp\aounml11\spoolsv.exe/PE_Patch.UPX/UPX Reporté
12/12/2009 02:32:15 Détectés: Trojan-Mailfinder.Win32.Blen.le C:\Users\Jipeh\AppData\Local\Temp\~temp\aounml11\spoolsv.exe/PE_Patch.UPX/UPX
12/12/2009 02:31:12 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe Reporté
12/12/2009 02:31:10 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\s326log.exe
12/12/2009 02:31:10 Non réparés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact Reporté
12/12/2009 02:31:10 Détectés: Packed.Win32.PECompact C:\Users\Jipeh\AppData\Local\Temp\prun.tmp/PE_Patch.PECompact/PecBundle/PECompact
12/12/2009 02:31:10 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe Reporté
12/12/2009 02:31:06 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Temp\gijk40.exe
12/12/2009 02:27:17 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe Reporté
12/12/2009 02:27:17 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\Microsoft\rsvp.exe
12/12/2009 02:27:13 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe Reporté
12/12/2009 02:27:10 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\AppData\Local\ieudinit.exe
12/12/2009 02:13:11 Non réparés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe Reporté
12/12/2009 02:13:07 Détectés: HEUR:Trojan.Win32.Generic C:\program files\Live-Player\uninst.exe
12/12/2009 02:12:43 Détectés: https://securelist.fr/ C:\program files\Java\jre1.6.0_01\bin\java.exe
12/12/2009 01:57:07 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
12/12/2009 01:43:40 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
12/12/2009 01:43:40 Protégé par un mot de passe C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RPIBB71.zip
12/12/2009 01:43:40 Non réparés: Trojan-PSW.Win32.Agent.lta C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RNZCJBI.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe Reporté
12/12/2009 01:43:40 Détectés: Trojan-PSW.Win32.Agent.lta C:\$Recycle.Bin\S-1-5-21-4250453228-2727491811-2252994522-1000\$RNZCJBI.Rar/WNX_private_WET_1.7_PBUNDETECTED/WNX_private_1.7.exe
12/12/2009 01:43:33 Détectés: https://securelist.fr/ C:\windows\system32\java.exe
12/12/2009 01:43:31 Détectés: https://securelist.fr/ C:\program files\itunes\itunes.exe
12/12/2009 01:43:30 Détectés: https://securelist.fr/ C:\program files\quicktime\quicktimeplayer.exe
12/12/2009 01:43:23 Détectés: https://securelist.fr/ C:\program files\adobe\reader 8.0\reader\acrord32.exe
12/12/2009 01:43:11 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe Reporté
12/12/2009 01:43:11 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\local settings\applic~1\micros~1\rsvp.exe
12/12/2009 01:42:54 Non réparés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe Reporté
12/12/2009 01:42:54 Détectés: HEUR:Worm.Win32.Generic C:\Users\Jipeh\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe
12/12/2009 01:42:39 Lancement de la tâche
Voila le rapport de SAS :
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/
Generated 12/17/2009 at 04:17 PM
Application Version : 4.31.1000
Core Rules Database Version : 4383
Trace Rules Database Version: 2221
Scan type : Complete Scan
Total Scan Time : 01:06:10
Memory items scanned : 848
Memory threats detected : 0
Registry items scanned : 6410
Registry threats detected : 1
File items scanned : 34319
File threats detected : 136
Adware.Tracking Cookie
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserver.aol[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@eyewonder[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@collective-media[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ad.zanox[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adlegend[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@argusauto2.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@www.smartadserver[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ad.yieldmanager[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@advertising[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@statse.webtrendslive[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@apmebf[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@t.bbtrack[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@zedo[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@uk.at.atwola[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.118000[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@at.atwola[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@doubleclick[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.ad4game[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@discountmanga[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@sfr.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@weborama[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@atdmt[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@statcounter[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adtech[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@stats.searchtrack[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@casio.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bouyguestelecom.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bluestreak[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@eas.apm.emediate[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@cdiscount[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fr.sitestat[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.sdh[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@myroitracking[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ww57.smartadserver[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ad.jamba[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@int.sitestat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@blancheporte.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@cts.metricsdirect[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tacoda[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tracking.publicidees[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@vivelledop.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@track.effiliation[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@zanox[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.aedgency[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@pacificpoker[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserving.contextualmarketplace[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@d2.advertserve[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bs.serving-sys[3].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@mediaplex[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.deenero[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@stat.dealtime[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tribalfusion[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@247realmedia[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@estat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@nestlecereals.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adbrite[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bnm.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@track.webgains[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@www3.smartadserver[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@xfire.adbureau[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@smartadserver[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@spartoo.db.advertising[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@content.yieldmanager[3].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@orange3.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fr.pacificpoker[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@content.yieldmanager[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fastclick[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@server.iad.liveperson[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@track.effiliation[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bubblestat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserving.favorit-network[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fl01.ct2.comclick[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@serving-sys[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads2.sdcentral[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bnpparibasnet.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserver.adtechus[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.pointroll[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@xiti[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fr.sitestat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@hollywood.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@int.sitestat[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@msnportal.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adsby.webtraffic[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tradedoubler[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@yourmedia[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@data.coremetrics[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@advertstream[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bwincom.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@banner.web.zumiez[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@smartadserver[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bs.serving-sys[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@advertstream[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ttbmanutan.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@bluestreak[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@doubleclick[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ad.yieldmanager[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@tracking.publicidees[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ad.proxad[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@adtech[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@track.effiliation[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@sfr.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@statcounter[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@xiti[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@adserver.aol[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@cetelem.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@bouyguestelecom.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@yourmedia[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@smartadserver[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@eaeacom.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ads.128b[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@t.bbtrack[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@virginmobile.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@fastclick[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ad.zanox[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@advertising[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@mediaplex[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@trackers.1st-affiliation[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@weborama[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@msnportal.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@bs.serving-sys[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@tradedoubler[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@apmebf[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@samsung.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@lascad.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@serving-sys[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@facebook.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@boursoramabanque.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@atdmt[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@2o7[1].txt
Trojan.DNSChanger-Codec
HKU\S-1-5-21-4250453228-2727491811-2252994522-1000\Software\fcn
Trojan.Dropper/Gen-NV
C:\USERS\JIPEH\APPDATA\LOCAL\IEUDINIT.EXE
Trojan.Agent/Gen-FraudLoad
C:\USERS\JIPEH\APPDATA\LOCAL\MICROSOFT\MSTSC.EXE
C:\USERS\JIPEH\APPDATA\LOCAL\MICROSOFT\RSVP.EXE
C:\USERS\JIPEH\APPDATA\LOCAL\TEMP\GIJK40.EXE
Trojan.Agent/Gen
C:\USERS\JIPEH\APPDATA\LOCAL\TEMP\PRUN.TMP
Trojan.SVCHost/Fake
C:\USERS\JIPEH\APPDATA\LOCAL\TEMP\~TEMP\TWPST03\SVCHOST.EXE
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/
Generated 12/17/2009 at 04:17 PM
Application Version : 4.31.1000
Core Rules Database Version : 4383
Trace Rules Database Version: 2221
Scan type : Complete Scan
Total Scan Time : 01:06:10
Memory items scanned : 848
Memory threats detected : 0
Registry items scanned : 6410
Registry threats detected : 1
File items scanned : 34319
File threats detected : 136
Adware.Tracking Cookie
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserver.aol[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@eyewonder[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@collective-media[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ad.zanox[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adlegend[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@argusauto2.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@www.smartadserver[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ad.yieldmanager[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@advertising[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@statse.webtrendslive[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@apmebf[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@t.bbtrack[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@zedo[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@uk.at.atwola[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.118000[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@at.atwola[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@doubleclick[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.ad4game[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@discountmanga[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@sfr.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@weborama[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@atdmt[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@statcounter[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adtech[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@stats.searchtrack[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@casio.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bouyguestelecom.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bluestreak[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@eas.apm.emediate[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@cdiscount[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fr.sitestat[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.sdh[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@myroitracking[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ww57.smartadserver[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ad.jamba[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@int.sitestat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@blancheporte.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@cts.metricsdirect[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tacoda[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tracking.publicidees[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@vivelledop.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@track.effiliation[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@zanox[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.aedgency[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@pacificpoker[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserving.contextualmarketplace[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@d2.advertserve[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bs.serving-sys[3].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@mediaplex[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.deenero[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@stat.dealtime[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tribalfusion[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@247realmedia[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@estat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@nestlecereals.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adbrite[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bnm.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@track.webgains[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@www3.smartadserver[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@xfire.adbureau[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@smartadserver[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@spartoo.db.advertising[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@content.yieldmanager[3].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@orange3.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fr.pacificpoker[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@content.yieldmanager[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fastclick[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@server.iad.liveperson[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@track.effiliation[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bubblestat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserving.favorit-network[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fl01.ct2.comclick[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@serving-sys[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads2.sdcentral[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bnpparibasnet.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adserver.adtechus[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@ads.pointroll[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@xiti[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@fr.sitestat[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@hollywood.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@int.sitestat[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@msnportal.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@adsby.webtraffic[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@tradedoubler[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@yourmedia[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@data.coremetrics[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@advertstream[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bwincom.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@banner.web.zumiez[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@smartadserver[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\jipeh@bs.serving-sys[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@advertstream[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ttbmanutan.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@bluestreak[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@doubleclick[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ad.yieldmanager[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@tracking.publicidees[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ad.proxad[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@adtech[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@track.effiliation[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@sfr.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@statcounter[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@xiti[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@adserver.aol[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@cetelem.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@bouyguestelecom.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@yourmedia[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@smartadserver[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@eaeacom.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ads.128b[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@t.bbtrack[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@virginmobile.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@fastclick[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@ad.zanox[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@advertising[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@mediaplex[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@trackers.1st-affiliation[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@weborama[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@msnportal.112.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@bs.serving-sys[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@tradedoubler[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@apmebf[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@samsung.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@lascad.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@serving-sys[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@facebook.122.2o7[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@boursoramabanque.solution.weborama[2].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@atdmt[1].txt
C:\Users\Jipeh\AppData\Roaming\Microsoft\Windows\Cookies\Low\jipeh@2o7[1].txt
Trojan.DNSChanger-Codec
HKU\S-1-5-21-4250453228-2727491811-2252994522-1000\Software\fcn
Trojan.Dropper/Gen-NV
C:\USERS\JIPEH\APPDATA\LOCAL\IEUDINIT.EXE
Trojan.Agent/Gen-FraudLoad
C:\USERS\JIPEH\APPDATA\LOCAL\MICROSOFT\MSTSC.EXE
C:\USERS\JIPEH\APPDATA\LOCAL\MICROSOFT\RSVP.EXE
C:\USERS\JIPEH\APPDATA\LOCAL\TEMP\GIJK40.EXE
Trojan.Agent/Gen
C:\USERS\JIPEH\APPDATA\LOCAL\TEMP\PRUN.TMP
Trojan.SVCHost/Fake
C:\USERS\JIPEH\APPDATA\LOCAL\TEMP\~TEMP\TWPST03\SVCHOST.EXE
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
17 déc. 2009 à 17:35
17 déc. 2009 à 17:35
comment se comporte ton pc ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
17 déc. 2009 à 20:00
17 déc. 2009 à 20:00
télécharge Malwarebyte's ici http://www.malwarebytes.org/mbam/program/mbam-setup.exe
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des éléments on été trouvés > click sur supprimer la sélection.
si il t´es demandé de redémarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
le programme va se mettre automatiquement a jour.
S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici
https://www.malekal.com/tutorial-aboutbuster/
Une fois a jour, le programme va se lancer; click sur l´onglet paramètre, et coche la case : "Arrêter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des éléments on été trouvés > click sur supprimer la sélection.
si il t´es demandé de redémarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de manière a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Voila le rapport :
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3382
Windows 6.0.6000
Internet Explorer 7.0.6000.16945
17/12/2009 21:24:54
mbam-log-2009-12-17 (21-24-54).txt
Type de recherche: Examen rapide
Eléments examinés: 98608
Temps écoulé: 8 minute(s), 4 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 44
Processus mémoire infecté(s):
C:\Program Files\Platrium\bin\1.2.103.0\Weather.exe (Adware.Zango) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Platrium\bin\1.2.103.0\WeSkin.dll (Adware.Zango) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\brnstie.stock (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d53e4acf-edf5-4071-903b-f84b64fc1ea2} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d53e4acf-edf5-4071-903b-f84b64fc1ea2} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\brnstie.stock.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\platrium.platriumctrl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{973c90fe-13b7-4238-95a1-90f08e50eff8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e03ad987-6084-47c6-a881-c86de621ed6e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{04ec9f0b-636c-48b9-b521-4a9b2049e76e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51f3187a-dd43-478a-b277-0c3180dd7e48} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6937e3a8-ce7a-458a-9221-f908ec3be5f8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{94eb08ef-c96f-425f-bcd3-4eb7c4847e56} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{94eb08ef-c96f-425f-bcd3-4eb7c4847e56} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b12aca14-c7fb-44fe-883b-6121fd02bad3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b12aca14-c7fb-44fe-883b-6121fd02bad3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b12aca14-c7fb-44fe-883b-6121fd02bad3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f38f103c-f23a-4f96-a721-53cfe734fdd4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\platrium.platriumctrl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{243b60df-796c-409e-be55-0ad5c9710ba4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{58448a35-efd0-42ef-8e5d-861e86368a7b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{753f2149-c51d-45db-a5fc-d9531f0a4ebd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9c9dd1ce-6444-4911-824b-e0e4f8694e03} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7930f8d2-1209-441c-81f1-3f2b853a65a8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9ee1d732-eea1-4c42-9aa6-b1983efabbe2} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d78714d-2edc-4185-90a3-7f1809afb64e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{83ae1533-46ca-4733-a356-7ddea8f6a7df} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b3a91f5a-3966-4a9a-98d5-4ccfc71a5013} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8157edf8-b64d-4310-9eec-f5f0d8185258} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a01fd52f-5fac-4c11-a1a5-d2627efcb49a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0a11bbd4-090f-4ebc-b3a9-715fdc8badfe} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f23402f4-5d7b-4680-9bc2-2aa0f9746ae3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4c0bc3ac-6ddd-4992-bb0f-d5a0f497fdaa} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4c0bc3ac-6ddd-4992-bb0f-d5a0f497fdaa} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f7d65201-4d65-4450-b374-b5edaf55917e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63441363-d980-4d3a-8d17-591e8755ddf7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{81b44090-bf16-48da-ad55-7b744a4aa633} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8c60d7f6-14ed-4586-9fd2-de3aa7a69976} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d574d6e4-281d-4197-9b4c-b6b47b7a37f8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06cf5e04-277c-4ee2-badf-4eea5ca8cb55} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{06cf5e04-277c-4ee2-badf-4eea5ca8cb55} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b072852b-8d9f-42c7-97d8-27d7529ff671} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b072852b-8d9f-42c7-97d8-27d7529ff671} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\platriumsa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlatriumSA (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Platrium (Adware.Zango) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\oyzjdto (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\platriumweather (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d53e4acf-edf5-4071-903b-f84b64fc1ea2} (Adware.Zango) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\62536224 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium (Adware.Zango) -> Delete on reboot.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\PlatriumWeather (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Windows System Defender (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Jipeh\Local Settings\Application Data\dtjapgcl_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\dtjapgcl_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\dtjapgcl.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto.exe (Adware.Navipromo.H) -> Delete on reboot.
c:\Users\Jipeh\AppData\Local\oyzjdto.exe (Trojan.Agent.H) -> Delete on reboot.
C:\Program Files\Platrium\bin\1.2.103.0\Weather.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\BRNstIE.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\Platrium.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\SearchWeather.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherStartup.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Links (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\WeatherPreferences (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\Display (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\Loading (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\screen3 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\soaperror (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML\Default (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML\Genera1 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML\General (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\platriumsa.log (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSAEula.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\about.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\bc.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\CntntCntr.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\copyright.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\CSBridge.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\customer.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\games.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\LaunchHelp.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\link.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSAAX.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSADF.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSAHook.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumUninstaller.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\WeSkin.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Windows System Defender\cookies.sqlite (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3382
Windows 6.0.6000
Internet Explorer 7.0.6000.16945
17/12/2009 21:24:54
mbam-log-2009-12-17 (21-24-54).txt
Type de recherche: Examen rapide
Eléments examinés: 98608
Temps écoulé: 8 minute(s), 4 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 48
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 12
Fichier(s) infecté(s): 44
Processus mémoire infecté(s):
C:\Program Files\Platrium\bin\1.2.103.0\Weather.exe (Adware.Zango) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\Program Files\Platrium\bin\1.2.103.0\WeSkin.dll (Adware.Zango) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\TypeLib\{cdc73256-a88d-4642-844e-a8f20b76789c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d1063603-f045-475f-afbc-8cba7d5797fb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\brnstie.stock (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d53e4acf-edf5-4071-903b-f84b64fc1ea2} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d53e4acf-edf5-4071-903b-f84b64fc1ea2} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\brnstie.stock.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\platrium.platriumctrl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{973c90fe-13b7-4238-95a1-90f08e50eff8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e03ad987-6084-47c6-a881-c86de621ed6e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{04ec9f0b-636c-48b9-b521-4a9b2049e76e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{51f3187a-dd43-478a-b277-0c3180dd7e48} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6937e3a8-ce7a-458a-9221-f908ec3be5f8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{94eb08ef-c96f-425f-bcd3-4eb7c4847e56} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{94eb08ef-c96f-425f-bcd3-4eb7c4847e56} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b12aca14-c7fb-44fe-883b-6121fd02bad3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b12aca14-c7fb-44fe-883b-6121fd02bad3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b12aca14-c7fb-44fe-883b-6121fd02bad3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f38f103c-f23a-4f96-a721-53cfe734fdd4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\platrium.platriumctrl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{243b60df-796c-409e-be55-0ad5c9710ba4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{58448a35-efd0-42ef-8e5d-861e86368a7b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{753f2149-c51d-45db-a5fc-d9531f0a4ebd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9c9dd1ce-6444-4911-824b-e0e4f8694e03} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7930f8d2-1209-441c-81f1-3f2b853a65a8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{9ee1d732-eea1-4c42-9aa6-b1983efabbe2} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d78714d-2edc-4185-90a3-7f1809afb64e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{83ae1533-46ca-4733-a356-7ddea8f6a7df} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b3a91f5a-3966-4a9a-98d5-4ccfc71a5013} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8157edf8-b64d-4310-9eec-f5f0d8185258} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a01fd52f-5fac-4c11-a1a5-d2627efcb49a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0a11bbd4-090f-4ebc-b3a9-715fdc8badfe} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f23402f4-5d7b-4680-9bc2-2aa0f9746ae3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4c0bc3ac-6ddd-4992-bb0f-d5a0f497fdaa} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4c0bc3ac-6ddd-4992-bb0f-d5a0f497fdaa} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f7d65201-4d65-4450-b374-b5edaf55917e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63441363-d980-4d3a-8d17-591e8755ddf7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{81b44090-bf16-48da-ad55-7b744a4aa633} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8c60d7f6-14ed-4586-9fd2-de3aa7a69976} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d574d6e4-281d-4197-9b4c-b6b47b7a37f8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{06cf5e04-277c-4ee2-badf-4eea5ca8cb55} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{06cf5e04-277c-4ee2-badf-4eea5ca8cb55} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b072852b-8d9f-42c7-97d8-27d7529ff671} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b072852b-8d9f-42c7-97d8-27d7529ff671} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\platriumsa (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlatriumSA (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Platrium (Adware.Zango) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\oyzjdto (Trojan.Agent.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\platriumweather (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d53e4acf-edf5-4071-903b-f84b64fc1ea2} (Adware.Zango) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\62536224 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium (Adware.Zango) -> Delete on reboot.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\PlatriumWeather (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Windows System Defender (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Users\Jipeh\Local Settings\Application Data\dtjapgcl_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\dtjapgcl_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\dtjapgcl.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Users\Jipeh\Local Settings\Application Data\oyzjdto.exe (Adware.Navipromo.H) -> Delete on reboot.
c:\Users\Jipeh\AppData\Local\oyzjdto.exe (Trojan.Agent.H) -> Delete on reboot.
C:\Program Files\Platrium\bin\1.2.103.0\Weather.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\BRNstIE.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\Platrium.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\SearchWeather.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherStartup.xml (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Links (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\WeatherPreferences (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\Display (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\Loading (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\screen3 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\WeatherDPA\Weather_XML\soaperror (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML\Default (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML\Genera1 (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Platrium\Weather\Weather_XML\General (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\platriumsa.log (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSAEula.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\ProgramData\PlatriumSA\PlatriumSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\about.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\bc.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\CntntCntr.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\copyright.txt (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\CSBridge.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\customer.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\games.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\LaunchHelp.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\link.ico (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSAAX.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSADF.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumSAHook.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\PlatriumUninstaller.exe (Adware.Zango) -> Quarantined and deleted successfully.
C:\Program Files\Platrium\bin\1.2.103.0\WeSkin.dll (Adware.Zango) -> Quarantined and deleted successfully.
C:\Users\Jipeh\AppData\Roaming\Windows System Defender\cookies.sqlite (Rogue.WindowsSystemDefender) -> Quarantined and deleted successfully.
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
18 déc. 2009 à 06:46
18 déc. 2009 à 06:46
voila qui est mieux
et maintenant suis toute cette procedure dans cet ordre
Ccleaner https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
*Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
tu fait le nettoyage
Fichiers temporaires de Windows
Cookies, cache, historique d'Internet Explorer, Opera et Firefox
Documents récents de Windows
et ensuite réparation de la base de registre.
-----------------------------
télécharge hijackthis http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
>> enregistre la cible sous .... "le bureau" renomme HJTInstall.exe en par exemple HJT.exe
>> Fais un double-clic sur "HJT.exe" afin de lancer l'installation
>> Clique sur Install ensuite sur "I Accept"
>> Clique sur" Do a scan system and save log file"
>> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
--------------------------------------------------
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/ad_remover.html
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton bureau
● Au menu principal choisi l'option "SCAN"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
----------------------------------
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
et maintenant suis toute cette procedure dans cet ordre
Ccleaner https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
*Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures .
tu fait le nettoyage
Fichiers temporaires de Windows
Cookies, cache, historique d'Internet Explorer, Opera et Firefox
Documents récents de Windows
et ensuite réparation de la base de registre.
-----------------------------
télécharge hijackthis http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
>> enregistre la cible sous .... "le bureau" renomme HJTInstall.exe en par exemple HJT.exe
>> Fais un double-clic sur "HJT.exe" afin de lancer l'installation
>> Clique sur Install ensuite sur "I Accept"
>> Clique sur" Do a scan system and save log file"
>> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
--------------------------------------------------
Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/ad_remover.html
/!\ Déconnectes toi et fermes toutes applications en cours
● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-remover située sur ton bureau
● Au menu principal choisi l'option "SCAN"
● Postes le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
----------------------------------
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cpVobGk5bHnxrhQ4yaoEUDJvOYNnEGyYjgqHZz5GqZLfutR3fMFPlsC3-CGIilfupPAguYATNyua3csodN_frdMK8sSzUpit10Yac-QJCOkMqJKkbdKcP6ySs8trWPgoNVIq4TGGWCe6o0txXQv-ZueJF9vZzw3RXsGwFYIqN2lvF2LPdQzS8mE1d5kWOVOz6EMzQuE5-lClSJM869uq3oc7-t7yg%3D%3D&attredirects=3
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:10, on 18/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\vsnpstd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\Jipeh\AppData\Local\Temp\NERO14409\Setupx.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A597AFF0-45AF-4CC0-A185-1FC98B5A93D9}: NameServer = 192.168.1.1,192.168.1.0
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DreamControl.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
Scan saved at 12:51:10, on 18/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\vsnpstd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\Jipeh\AppData\Local\Temp\NERO14409\Setupx.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A597AFF0-45AF-4CC0-A185-1FC98B5A93D9}: NameServer = 192.168.1.1,192.168.1.0
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DreamControl.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
18 déc. 2009 à 17:14
18 déc. 2009 à 17:14
Déconnectes toi et fermes toutes applications en cours !
* Relances "Ad-remover" : au menu principal choisi l'option "nettoyage" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
sur vista Désactiver le contrôle des comptes utilisateurs (le réactiver à la fin de la désinfection) :
Aller dans démarrer puis panneau de configuration
Double Cliquer sur l'icône "Comptes d'utilisateurs"
Cliquer ensuite sur désactiver et valider.
puis
clic droit sur le raccourci Ad-remover et choisi démarrer en tant qu'administrateur
--------------
redemarre et
Fais l'option 2 de ToolBar S&D.
--------
puis refait moi un rapport hijac
* Relances "Ad-remover" : au menu principal choisi l'option "nettoyage" .
--> le programme va travailler ...
* Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
sur vista Désactiver le contrôle des comptes utilisateurs (le réactiver à la fin de la désinfection) :
Aller dans démarrer puis panneau de configuration
Double Cliquer sur l'icône "Comptes d'utilisateurs"
Cliquer ensuite sur désactiver et valider.
puis
clic droit sur le raccourci Ad-remover et choisi démarrer en tant qu'administrateur
--------------
redemarre et
Fais l'option 2 de ToolBar S&D.
--------
puis refait moi un rapport hijac
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.12.2009 à 20:37
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:05:25, 19/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium v6.0.6000
Nom du PC: PC-DE-JIPEH | Utilisateur actuel: Jipeh
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Platrium
C:\Program Files\Ask Search Assistant
C:\Program Files\Everest Poker
C:\Program Files\Live-Player
C:\Users\Jipeh\AppData\Roaming\live-player
C:\Users\Jipeh\AppData\LocalLow\Platrium
C:\Users\Jipeh\Desktop\Mes jeux\Everest Poker.lnk
C:\Users\Jipeh\AppData\Local\hjdfh.bat
C:\Users\Jipeh\AppData\Local\iserdo.bat
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\appdatalow\software\Platrium
HKCU\software\Grand Virtual
HKCU\software\Live-Player
HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Classes\Interface\{22836813-E012-4A02-877F-4A88D85CD260}
HKLM\Software\Classes\Interface\{B1E8E5CF-EC04-4BA3-8309-E6B5B7B9F294}
HKLM\software\classes\Platrium.CsAx
HKLM\software\classes\Platrium.CsAx.1
HKLM\software\classes\Platrium.IEButton
HKLM\software\classes\Platrium.IEButton.1
HKLM\software\classes\Platrium.IEButtonA
HKLM\software\classes\Platrium.IEButtonA.1
HKLM\software\classes\Platrium.IEButtonB
HKLM\software\classes\Platrium.IEButtonB.1
HKLM\software\classes\Platrium.InfoBand
HKLM\software\classes\Platrium.InfoBand.1
HKLM\software\classes\PlatriumAX.ClientDetector
HKLM\software\classes\PlatriumAX.ClientDetector.1
HKLM\software\classes\PlatriumAX.UserProfiles
HKLM\software\classes\PlatriumAX.UserProfiles.1
HKLM\software\classes\PlatriumWeather.WeatherController
HKLM\software\classes\PlatriumWeather.WeatherController.1
HKLM\Software\Classes\TypeLib\{7E824994-D0DC-4721-8199-B5C4AE3B55CF}
HKLM\Software\Classes\TypeLib\{858F2BC5-6BBE-4DCE-ACC3-34F2C3339F23}
HKLM\Software\Classes\TypeLib\{FF9D5F92-A88B-44FD-BCE1-9641815F0BA0}
HKLM\software\Live-Player
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\Platrium 1.2.103.0
HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
HKLM\software\microsoft\windows\currentversion\uninstall\kadsp
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.16 [fr] *
.
Nom du profil: 0q11y023.default (Jipeh)
.
(Jipeh, prefs.js) Browser.download.dir, C:\Users\Jipeh\Downloads
(Jipeh, prefs.js) Browser.download.lastDir, C:\Users\Jipeh\Desktop
(Jipeh, prefs.js) Extensions.enabledItems, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.16,{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.66
.
.
.
* Internet Explorer Version 7.0.6000.16945 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Users\All Users\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
C:\Users\Jipeh\Desktop\Installation logiciels\Nero.8.Ultra.Edition.v8.2.8.0.FR.Incl-Keygen.cap-divx.com.rar
.
===================================
.
4565 Octet(s) - C:\Ad-Report-CLEAN[1].log
515 Octet(s) - C:\Ad-Report-SCAN[1].log
4934 Octet(s) - C:\Ad-Report-SCAN[2].log
.
0 Fichier(s) - C:\Users\Jipeh\AppData\Local\Temp
2 Fichier(s) - C:\Windows\Temp
8 Fichier(s) - C:\Windows\Prefetch
.
22 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
80 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 13:19:37 | 19/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.
----------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:18, on 19/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\vsnpstd.exe
C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
C:\Windows\system32\schtasks.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\hp\kbd\kbd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\Jipeh\AppData\Local\Temp\NERO14409\Setupx.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A597AFF0-45AF-4CC0-A185-1FC98B5A93D9}: NameServer = 192.168.1.1,192.168.1.0
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DreamControl.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 17.12.2009 à 20:37
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:05:25, 19/12/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium v6.0.6000
Nom du PC: PC-DE-JIPEH | Utilisateur actuel: Jipeh
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Live-Player
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Platrium
C:\Program Files\Ask Search Assistant
C:\Program Files\Everest Poker
C:\Program Files\Live-Player
C:\Users\Jipeh\AppData\Roaming\live-player
C:\Users\Jipeh\AppData\LocalLow\Platrium
C:\Users\Jipeh\Desktop\Mes jeux\Everest Poker.lnk
C:\Users\Jipeh\AppData\Local\hjdfh.bat
C:\Users\Jipeh\AppData\Local\iserdo.bat
(!) -- Fichiers temporaires supprimés.
.
HKCU\software\appdatalow\software\Platrium
HKCU\software\Grand Virtual
HKCU\software\Live-Player
HKLM\Software\Classes\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Classes\Interface\{22836813-E012-4A02-877F-4A88D85CD260}
HKLM\Software\Classes\Interface\{B1E8E5CF-EC04-4BA3-8309-E6B5B7B9F294}
HKLM\software\classes\Platrium.CsAx
HKLM\software\classes\Platrium.CsAx.1
HKLM\software\classes\Platrium.IEButton
HKLM\software\classes\Platrium.IEButton.1
HKLM\software\classes\Platrium.IEButtonA
HKLM\software\classes\Platrium.IEButtonA.1
HKLM\software\classes\Platrium.IEButtonB
HKLM\software\classes\Platrium.IEButtonB.1
HKLM\software\classes\Platrium.InfoBand
HKLM\software\classes\Platrium.InfoBand.1
HKLM\software\classes\PlatriumAX.ClientDetector
HKLM\software\classes\PlatriumAX.ClientDetector.1
HKLM\software\classes\PlatriumAX.UserProfiles
HKLM\software\classes\PlatriumAX.UserProfiles.1
HKLM\software\classes\PlatriumWeather.WeatherController
HKLM\software\classes\PlatriumWeather.WeatherController.1
HKLM\Software\Classes\TypeLib\{7E824994-D0DC-4721-8199-B5C4AE3B55CF}
HKLM\Software\Classes\TypeLib\{858F2BC5-6BBE-4DCE-ACC3-34F2C3339F23}
HKLM\Software\Classes\TypeLib\{FF9D5F92-A88B-44FD-BCE1-9641815F0BA0}
HKLM\software\Live-Player
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\Platrium 1.2.103.0
HKLM\software\microsoft\windows\currentversion\uninstall\Everest Poker
HKLM\software\microsoft\windows\currentversion\uninstall\kadsp
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.16 [fr] *
.
Nom du profil: 0q11y023.default (Jipeh)
.
(Jipeh, prefs.js) Browser.download.dir, C:\Users\Jipeh\Downloads
(Jipeh, prefs.js) Browser.download.lastDir, C:\Users\Jipeh\Desktop
(Jipeh, prefs.js) Extensions.enabledItems, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.16,{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.66
.
.
.
* Internet Explorer Version 7.0.6000.16945 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Users\All Users\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
C:\Users\Jipeh\Desktop\Installation logiciels\Nero.8.Ultra.Edition.v8.2.8.0.FR.Incl-Keygen.cap-divx.com.rar
.
===================================
.
4565 Octet(s) - C:\Ad-Report-CLEAN[1].log
515 Octet(s) - C:\Ad-Report-SCAN[1].log
4934 Octet(s) - C:\Ad-Report-SCAN[2].log
.
0 Fichier(s) - C:\Users\Jipeh\AppData\Local\Temp
2 Fichier(s) - C:\Windows\Temp
8 Fichier(s) - C:\Windows\Prefetch
.
22 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
80 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 13:19:37 | 19/12/2009 - CLEAN[1]
.
============== E.O.F ==============
.
----------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:18, on 19/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\vsnpstd.exe
C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
C:\Windows\system32\schtasks.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\hp\kbd\kbd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\Jipeh\AppData\Local\Temp\NERO14409\Setupx.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A597AFF0-45AF-4CC0-A185-1FC98B5A93D9}: NameServer = 192.168.1.1,192.168.1.0
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\Program Files\Stardock\Object Desktop\DeskScapes\DreamControl.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
sherred
Messages postés
8346
Date d'inscription
samedi 26 janvier 2008
Statut
Membre
Dernière intervention
25 mars 2024
350
20 déc. 2009 à 08:26
20 déc. 2009 à 08:26
tu a des traces de norton
utilise l'utilitaire de désinstallation Norton pour tout supprimer : Norton Removal Tool
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
a executer avec le sans echec
comment ce comporte ton pc ?
utilise l'utilitaire de désinstallation Norton pour tout supprimer : Norton Removal Tool
http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
a executer avec le sans echec
comment ce comporte ton pc ?