Infection
laurent91130
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
j'ai des problemes pour me connecter,en cliquant sur des liens.
souvent ,lorsque je clique,internet se coupe puis reprend,ce qui fait que je ne peux avoir acces a certains sites.
sans compter les spams de pub dont je n'arrive pas a me defaire....
merci pour votre aide
cordialement
Logfile of random's system information tool 1.06 (written by random/random)
Run by Michon at 2010-01-04 10:23:56
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 186 GB (63%) free of 295 GB
Total RAM: 3325 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:02, on 04/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Registry Mechanic\RMTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michon\Desktop\RSIT.exe
C:\Program Files\trend micro\Michon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5260\ACEIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www8.agame.com/games/shockwave/r/r-style_supreme/r-style_supreme_jeu_fr.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD0728E6-6908-4387-B76B-836CA23D302C}: NameServer = 86.64.145.147 84.103.237.147
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Service Google Update (gupdate1c9d87378fba237) (gupdate1c9d87378fba237) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: QuestService Service - Unknown owner - C:\ProgramData\QuestService\questservice129.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
j'ai des problemes pour me connecter,en cliquant sur des liens.
souvent ,lorsque je clique,internet se coupe puis reprend,ce qui fait que je ne peux avoir acces a certains sites.
sans compter les spams de pub dont je n'arrive pas a me defaire....
merci pour votre aide
cordialement
Logfile of random's system information tool 1.06 (written by random/random)
Run by Michon at 2010-01-04 10:23:56
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 186 GB (63%) free of 295 GB
Total RAM: 3325 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:24:02, on 04/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Registry Mechanic\RMTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michon\Desktop\RSIT.exe
C:\Program Files\trend micro\Michon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5260\ACEIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1990\CMWIE.dll
O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1810\TCPIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www8.agame.com/games/shockwave/r/r-style_supreme/r-style_supreme_jeu_fr.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD0728E6-6908-4387-B76B-836CA23D302C}: NameServer = 86.64.145.147 84.103.237.147
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Service Google Update (gupdate1c9d87378fba237) (gupdate1c9d87378fba237) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: QuestService Service - Unknown owner - C:\ProgramData\QuestService\questservice129.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
49 réponses
le rapport toolbar sd:
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Michon ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:288 Go (Free:186 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:4 Go)
E:\ (CD or DVD) - UDF - Total:5 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 07/01/2010|18:55 )
[ UAC => 0 ]
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Michon ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:288 Go (Free:186 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:4 Go)
E:\ (CD or DVD) - UDF - Total:5 Go (Free:0 Go)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 07/01/2010|18:55 )
[ UAC => 0 ]
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page Redirect Cache"="https://www.msn.com/fr-fr?ocid=iehp"
"Search bar"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\System32\\blank.htm"
"Search bar"="http://www.bing.com/spresults.aspx"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[ UAC => 1 ]
autre rapport:
############################## | UsbFix V6.071 |
User : Michon (Administrateurs) # PC-DE-MICHON
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 19:01:58 | 07/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 288,02 Go (186,01 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 10 Go (4,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 5,48 Go (0 Mo free) [Sims3EP01] # UDF
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 3,72 Go (2,12 Go free) [KINGSTON] # FAT32
############################## | Processus actifs |
C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\wininit.exe 620
C:\Windows\system32\csrss.exe 632
C:\Program Files\AVG\AVG9\avgchsvx.exe 644
C:\Program Files\AVG\AVG9\avgrsx.exe 652
C:\Windows\system32\services.exe 712
C:\Program Files\AVG\AVG9\avgcsrvx.exe 728
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 1012
C:\Windows\system32\svchost.exe 1140
C:\Windows\system32\svchost.exe 1200
C:\Windows\system32\Ati2evxx.exe 1336
C:\Windows\System32\svchost.exe 1360
C:\Windows\System32\svchost.exe 1384
C:\Windows\system32\svchost.exe 1412
C:\Windows\system32\svchost.exe 1540
C:\Windows\system32\SLsvc.exe 1564
C:\Windows\system32\svchost.exe 1592
C:\Program Files\Dell\DellDock\DockLogin.exe 1708
C:\Windows\system32\Ati2evxx.exe 1720
C:\Windows\system32\svchost.exe 1808
C:\Windows\System32\spoolsv.exe 2008
C:\Windows\system32\svchost.exe 2036
C:\Windows\system32\taskeng.exe 2124
C:\Windows\system32\Dwm.exe 2136
C:\Windows\Explorer.EXE 2180
C:\Windows\system32\taskeng.exe 2216
C:\Program Files\Dell\DellDock\DellDock.exe 2308
C:\Windows\system32\conime.exe 2460
C:\Windows\RtHDVCpl.exe 2540
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE 2624
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2660
C:\Program Files\Common Files\Real\Update_OB\realsched.exe 2708
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe 2716
C:\Program Files\AVG\AVG9\avgtray.exe 2728
C:\Program Files\Java\jre6\bin\jusched.exe 2792
C:\Program Files\Windows Sidebar\sidebar.exe 2868
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2884
C:\Windows\ehome\ehtray.exe 2916
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2928
C:\Windows\ehome\ehmsas.exe 3024
C:\Program Files\Electronic Arts\EADM\Core.exe 3036
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe 3052
C:\Program Files\Windows Media Player\wmpnscfg.exe 3076
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3308
C:\Program Files\Registry Mechanic\regmech.exe 3336
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2380
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE 1520
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE 2320
C:\Windows\system32\FsUsbExService.Exe 2520
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE 2748
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE 2876
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe 3324
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 3452
C:\Windows\system32\svchost.exe 3556
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2844
C:\Program Files\AVG\AVG9\avgnsx.exe 3612
C:\Windows\system32\svchost.exe 3856
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe 3792
C:\Windows\System32\svchost.exe 2340
C:\Windows\system32\SearchIndexer.exe 4088
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 1628
C:\Windows\system32\WUDFHost.exe 4152
C:\Program Files\Windows Media Player\wmpnetwk.exe 4364
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe 4404
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe 4800
C:\Program Files\Windows Mail\WinMail.exe 5024
C:\Program Files\Dell Support Center\bin\sprtsvc.exe 5912
C:\Program Files\Internet Explorer\iexplore.exe 5832
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1904
C:\Windows\system32\taskeng.exe 5744
C:\Windows\system32\wbem\wmiprvse.exe 4748
################## | Elements infectieux |
E:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{a9612469-fa8b-11dd-a92e-806e6f6e6963}
shell\AutoRun\command =E:\Autorun.exe
HKCU\..\..\Explorer\MountPoints2\{bb0cf908-d1d8-11de-8b05-e5d9022f5fa5}
shell\AutoRun\command =J:\LaunchU3.exe -a
################## | Cracks > Keygens > Serials |
################## | ! Fin du rapport # UsbFix V6.071 ! |
############################## | UsbFix V6.071 |
User : Michon (Administrateurs) # PC-DE-MICHON
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 19:01:58 | 07/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 288,02 Go (186,01 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 10 Go (4,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 5,48 Go (0 Mo free) [Sims3EP01] # UDF
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 3,72 Go (2,12 Go free) [KINGSTON] # FAT32
############################## | Processus actifs |
C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\wininit.exe 620
C:\Windows\system32\csrss.exe 632
C:\Program Files\AVG\AVG9\avgchsvx.exe 644
C:\Program Files\AVG\AVG9\avgrsx.exe 652
C:\Windows\system32\services.exe 712
C:\Program Files\AVG\AVG9\avgcsrvx.exe 728
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 1012
C:\Windows\system32\svchost.exe 1140
C:\Windows\system32\svchost.exe 1200
C:\Windows\system32\Ati2evxx.exe 1336
C:\Windows\System32\svchost.exe 1360
C:\Windows\System32\svchost.exe 1384
C:\Windows\system32\svchost.exe 1412
C:\Windows\system32\svchost.exe 1540
C:\Windows\system32\SLsvc.exe 1564
C:\Windows\system32\svchost.exe 1592
C:\Program Files\Dell\DellDock\DockLogin.exe 1708
C:\Windows\system32\Ati2evxx.exe 1720
C:\Windows\system32\svchost.exe 1808
C:\Windows\System32\spoolsv.exe 2008
C:\Windows\system32\svchost.exe 2036
C:\Windows\system32\taskeng.exe 2124
C:\Windows\system32\Dwm.exe 2136
C:\Windows\Explorer.EXE 2180
C:\Windows\system32\taskeng.exe 2216
C:\Program Files\Dell\DellDock\DellDock.exe 2308
C:\Windows\system32\conime.exe 2460
C:\Windows\RtHDVCpl.exe 2540
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE 2624
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2660
C:\Program Files\Common Files\Real\Update_OB\realsched.exe 2708
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe 2716
C:\Program Files\AVG\AVG9\avgtray.exe 2728
C:\Program Files\Java\jre6\bin\jusched.exe 2792
C:\Program Files\Windows Sidebar\sidebar.exe 2868
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2884
C:\Windows\ehome\ehtray.exe 2916
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2928
C:\Windows\ehome\ehmsas.exe 3024
C:\Program Files\Electronic Arts\EADM\Core.exe 3036
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe 3052
C:\Program Files\Windows Media Player\wmpnscfg.exe 3076
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3308
C:\Program Files\Registry Mechanic\regmech.exe 3336
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2380
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE 1520
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE 2320
C:\Windows\system32\FsUsbExService.Exe 2520
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE 2748
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE 2876
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe 3324
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 3452
C:\Windows\system32\svchost.exe 3556
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2844
C:\Program Files\AVG\AVG9\avgnsx.exe 3612
C:\Windows\system32\svchost.exe 3856
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe 3792
C:\Windows\System32\svchost.exe 2340
C:\Windows\system32\SearchIndexer.exe 4088
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 1628
C:\Windows\system32\WUDFHost.exe 4152
C:\Program Files\Windows Media Player\wmpnetwk.exe 4364
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe 4404
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe 4800
C:\Program Files\Windows Mail\WinMail.exe 5024
C:\Program Files\Dell Support Center\bin\sprtsvc.exe 5912
C:\Program Files\Internet Explorer\iexplore.exe 5832
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1904
C:\Windows\system32\taskeng.exe 5744
C:\Windows\system32\wbem\wmiprvse.exe 4748
################## | Elements infectieux |
E:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{a9612469-fa8b-11dd-a92e-806e6f6e6963}
shell\AutoRun\command =E:\Autorun.exe
HKCU\..\..\Explorer\MountPoints2\{bb0cf908-d1d8-11de-8b05-e5d9022f5fa5}
shell\AutoRun\command =J:\LaunchU3.exe -a
################## | Cracks > Keygens > Serials |
################## | ! Fin du rapport # UsbFix V6.071 ! |
autre rapport:
############################## | UsbFix V6.071 |
User : Michon (Administrateurs) # PC-DE-MICHON
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 19:01:58 | 07/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 288,02 Go (186,01 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 10 Go (4,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 5,48 Go (0 Mo free) [Sims3EP01] # UDF
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 3,72 Go (2,12 Go free) [KINGSTON] # FAT32
############################## | Processus actifs |
C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\wininit.exe 620
C:\Windows\system32\csrss.exe 632
C:\Program Files\AVG\AVG9\avgchsvx.exe 644
C:\Program Files\AVG\AVG9\avgrsx.exe 652
C:\Windows\system32\services.exe 712
C:\Program Files\AVG\AVG9\avgcsrvx.exe 728
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 1012
C:\Windows\system32\svchost.exe 1140
C:\Windows\system32\svchost.exe 1200
C:\Windows\system32\Ati2evxx.exe 1336
C:\Windows\System32\svchost.exe 1360
C:\Windows\System32\svchost.exe 1384
C:\Windows\system32\svchost.exe 1412
C:\Windows\system32\svchost.exe 1540
C:\Windows\system32\SLsvc.exe 1564
C:\Windows\system32\svchost.exe 1592
C:\Program Files\Dell\DellDock\DockLogin.exe 1708
C:\Windows\system32\Ati2evxx.exe 1720
C:\Windows\system32\svchost.exe 1808
C:\Windows\System32\spoolsv.exe 2008
C:\Windows\system32\svchost.exe 2036
C:\Windows\system32\taskeng.exe 2124
C:\Windows\system32\Dwm.exe 2136
C:\Windows\Explorer.EXE 2180
C:\Windows\system32\taskeng.exe 2216
C:\Program Files\Dell\DellDock\DellDock.exe 2308
C:\Windows\system32\conime.exe 2460
C:\Windows\RtHDVCpl.exe 2540
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE 2624
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2660
C:\Program Files\Common Files\Real\Update_OB\realsched.exe 2708
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe 2716
C:\Program Files\AVG\AVG9\avgtray.exe 2728
C:\Program Files\Java\jre6\bin\jusched.exe 2792
C:\Program Files\Windows Sidebar\sidebar.exe 2868
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2884
C:\Windows\ehome\ehtray.exe 2916
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2928
C:\Windows\ehome\ehmsas.exe 3024
C:\Program Files\Electronic Arts\EADM\Core.exe 3036
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe 3052
C:\Program Files\Windows Media Player\wmpnscfg.exe 3076
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3308
C:\Program Files\Registry Mechanic\regmech.exe 3336
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2380
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE 1520
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE 2320
C:\Windows\system32\FsUsbExService.Exe 2520
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE 2748
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE 2876
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe 3324
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 3452
C:\Windows\system32\svchost.exe 3556
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2844
C:\Program Files\AVG\AVG9\avgnsx.exe 3612
C:\Windows\system32\svchost.exe 3856
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe 3792
C:\Windows\System32\svchost.exe 2340
C:\Windows\system32\SearchIndexer.exe 4088
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 1628
C:\Windows\system32\WUDFHost.exe 4152
C:\Program Files\Windows Media Player\wmpnetwk.exe 4364
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe 4404
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe 4800
C:\Program Files\Windows Mail\WinMail.exe 5024
C:\Program Files\Dell Support Center\bin\sprtsvc.exe 5912
C:\Program Files\Internet Explorer\iexplore.exe 5832
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1904
C:\Windows\system32\taskeng.exe 5744
C:\Windows\system32\wbem\wmiprvse.exe 4748
################## | Elements infectieux |
E:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{a9612469-fa8b-11dd-a92e-806e6f6e6963}
shell\AutoRun\command =E:\Autorun.exe
HKCU\..\..\Explorer\MountPoints2\{bb0cf908-d1d8-11de-8b05-e5d9022f5fa5}
shell\AutoRun\command =J:\LaunchU3.exe -a
################## | Cracks > Keygens > Serials |
################## | ! Fin du rapport # UsbFix V6.071 ! |
############################## | UsbFix V6.071 |
User : Michon (Administrateurs) # PC-DE-MICHON
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 19:01:58 | 07/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 288,02 Go (186,01 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 10 Go (4,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM # 5,48 Go (0 Mo free) [Sims3EP01] # UDF
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 3,72 Go (2,12 Go free) [KINGSTON] # FAT32
############################## | Processus actifs |
C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 560
C:\Windows\system32\wininit.exe 620
C:\Windows\system32\csrss.exe 632
C:\Program Files\AVG\AVG9\avgchsvx.exe 644
C:\Program Files\AVG\AVG9\avgrsx.exe 652
C:\Windows\system32\services.exe 712
C:\Program Files\AVG\AVG9\avgcsrvx.exe 728
C:\Windows\system32\lsass.exe 744
C:\Windows\system32\lsm.exe 752
C:\Windows\system32\winlogon.exe 1012
C:\Windows\system32\svchost.exe 1140
C:\Windows\system32\svchost.exe 1200
C:\Windows\system32\Ati2evxx.exe 1336
C:\Windows\System32\svchost.exe 1360
C:\Windows\System32\svchost.exe 1384
C:\Windows\system32\svchost.exe 1412
C:\Windows\system32\svchost.exe 1540
C:\Windows\system32\SLsvc.exe 1564
C:\Windows\system32\svchost.exe 1592
C:\Program Files\Dell\DellDock\DockLogin.exe 1708
C:\Windows\system32\Ati2evxx.exe 1720
C:\Windows\system32\svchost.exe 1808
C:\Windows\System32\spoolsv.exe 2008
C:\Windows\system32\svchost.exe 2036
C:\Windows\system32\taskeng.exe 2124
C:\Windows\system32\Dwm.exe 2136
C:\Windows\Explorer.EXE 2180
C:\Windows\system32\taskeng.exe 2216
C:\Program Files\Dell\DellDock\DellDock.exe 2308
C:\Windows\system32\conime.exe 2460
C:\Windows\RtHDVCpl.exe 2540
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE 2624
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2660
C:\Program Files\Common Files\Real\Update_OB\realsched.exe 2708
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe 2716
C:\Program Files\AVG\AVG9\avgtray.exe 2728
C:\Program Files\Java\jre6\bin\jusched.exe 2792
C:\Program Files\Windows Sidebar\sidebar.exe 2868
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2884
C:\Windows\ehome\ehtray.exe 2916
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2928
C:\Windows\ehome\ehmsas.exe 3024
C:\Program Files\Electronic Arts\EADM\Core.exe 3036
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe 3052
C:\Program Files\Windows Media Player\wmpnscfg.exe 3076
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3308
C:\Program Files\Registry Mechanic\regmech.exe 3336
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2380
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE 1520
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE 2320
C:\Windows\system32\FsUsbExService.Exe 2520
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE 2748
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE 2876
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe 3324
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 3452
C:\Windows\system32\svchost.exe 3556
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2844
C:\Program Files\AVG\AVG9\avgnsx.exe 3612
C:\Windows\system32\svchost.exe 3856
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe 3792
C:\Windows\System32\svchost.exe 2340
C:\Windows\system32\SearchIndexer.exe 4088
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 1628
C:\Windows\system32\WUDFHost.exe 4152
C:\Program Files\Windows Media Player\wmpnetwk.exe 4364
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe 4404
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe 4800
C:\Program Files\Windows Mail\WinMail.exe 5024
C:\Program Files\Dell Support Center\bin\sprtsvc.exe 5912
C:\Program Files\Internet Explorer\iexplore.exe 5832
C:\Program Files\Windows Live\Toolbar\wltuser.exe 1904
C:\Windows\system32\taskeng.exe 5744
C:\Windows\system32\wbem\wmiprvse.exe 4748
################## | Elements infectieux |
E:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{a9612469-fa8b-11dd-a92e-806e6f6e6963}
shell\AutoRun\command =E:\Autorun.exe
HKCU\..\..\Explorer\MountPoints2\{bb0cf908-d1d8-11de-8b05-e5d9022f5fa5}
shell\AutoRun\command =J:\LaunchU3.exe -a
################## | Cracks > Keygens > Serials |
################## | ! Fin du rapport # UsbFix V6.071 ! |
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bonsoir laurent
désolé pour l'attente
relance usbfix
# choisi l'option 2 ( Suppression )
# Ton bureau disparaîtra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
# ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
# :!: UsbFix te proposera d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097
# Ce dossier a été créé par UsbFix et est enregistré sur ton bureau.
# Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
# Merci d'avance pour ta contribution !!
-----------------------------------------------------------------------------
Télécharge Ccleaner avec un tuto
Fais le nettoyage et recherche les erreurs du registre comme expliqué en bas du tutoriel.
---------------------------------------------------------------------
j'attends réponse pour supprimer f-sécure , il va falloir être patient
-------------------------------------------------------------------------
fait un scan hijackthis , merci
* Télécharge hijackthis
* Tout est expliqué pour bien l installer et savoir l'utiliser.
Comment copier/coller le rapport :
Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
Ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
désolé pour l'attente
relance usbfix
# choisi l'option 2 ( Suppression )
# Ton bureau disparaîtra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.
# Ensuite post le rapport UsbFix.txt qui apparaîtra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
# ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
# :!: UsbFix te proposera d'uploader un dossier compressé à cette adresse : https://www.ionos.fr/?affiliate_id=77097
# Ce dossier a été créé par UsbFix et est enregistré sur ton bureau.
# Merci de l'envoyer à l'adresse indiquée afin d'aider l'auteur de UsbFix dans ses recherches.
# Merci d'avance pour ta contribution !!
-----------------------------------------------------------------------------
Télécharge Ccleaner avec un tuto
Fais le nettoyage et recherche les erreurs du registre comme expliqué en bas du tutoriel.
---------------------------------------------------------------------
j'attends réponse pour supprimer f-sécure , il va falloir être patient
-------------------------------------------------------------------------
fait un scan hijackthis , merci
* Télécharge hijackthis
* Tout est expliqué pour bien l installer et savoir l'utiliser.
Comment copier/coller le rapport :
Quand tu as le rapport à l écran, tu fais ctrl A pour "sélectionner tout" puis ctrl C pour "copier".
Ensuite tu viens sur le forum pour me répondre et tu fais ctrl V pour "coller" le rapport.
re
j'ai trouvé ceci pour F-Secure
lis attentivement avant l'exécution
http://www.vista-xp.fr/forum/topic2765.html
j'ai trouvé ceci pour F-Secure
lis attentivement avant l'exécution
http://www.vista-xp.fr/forum/topic2765.html
merci pour ta patience.
rapport usb fix:
######################## | UsbFix V6.071 |
User : Michon (Administrateurs) # PC-DE-MICHON
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:59:57 | 08/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 288,02 Go (181,34 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 10 Go (4,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 3,72 Go (2,12 Go free) [KINGSTON] # FAT32
############################## | Processus actifs |
C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 576
C:\Windows\system32\wininit.exe 636
C:\Windows\system32\csrss.exe 648
C:\Program Files\AVG\AVG9\avgchsvx.exe 660
C:\Program Files\AVG\AVG9\avgrsx.exe 668
C:\Windows\system32\services.exe 712
C:\Windows\system32\lsass.exe 732
C:\Windows\system32\lsm.exe 744
C:\Program Files\AVG\AVG9\avgcsrvx.exe 760
C:\Windows\system32\winlogon.exe 1028
C:\Windows\system32\svchost.exe 1184
C:\Windows\system32\svchost.exe 1248
C:\Windows\system32\Ati2evxx.exe 1416
C:\Windows\System32\svchost.exe 1448
C:\Windows\System32\svchost.exe 1472
C:\Windows\system32\svchost.exe 1484
C:\Windows\system32\svchost.exe 1612
C:\Windows\system32\SLsvc.exe 1632
C:\Windows\system32\svchost.exe 1668
C:\Program Files\Dell\DellDock\DockLogin.exe 1792
C:\Windows\system32\Ati2evxx.exe 1824
C:\Windows\system32\svchost.exe 1912
C:\Windows\System32\spoolsv.exe 340
C:\Windows\system32\svchost.exe 364
C:\Windows\system32\taskeng.exe 2060
C:\Windows\system32\Dwm.exe 2088
C:\Windows\Explorer.EXE 2128
C:\Windows\system32\taskeng.exe 2176
C:\Program Files\Google\Update\GoogleUpdate.exe 2196
C:\Program Files\Dell\DellDock\DellDock.exe 2248
C:\Windows\system32\conime.exe 2348
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2676
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE 2704
C:\Windows\system32\FsUsbExService.Exe 2724
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE 2732
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE 2780
C:\Program Files\Google\Update\GoogleUpdate.exe 3000
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE 3036
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 3084
C:\Windows\system32\svchost.exe 3148
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe 3164
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3172
C:\Windows\system32\svchost.exe 3216
C:\Program Files\Google\Update\GoogleUpdate.exe 3264
C:\Windows\System32\svchost.exe 3316
C:\Program Files\Winsudate\gibsvc.exe 3568
C:\Program Files\AVG\AVG9\avgnsx.exe 3616
C:\Windows\system32\SearchIndexer.exe 3696
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3836
C:\Windows\system32\WUDFHost.exe 3928
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe 2072
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe 2468
C:\Windows\system32\runonce.exe 1312
C:\Windows\system32\wbem\wmiprvse.exe 2356
################## | Elements infectieux |
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3395499582-3656299844-1299793059-500
Supprimé ! D:\$Recycle.Bin\S-1-5-18
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-500
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{bb0cf908-d1d8-11de-8b05-e5d9022f5fa5}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[04/01/2010 13:47|--a------|7716] C:\Ad-Report-CLEAN[1].log
[07/07/2009 14:56|--a------|0] C:\AILog.txt
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[18/09/2006 22:43|--a------|10] C:\config.sys
[14/02/2009 20:33|-rah-----|4850] C:\dell.sdr
[?|?|?] C:\hiberfil.sys
[27/11/2009 15:38|-rahs----|0] C:\IO.SYS
[27/11/2009 15:38|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[07/01/2010 18:56|--a------|2133] C:\TB.txt
[08/01/2010 18:02|--a------|4539] C:\UsbFix.txt
[17/11/2009 12:41|--a------|723742720] J:\Dieudonne - Cocorico a Bobino.avi
[17/11/2009 13:35|--a------|991786662] J:\Dieudonne - J'ai Fait l'Con.avi
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
################## | Crack > Keygen > Serial |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\Michon\Desktop\UsbFix_Upload_Me_PC-de-Michon.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.071 ! |
rapport usb fix:
######################## | UsbFix V6.071 |
User : Michon (Administrateurs) # PC-DE-MICHON
Update on 06/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 17:59:57 | 08/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Disabled
C:\ -> Disque fixe local # 288,02 Go (181,34 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 10 Go (4,37 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 3,72 Go (2,12 Go free) [KINGSTON] # FAT32
############################## | Processus actifs |
C:\Windows\System32\smss.exe 492
C:\Windows\system32\csrss.exe 576
C:\Windows\system32\wininit.exe 636
C:\Windows\system32\csrss.exe 648
C:\Program Files\AVG\AVG9\avgchsvx.exe 660
C:\Program Files\AVG\AVG9\avgrsx.exe 668
C:\Windows\system32\services.exe 712
C:\Windows\system32\lsass.exe 732
C:\Windows\system32\lsm.exe 744
C:\Program Files\AVG\AVG9\avgcsrvx.exe 760
C:\Windows\system32\winlogon.exe 1028
C:\Windows\system32\svchost.exe 1184
C:\Windows\system32\svchost.exe 1248
C:\Windows\system32\Ati2evxx.exe 1416
C:\Windows\System32\svchost.exe 1448
C:\Windows\System32\svchost.exe 1472
C:\Windows\system32\svchost.exe 1484
C:\Windows\system32\svchost.exe 1612
C:\Windows\system32\SLsvc.exe 1632
C:\Windows\system32\svchost.exe 1668
C:\Program Files\Dell\DellDock\DockLogin.exe 1792
C:\Windows\system32\Ati2evxx.exe 1824
C:\Windows\system32\svchost.exe 1912
C:\Windows\System32\spoolsv.exe 340
C:\Windows\system32\svchost.exe 364
C:\Windows\system32\taskeng.exe 2060
C:\Windows\system32\Dwm.exe 2088
C:\Windows\Explorer.EXE 2128
C:\Windows\system32\taskeng.exe 2176
C:\Program Files\Google\Update\GoogleUpdate.exe 2196
C:\Program Files\Dell\DellDock\DellDock.exe 2248
C:\Windows\system32\conime.exe 2348
C:\Program Files\AVG\AVG9\avgwdsvc.exe 2676
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE 2704
C:\Windows\system32\FsUsbExService.Exe 2724
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE 2732
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE 2780
C:\Program Files\Google\Update\GoogleUpdate.exe 3000
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE 3036
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 3084
C:\Windows\system32\svchost.exe 3148
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe 3164
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3172
C:\Windows\system32\svchost.exe 3216
C:\Program Files\Google\Update\GoogleUpdate.exe 3264
C:\Windows\System32\svchost.exe 3316
C:\Program Files\Winsudate\gibsvc.exe 3568
C:\Program Files\AVG\AVG9\avgnsx.exe 3616
C:\Windows\system32\SearchIndexer.exe 3696
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3836
C:\Windows\system32\WUDFHost.exe 3928
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe 2072
C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsus.exe 2468
C:\Windows\system32\runonce.exe 1312
C:\Windows\system32\wbem\wmiprvse.exe 2356
################## | Elements infectieux |
Supprimé ! C:\$Recycle.Bin\S-1-5-18
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3395499582-3656299844-1299793059-500
Supprimé ! D:\$Recycle.Bin\S-1-5-18
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-1307762949-3349353204-2099759575-500
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{bb0cf908-d1d8-11de-8b05-e5d9022f5fa5}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[04/01/2010 13:47|--a------|7716] C:\Ad-Report-CLEAN[1].log
[07/07/2009 14:56|--a------|0] C:\AILog.txt
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[11/04/2009 07:36|-rahs----|333257] C:\bootmgr
[18/09/2006 22:43|--a------|10] C:\config.sys
[14/02/2009 20:33|-rah-----|4850] C:\dell.sdr
[?|?|?] C:\hiberfil.sys
[27/11/2009 15:38|-rahs----|0] C:\IO.SYS
[27/11/2009 15:38|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[07/01/2010 18:56|--a------|2133] C:\TB.txt
[08/01/2010 18:02|--a------|4539] C:\UsbFix.txt
[17/11/2009 12:41|--a------|723742720] J:\Dieudonne - Cocorico a Bobino.avi
[17/11/2009 13:35|--a------|991786662] J:\Dieudonne - J'ai Fait l'Con.avi
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
################## | Crack > Keygen > Serial |
################## | Upload |
Veuillez envoyer le fichier : C:\Users\Michon\Desktop\UsbFix_Upload_Me_PC-de-Michon.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.071 ! |
hisjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:53:54, on 08/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Michon\Desktop\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6.3; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://gs.comedycentral.com/games/southParkBigWheelDeathRally/SouthPark2.dcr"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD0728E6-6908-4387-B76B-836CA23D302C}: NameServer = 86.64.145.140 84.103.237.140
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Service Google Update (gupdate1c9d87378fba237) (gupdate1c9d87378fba237) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:53:54, on 08/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Michon\Desktop\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6.3; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MDDC; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://gs.comedycentral.com/games/southParkBigWheelDeathRally/SouthPark2.dcr"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AD0728E6-6908-4387-B76B-836CA23D302C}: NameServer = 86.64.145.140 84.103.237.140
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Service Google Update (gupdate1c9d87378fba237) (gupdate1c9d87378fba237) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
re
tu as attrapé une infection que tu n'avais pas avant ?
Ca vient d'un programme pour vérifier les résultats du bac, voir : rapport-antivir-program-files-winsudate-gibusr-exe-t20105.html#p162782
Regarde quand même dans ajout/suppression de programmes, si y a pas un truc :
france examen qq chose
gibusr
letmiin
winletmin
si y a pas, pour le supprimer... :
- Demarrer / executer / tape services.msc
- Cherche Gestionnaire de mise à jour Winsudate dans la liste
- Double clic dessus, positionne le type de démarrage sur désactiver
Redémarre l'ordinateur
-- Menu Démarrer puis executer, dans le champs tape : SC delete WinSvc
Supprime le dossier : C:\Program Files\Winsudate\
Supprime ausi celui-ci au passage : C:\Program Files\PHPNukeFR
-----------------------------------------------------------------------------------------------------------------
relances hijackthis , "do a scan only " et coches les lignes suivantes:
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot => Real Networks®Real Player
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime => Apple®Quick Time
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" => Adobe®Acrobat Reader
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" => Google®Toolbar
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing) => Boonty®Boonty Games
clique "fixchecked" et redemarres ton pc
--------------------------------------------------------------------------------------------------------------------
repasse ccleaner complet
----------------------------------------------------------------------------------------------------------------
Questions
As-tu fait ce qui était demandé pour boonty games et f-sécure ?
-----------------------------------------------------------------------------------------------------------
refais un scan hijackthis
tu as attrapé une infection que tu n'avais pas avant ?
Ca vient d'un programme pour vérifier les résultats du bac, voir : rapport-antivir-program-files-winsudate-gibusr-exe-t20105.html#p162782
Regarde quand même dans ajout/suppression de programmes, si y a pas un truc :
france examen qq chose
gibusr
letmiin
winletmin
si y a pas, pour le supprimer... :
- Demarrer / executer / tape services.msc
- Cherche Gestionnaire de mise à jour Winsudate dans la liste
- Double clic dessus, positionne le type de démarrage sur désactiver
Redémarre l'ordinateur
-- Menu Démarrer puis executer, dans le champs tape : SC delete WinSvc
Supprime le dossier : C:\Program Files\Winsudate\
Supprime ausi celui-ci au passage : C:\Program Files\PHPNukeFR
-----------------------------------------------------------------------------------------------------------------
relances hijackthis , "do a scan only " et coches les lignes suivantes:
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{1c491116-c175-45e1-a570-6fb14fea8b7b} - (no file)
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot => Real Networks®Real Player
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime => Apple®Quick Time
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" => Adobe®Acrobat Reader
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" => Google®Toolbar
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing) => Boonty®Boonty Games
clique "fixchecked" et redemarres ton pc
--------------------------------------------------------------------------------------------------------------------
repasse ccleaner complet
----------------------------------------------------------------------------------------------------------------
Questions
As-tu fait ce qui était demandé pour boonty games et f-sécure ?
-----------------------------------------------------------------------------------------------------------
refais un scan hijackthis