Trojan Downloader Renos.jm Help me please!!

Résolu/Fermé
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010 - 24 janv. 2010 à 09:36
 Utilisateur anonyme - 27 janv. 2010 à 20:44
Bonjour à tous,

J'ai été infecté par un trojan downloader Renos.jm et je n'arrive pas à le faire partir avec Malwarebytes..j'ai essayé de faire un scan en mode échec, il me trouve à chaque fois de nouveaux fichiers infectés, je les supprime et windows defender trouve toujours ce virus...je réeffectue un scan et toujours la même chose..quelqu'un peut t-il m'aider svp?
A voir également:

15 réponses

Utilisateur anonyme
24 janv. 2010 à 10:39
Bonjour

• Télécharge rsit outil de diagnostic afin d'identifier les divers infections: http://images.malwareremoval.com/random/RSIT.exe
* Sous XP : double-cliquez sur RSIT.exe pour lancer l'outil.
* Si vous êtes sous vista vous devez exécuter RSIT avec les droits d'administrateur, pour cela Clique droit sur RSIT et "Lancer en tant qu'administrateur"
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur 'Continue' à l'écran Disclaimer.
• Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
• Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.
( C:\RSIT\log.txt et C:\RSIT\info.txt )
• CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
24 janv. 2010 à 11:34
Merci de me répondre si vite! voici le contenu du premier rapport,le second rapport est plus bas:

Premier rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by dany at 2010-01-24 11:20:17
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 6 GB (7%) free of 85 GB
Total RAM: 1790 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:40, on 24/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\dany\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\explorer.exe
D:\telechargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\dany.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [OA004Cfg.exe] OA004Cfg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\dany\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\Users\dany\AppData\Local\Temp\Kvr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{86BB3648-3355-4386-8553-A45C10CBD218}: NameServer = 213.166.201.1,213.166.201.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b29d9527f0b3) (gupdate1c9b29d9527f0b3) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Utilisateur anonyme
24 janv. 2010 à 12:40
Pas mal d'infections

• Télécharge :https://www.superantispyware.com/
• Choisis "enregistrer" et enregistre-le sur ton bureau.
• Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.
• Créé une icône sur le bureau.
• Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.
• Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
• Sous Configuration and Preferences, clique sur le bouton "Preferences"
• Clique sur l'onglet "Scanning Control "
• Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :
• Close browsers before scanning
• Scan for tracking cookies
• Terminate memory threats before quarantining
• Laisse les autres lignes décochées.
• Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.
• Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".
• Dans la colonne de gauche, coche C:\Fixed Drive.
• Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"
• Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.
• A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.
• Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".
• Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.
• Pour recopier les informations sur le forum, fais ceci :
• après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
• Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
• Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.
• Le rapport va s'ouvrir dans ton éditeur de texte par défaut.
• Copie son contenu dans ta réponse.
• Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.
https://www.malekal.com/?s=SUPERAntiSpyware

0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
24 janv. 2010 à 19:52
Salut après 4h de scan,voici le log généré avec SuperAntiSpyware:


SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 01/24/2010 at 05:39 PM

Application Version : 4.33.1000

Core Rules Database Version : 4511
Trace Rules Database Version: 2323

Scan type : Complete Scan
Total Scan Time : 04:18:48

Memory items scanned : 535
Memory threats detected : 0
Registry items scanned : 9594
Registry threats detected : 1
File items scanned : 69641
File threats detected : 4168

Trojan.Agent/Gen-CDesc[X]
[BMIMZMHMFM] C:\USERS\DANY\APPDATA\LOCAL\TEMP\KVR.EXE
C:\USERS\DANY\APPDATA\LOCAL\TEMP\KVR.EXE
C:\USERS\DANY\APPDATA\LOCAL\TEMP\KVQ.EXE

Adware.Tracking Cookie
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@xfy5f399718f2ab88404ee9b92a26237ff3.logv143.xiti.com.id175974.xdir[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adprotraffic[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@content.yieldmanager[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad.yieldmanager[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@hardsextube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.xxxautomat[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@bluestreak[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@apmebf[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@overture[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@2006.stats.stats[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@toplist[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@hotfuckbook[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornhub[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@porn.vidz[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@hisexgirls[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@774.stats.misstrends[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@eas.apm.emediate[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@fireporno[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.pornflashmovies[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@interflora2.solution.weborama[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@track.effiliation[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.tubeporngigs[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@momspornmovies[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.sexogolic[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@advertising[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.whaleads[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.search-torrent[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@double-sexe[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.crakmedia[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adserver.aol[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.spartateen[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adcount.70yx[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@bigmilfporno[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@counter3.sextracker[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@homemadesextube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@content.yieldmanager[4].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@sextracker[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@onpornstar[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.eroticteentube[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.gladteen[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@d2.advertserve[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@statcounter[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@t.bbtrack[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@tsprotraffic[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.gamersmedia[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad2.doublepimp[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.ideal-teens[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.fuck[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@818.stats.misstrends[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@smartadserver[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@content.yieldmanager[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@exoclick[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ts.protraffic[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@yourmedia[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@summerlashayxxx[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.moncv[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ero-advertising[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@nextag[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@bluestreak[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@serving-sys[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.teensnow[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@1559.stats.misstrends[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@tradedoubler[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.pornhub[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@xxxcounter[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@traffic.uusee[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornotesao[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@fullsexmovies[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.keepteens[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.eroticteentube[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.selfishteens[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@mmedia.t134[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@247realmedia[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@trafficholder[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@icesexgirl[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@2056.stats.misstrends[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adfarm1.adition[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad.proxad[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@1734.stats.misstrends[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@mediaffiliation[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@doubleclick[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adserving.aedgency[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@imrworldwide[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adserver.hardsextube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@russian-porntube[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@1936.stats.stats[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.ad4game[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad.weblogy[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@media6degrees[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adtech[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@sexlist[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@rm.piximedia[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@milfporn[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@banner.eurogrand[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.adgo-online[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@xiti[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@youporn[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@atdmt[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@content.yieldmanager[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@stat.ppstream[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@smartadserver[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.sexittender[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@toplist[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@madfucktube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@sexothumbs[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@tube1sex[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@663.stats.misstrends[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@atdmt[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@galleries.adult-empire[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.milfporn[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@bigsexshok[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.sexogolic[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.idealsexy[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@dev.hardsextube[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornattitude[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad.zanox[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.hardsextube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad.yieldmanager[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@maturelikesex[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@yadro[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@tubeporngigs[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.sexmummy[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adxpansion[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@counter15.sextracker[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@abysspornstars[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornhost[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@teenietube[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@fuck[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@sexgoldtube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.fullsexmovies[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@russianpornoxxx[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@questionmarket[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@zedo[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornflashmovies[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@18freshteenies[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@xm.xtendmedia[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.pornotesao[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@1914.finditquickad[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.adultadvertising[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pointroll[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@fuckedteeny[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@gladteen[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@zbox.zanox[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.sexothumbs[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.hardteentube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@free.pornflashmovies[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.deenero[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adultfriendfinder[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@clickpayz10.91457.blueseek[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.madfucktube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@brightpornstars[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.teenartphotos[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.18freshteenies[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.drunkfucking[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@shop.zanox[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@xxx4u[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@mediaplex[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.teeniepornotube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.pornblues[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.onpornstar[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornmomsxxx[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ideal-teens[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@yporn[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@pornteensmovies[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ads.pointroll[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@weborama[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adbrite[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@teensnow[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@reduxmedia[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@sexsilvertube[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@abyssteens[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@wt.sexsearchcom[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.sexyfatdaily[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@maturelikesex[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@galleries1.adult-empire[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@www.onpornstar[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@beeporn[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@zanox[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@russian-porntube[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@ad.zanox[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@advertising[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@adviva[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@exoclick[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\dany@zedo[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\Low\dany@ads.operadormovilsms[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\Low\dany@www.googleadservices[1].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\Low\dany@www.googleadservices[2].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\Low\dany@www.googleadservices[3].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\Low\dany@www.googleadservices[4].txt
C:\Users\dany\AppData\Roaming\Microsoft\Windows\Cookies\Low\dany@yourmedia[1].txt

Trojan.Agent/Gen
C:\Program Files\SYS\fonts\ttf\cm\cmb10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbsy10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbsy6.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbsy7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbsy8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbsy9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx5.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx6.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbx9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbxsl10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmbxti10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmcsc10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmcsc8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmcsc9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmdunh10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmex10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmex7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmex8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmex9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmff10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmfi10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmfib8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cminch.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmitt10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi5.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi6.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmi9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmib10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmib6.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmib7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmib8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmmib9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr17.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr5.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr6.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmr9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsl10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsl12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsl8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsl9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsltt10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmss10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmss12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmss17.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmss8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmss9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssbx10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssdc10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssi10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssi12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssi17.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssi8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssi9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssq8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmssqi8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsy10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsy5.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsy6.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsy7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsy8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmsy9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtcsc10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtex10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtex8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtex9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmti10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmti12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmti7.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmti8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmti9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtt10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtt12.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtt8.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmtt9.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmu10.ttf
C:\Program Files\SYS\fonts\ttf\cm\cmvtt10.ttf
C:\Program Files\SYS\fonts\ttf\cm\euex10.ttf
C:\Program Files\SYS\fonts\ttf\cm\euex7.ttf
C:\Program Files\SYS\fonts\ttf\cm\euex8.ttf
C:\Program Files\SYS\fonts\ttf\cm\euex9.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufb10.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufb5.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufb6.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufb7.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufb8.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufb9.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufm10.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufm5.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufm6.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufm7.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufm8.ttf
C:\Program Files\SYS\fonts\ttf\cm\eufm9.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurb10.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurb5.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurb6.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurb7.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurb8.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurb9.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurm10.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurm5.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurm6.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurm7.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurm8.ttf
C:\Program Files\SYS\fonts\ttf\cm\eurm9.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusb10.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusb5.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusb6.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusb7.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusb8.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusb9.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusm10.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusm5.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusm6.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusm7.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusm8.ttf
C:\Program Files\SYS\fonts\ttf\cm\eusm9.ttf
C:\Program Files\SYS\fonts\ttf\cm\msam10.ttf
C:\Program Files\SYS\fonts\ttf\cm\msam5.ttf
C:\Program Files\SYS\fonts\ttf\cm\msam6.ttf
C:\Program Files\SYS\fonts\ttf\cm\msam7.ttf
C:\Program Files\SYS\fonts\ttf\cm\msam8.ttf
C:\Program Files\SYS\fonts\ttf\cm\msam9.ttf
C:\Program Files\SYS\fonts\ttf\cm\msbm10.ttf
C:\Program Files\SYS\fonts\ttf\cm\msbm5.ttf
C:\Program Files\SYS\fonts\ttf\cm\msbm6.ttf
C:\Program Files\SYS\fonts\ttf\cm\msbm7.ttf
C:\Program Files\SYS\fonts\ttf\cm\msbm8.ttf
C:\Program Files\SYS\fonts\ttf\cm\msbm9.ttf
C:\Program Files\SYS\fonts\ttf\cm\README
C:\Program Files\SYS\fonts\ttf\cm
C:\Program Files\SYS\fonts\ttf
C:\Program Files\SYS\fonts\type1\cm\cmb10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmb10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbsy10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbsy10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx5.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx5.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx6.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx6.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx7.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx7.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbx9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbx9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbxsl10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbxsl10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmbxti10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmbxti10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmcsc10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmcsc10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmdunh10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmdunh10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmex10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmex10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmff10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmff10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmfi10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmfi10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmfib8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmfib8.pfm
C:\Program Files\SYS\fonts\type1\cm\cminch.pfb
C:\Program Files\SYS\fonts\type1\cm\cminch.pfm
C:\Program Files\SYS\fonts\type1\cm\cmitt10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmitt10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi5.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi5.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi6.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi6.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi7.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi7.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmi9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmi9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmmib10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmmib10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr17.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr17.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr5.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr5.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr6.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr6.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr7.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr7.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmr9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmr9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsl10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsl10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsl12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsl12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsl8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsl8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsl9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsl9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsltt10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsltt10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmss10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmss10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmss12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmss12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmss17.pfb
C:\Program Files\SYS\fonts\type1\cm\cmss17.pfm
C:\Program Files\SYS\fonts\type1\cm\cmss8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmss8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmss9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmss9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssbx10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssbx10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssdc10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssdc10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssi10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssi10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssi12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssi12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssi17.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssi17.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssi8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssi8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssi9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssi9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssq8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssq8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmssqi8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmssqi8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsy10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsy10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsy5.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsy5.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsy6.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsy6.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsy7.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsy7.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsy8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsy8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmsy9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmsy9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtcsc10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtcsc10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtex10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtex10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtex8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtex8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtex9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtex9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmti10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmti10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmti12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmti12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmti7.pfb
C:\Program Files\SYS\fonts\type1\cm\cmti7.pfm
C:\Program Files\SYS\fonts\type1\cm\cmti8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmti8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmti9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmti9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtt10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtt10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtt12.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtt12.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtt8.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtt8.pfm
C:\Program Files\SYS\fonts\type1\cm\cmtt9.pfb
C:\Program Files\SYS\fonts\type1\cm\cmtt9.pfm
C:\Program Files\SYS\fonts\type1\cm\cmu10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmu10.pfm
C:\Program Files\SYS\fonts\type1\cm\cmvtt10.pfb
C:\Program Files\SYS\fonts\type1\cm\cmvtt10.pfm
C:\Program Files\SYS\fonts\type1\cm\lasy10.pfb
C:\Program Files\SYS\fonts\type1\cm\lasy10.pfm
C:\Program Files\SYS\fonts\type1\cm\lasy5.pfb
C:\Program Files\SYS\fonts\type1\cm\lasy5.pfm
C:\Program Files\SYS\fonts\type1\cm\lasy6.pfb
C:\Program Files\SYS\fonts\type1\cm\lasy6.pfm
C:\Program Files\SYS\fonts\type1\cm\lasy7.pfb
C:\Program Files\SYS\fonts\type1\cm\lasy7.pfm
C:\Program Files\SYS\fonts\type1\cm\lasy8.pfb
C:\Program Files\SYS\fonts\type1\cm\lasy8.pfm
C:\Program Files\SYS\fonts\type1\cm\lasy9.pfb
C:\Program Files\SYS\fonts\type1\cm\lasy9.pfm
C:\Program Files\SYS\fonts\type1\cm\lasyb10.pfb
C:\Program Files\SYS\fonts\type1\cm\lasyb10.pfm
C:\Program Files\SYS\fonts\type1\cm\lcircle1.pfb
C:\Program Files\SYS\fonts\type1\cm\lcircle1.pfm
C:\Program Files\SYS\fonts\type1\cm\lcirclew.pfb
C:\Program Files\SYS\fonts\type1\cm\lcirclew.pfm
C:\Program Files\SYS\fonts\type1\cm\lcmss8.pfb
C:\Program Files\SYS\fonts\type1\cm\lcmss8.pfm
C:\Program Files\SYS\fonts\type1\cm\lcmssb8.pfb
C:\Program Files\SYS\fonts\type1\cm\lcmssb8.pfm
C:\Program Files\SYS\fonts\type1\cm\lcmssi8.pfb
C:\Program Files\SYS\fonts\type1\cm\lcmssi8.pfm
C:\Program Files\SYS\fonts\type1\cm\line10.pfb
C:\Program Files\SYS\fonts\type1\cm\line10.pfm
C:\Program Files\SYS\fonts\type1\cm\linew10.pfb
C:\Program Files\SYS\fonts\type1\cm\linew10.pfm
C:\Program Files\SYS\fonts\type1\cm\logo10.pfb
C:\Program Files\SYS\fonts\type1\cm\logo10.pfm
C:\Program Files\SYS\fonts\type1\cm\logo8.pfb
C:\Program Files\SYS\fonts\type1\cm\logo8.pfm
C:\Program Files\SYS\fonts\type1\cm\logo9.pfb
C:\Program Files\SYS\fonts\type1\cm\logo9.pfm
C:\Program Files\SYS\fonts\type1\cm\logobf10.pfb
C:\Program Files\SYS\fonts\type1\cm\logobf10.pfm
C:\Program Files\SYS\fonts\type1\cm\logosl10.pfb
C:\Program Files\SYS\fonts\type1\cm\logosl10.pfm
C:\Program Files\SYS\fonts\type1\cm\README
C:\Program Files\SYS\fonts\type1\cm
C:\Program Files\SYS\fonts\type1
C:\Program Files\SYS\fonts
C:\Program Files\SYS\gs8x\fonts\bodish__.pfb
C:\Program Files\SYS\gs8x\fonts\bodsh___.pfb
C:\Program Files\SYS\gs8x\fonts\bolish__.pfb
C:\Program Files\SYS\gs8x\fonts\bolsh___.pfb
C:\Program Files\SYS\gs8x\fonts\cobosh__.pfb
C:\Program Files\SYS\gs8x\fonts\cobsh___.pfb
C:\Program Files\SYS\gs8x\fonts\coosh___.pfb
C:\Program Files\SYS\gs8x\fonts\cosh____.pfb
C:\Program Files\SYS\gs8x\fonts\fobosh__.pfb
C:\Program Files\SYS\gs8x\fonts\fobsh___.pfb
C:\Program Files\SYS\gs8x\fonts\fodosh__.pfb
C:\Program Files\SYS\gs8x\fonts\fodsh___.pfb
C:\Program Files\SYS\gs8x\fonts\Fontmap
C:\Program Files\SYS\gs8x\fonts\goth-21ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-22ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-23ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-24ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-25ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-26ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-27ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-28ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-30ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-31ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-32ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-33ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-34ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-35ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-36ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-37ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-38ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-39ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-3aku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-3bku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-3cku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-3dku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-3eku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-3fku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-40ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-41ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-42ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-43ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-44ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-45ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-46ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-47ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-48ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-49ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-4aku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-4bku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-4cku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-4dku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-4eku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-4fku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-50ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-51ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-52ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-53ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-54ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-55ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-56ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-57ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-58ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-59ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-5aku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-5bku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-5cku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-5dku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-5eku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-5fku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-60ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-61ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-62ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-63ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-64ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-65ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-66ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-67ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-68ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-69ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-6aku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-6bku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-6cku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-6dku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-6eku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-6fku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-70ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-71ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-72ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-73ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth-74ku.gsf
C:\Program Files\SYS\gs8x\fonts\goth.gsf
C:\Program Files\SYS\gs8x\fonts\hebosh__.pfb
C:\Program Files\SYS\gs8x\fonts\hebsh___.pfb
C:\Program Files\SYS\gs8x\fonts\henbosh_.pfb
C:\Program Files\SYS\gs8x\fonts\henbsh__.pfb
C:\Program Files\SYS\gs8x\fonts\henosh__.pfb
C:\Program Files\SYS\gs8x\fonts\hensh___.pfb
C:\Program Files\SYS\gs8x\fonts\heosh___.pfb
C:\Program Files\SYS\gs8x\fonts\hesh____.pfb
C:\Program Files\SYS\gs8x\fonts\lapbish_.pfb
C:\Program Files\SYS\gs8x\fonts\lapbsh__.pfb
C:\Program Files\SYS\gs8x\fonts\lapish__.pfb
C:\Program Files\SYS\gs8x\fonts\laprsh__.pfb
C:\Program Files\SYS\gs8x\fonts\min-21ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-22ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-23ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-24ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-25ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-26ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-27ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-28ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-30ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-31ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-32ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-33ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-34ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-35ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-36ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-37ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-38ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-39ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-3aku.gsf
C:\Program Files\SYS\gs8x\fonts\min-3bku.gsf
C:\Program Files\SYS\gs8x\fonts\min-3cku.gsf
C:\Program Files\SYS\gs8x\fonts\min-3dku.gsf
C:\Program Files\SYS\gs8x\fonts\min-3eku.gsf
C:\Program Files\SYS\gs8x\fonts\min-3fku.gsf
C:\Program Files\SYS\gs8x\fonts\min-40ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-41ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-42ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-43ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-44ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-45ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-46ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-47ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-48ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-49ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-4aku.gsf
C:\Program Files\SYS\gs8x\fonts\min-4bku.gsf
C:\Program Files\SYS\gs8x\fonts\min-4cku.gsf
C:\Program Files\SYS\gs8x\fonts\min-4dku.gsf
C:\Program Files\SYS\gs8x\fonts\min-4eku.gsf
C:\Program Files\SYS\gs8x\fonts\min-4fku.gsf
C:\Program Files\SYS\gs8x\fonts\min-50ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-51ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-52ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-53ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-54ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-55ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-56ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-57ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-58ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-59ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-5aku.gsf
C:\Program Files\SYS\gs8x\fonts\min-5bku.gsf
C:\Program Files\SYS\gs8x\fonts\min-5cku.gsf
C:\Program Files\SYS\gs8x\fonts\min-5dku.gsf
C:\Program Files\SYS\gs8x\fonts\min-5eku.gsf
C:\Program Files\SYS\gs8x\fonts\min-5fku.gsf
C:\Program Files\SYS\gs8x\fonts\min-60ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-61ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-62ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-63ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-64ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-65ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-66ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-67ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-68ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-69ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-6aku.gsf
C:\Program Files\SYS\gs8x\fonts\min-6bku.gsf
C:\Program Files\SYS\gs8x\fonts\min-6cku.gsf
C:\Program Files\SYS\gs8x\fonts\min-6dku.gsf
C:\Program Files\SYS\gs8x\fonts\min-6eku.gsf
C:\Program Files\SYS\gs8x\fonts\min-6fku.gsf
C:\Program Files\SYS\gs8x\fonts\min-70ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-71ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-72ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-73ku.gsf
C:\Program Files\SYS\gs8x\fonts\min-74ku.gsf
C:\Program Files\SYS\gs8x\fonts\min.gsf
C:\Program Files\SYS\gs8x\fonts\nemsbis_.pfb
C:\Program Files\SYS\gs8x\fonts\nemsbsh_.pfb
C:\Program Files\SYS\gs8x\fonts\nemsish_.pfb
C:\Program Files\SYS\gs8x\fonts\nemsrsh_.pfb
C:\Program Files\SYS\gs8x\fonts\sysh____.pfb
C:\Program Files\SYS\gs8x\fonts\tebish__.pfb
C:\Program Files\SYS\gs8x\fonts\tebsh___.pfb
C:\Program Files\SYS\gs8x\fonts\teish___.pfb
C:\Program Files\SYS\gs8x\fonts\tersh___.pfb
C:\Program Files\SYS\gs8x\fonts\wibsh___.pfb
C:\Program Files\SYS\gs8x\fonts\zacmish_.pfb
C:\Program Files\SYS\gs8x\fonts
C:\Program Files\SYS\gs8x\ps_files\acctest.ps
C:\Program Files\SYS\gs8x\ps_files\addxchar.ps
C:\Program Files\SYS\gs8x\ps_files\align.ps
C:\Program Files\SYS\gs8x\ps_files\bdftops.ps
C:\Program Files\SYS\gs8x\ps_files\caption.ps
C:\Program Files\SYS\gs8x\ps_files\cid2code.ps
C:\Program Files\SYS\gs8x\ps_files\cidfmap
C:\Program Files\SYS\gs8x\ps_files\decrypt.ps
C:\Program Files\SYS\gs8x\ps_files\docie.ps
C:\Program Files\SYS\gs8x\ps_files\dumphint.ps
C:\Program Files\SYS\gs8x\ps_files\EndOfTask.ps
C:\Program Files\SYS\gs8x\ps_files\FAPIcidfmap
C:\Program Files\SYS\gs8x\ps_files\FAPIconfig
C:\Program Files\SYS\gs8x\ps_files\FAPIfontmap
C:\Program Files\SYS\gs8x\ps_files\font2c.ps
C:\Program Files\SYS\gs8x\ps_files\font2pcl.ps
C:\Program Files\SYS\gs8x\ps_files\gslp.ps
C:\Program Files\SYS\gs8x\ps_files\gsnup.ps
C:\Program Files\SYS\gs8x\ps_files\gs_agl.ps
C:\Program Files\SYS\gs8x\ps_files\gs_btokn.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ccfnt.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ce_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cff.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cidcm.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ciddc.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cidfm.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cidfn.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cidtt.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ciecs2.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ciecs3.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cmap.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cmdl.ps
C:\Program Files\SYS\gs8x\ps_files\gs_cspace.ps
C:\Program Files\SYS\gs8x\ps_files\gs_css_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_dbt_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_devcs.ps
C:\Program Files\SYS\gs8x\ps_files\gs_devn.ps
C:\Program Files\SYS\gs8x\ps_files\gs_devpxl.ps
C:\Program Files\SYS\gs8x\ps_files\gs_diskf.ps
C:\Program Files\SYS\gs8x\ps_files\gs_diskn.ps
C:\Program Files\SYS\gs8x\ps_files\gs_dpnxt.ps
C:\Program Files\SYS\gs8x\ps_files\gs_dps.ps
C:\Program Files\SYS\gs8x\ps_files\gs_dps1.ps
C:\Program Files\SYS\gs8x\ps_files\gs_dps2.ps
C:\Program Files\SYS\gs8x\ps_files\gs_dscp.ps
C:\Program Files\SYS\gs8x\ps_files\gs_epsf.ps
C:\Program Files\SYS\gs8x\ps_files\gs_fapi.ps
C:\Program Files\SYS\gs8x\ps_files\gs_fform.ps
C:\Program Files\SYS\gs8x\ps_files\gs_fntem.ps
C:\Program Files\SYS\gs8x\ps_files\gs_fonts.ps
C:\Program Files\SYS\gs8x\ps_files\gs_frsd.ps
C:\Program Files\SYS\gs8x\ps_files\gs_icc.ps
C:\Program Files\SYS\gs8x\ps_files\gs_il1_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_il2_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_img.ps
C:\Program Files\SYS\gs8x\ps_files\gs_indxd.ps
C:\Program Files\SYS\gs8x\ps_files\gs_init.ps
C:\Program Files\SYS\gs8x\ps_files\gs_kanji.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ksb_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_l2img.ps
C:\Program Files\SYS\gs8x\ps_files\gs_lev2.ps
C:\Program Files\SYS\gs8x\ps_files\gs_lgo_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_lgx_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ll3.ps
C:\Program Files\SYS\gs8x\ps_files\gs_mex_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_mgl_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_mro_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_patrn.ps
C:\Program Files\SYS\gs8x\ps_files\gs_pdfwr.ps
C:\Program Files\SYS\gs8x\ps_files\gs_pdf_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_pfile.ps
C:\Program Files\SYS\gs8x\ps_files\gs_rdlin.ps
C:\Program Files\SYS\gs8x\ps_files\gs_res.ps
C:\Program Files\SYS\gs8x\ps_files\gs_resmp.ps
C:\Program Files\SYS\gs8x\ps_files\gs_resst.ps
C:\Program Files\SYS\gs8x\ps_files\gs_sepr.ps
C:\Program Files\SYS\gs8x\ps_files\gs_setpd.ps
C:\Program Files\SYS\gs8x\ps_files\gs_statd.ps
C:\Program Files\SYS\gs8x\ps_files\gs_std_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_sym_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_trap.ps
C:\Program Files\SYS\gs8x\ps_files\gs_ttf.ps
C:\Program Files\SYS\gs8x\ps_files\gs_typ32.ps
C:\Program Files\SYS\gs8x\ps_files\gs_typ42.ps
C:\Program Files\SYS\gs8x\ps_files\gs_type1.ps
C:\Program Files\SYS\gs8x\ps_files\gs_wan_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_wl1_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_wl2_e.ps
C:\Program Files\SYS\gs8x\ps_files\gs_wl5_e.ps
C:\Program Files\SYS\gs8x\ps_files\ht_ccsto.ps
C:\Program Files\SYS\gs8x\ps_files\image-qa.ps
C:\Program Files\SYS\gs8x\ps_files\impath.ps
C:\Program Files\SYS\gs8x\ps_files\jispaper.ps
C:\Program Files\SYS\gs8x\ps_files\landscap.ps
C:\Program Files\SYS\gs8x\ps_files\level1.ps
C:\Program Files\SYS\gs8x\ps_files\lines.ps
C:\Program Files\SYS\gs8x\ps_files\markhint.ps
C:\Program Files\SYS\gs8x\ps_files\markpath.ps
C:\Program Files\SYS\gs8x\ps_files\mkcidfm.ps
C:\Program Files\SYS\gs8x\ps_files\opdfread.ps
C:\Program Files\SYS\gs8x\ps_files\packfile.ps
C:\Program Files\SYS\gs8x\ps_files\pcharstr.ps
C:\Program Files\SYS\gs8x\ps_files\pdf2dsc.ps
C:\Program Files\SYS\gs8x\ps_files\PDFA_def.ps
C:\Program Files\SYS\gs8x\ps_files\pdfopt.ps
C:\Program Files\SYS\gs8x\ps_files\pdfwrite.ps
C:\Program Files\SYS\gs8x\ps_files\PDFX_def.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_base.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_draw.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_font.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_main.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_ops.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_rbld.ps
C:\Program Files\SYS\gs8x\ps_files\pdf_sec.ps
C:\Program Files\SYS\gs8x\ps_files\pf2afm.ps
C:\Program Files\SYS\gs8x\ps_files\pfbtopfa.ps
C:\Program Files\SYS\gs8x\ps_files\ppath.ps
C:\Program Files\SYS\gs8x\ps_files\pphs.ps
C:\Program Files\SYS\gs8x\ps_files\prfont.ps
C:\Program Files\SYS\gs8x\ps_files\printafm.ps
C:\Program Files\SYS\gs8x\ps_files\ps2ai.ps
C:\Program Files\SYS\gs8x\ps_files\ps2ascii.ps
C:\Program Files\SYS\gs8x\ps_files\ps2epsi.ps
C:\Program Files\SYS\gs8x\ps_files\quit.ps
C:\Program Files\SYS\gs8x\ps_files\rollconv.ps
C:\Program Files\SYS\gs8x\ps_files\showchar.ps
C:\Program Files\SYS\gs8x\ps_files\showpage.ps
C:\Program Files\SYS\gs8x\ps_files\stcinfo.ps
C:\Program Files\SYS\gs8x\ps_files\stcolor.ps
C:\Program Files\SYS\gs8x\ps_files\stocht.ps
C:\Program Files\SYS\gs8x\ps_files\traceimg.ps
C:\Program Files\SYS\gs8x\ps_files\traceop.ps
C:\Program Files\SYS\gs8x\ps_files\type1enc.ps
C:\Program Files\SYS\gs8x\ps_files\type1ops.ps
C:\Program Files\SYS\gs8x\ps_files\uninfo.ps
C:\Program Files\SYS\gs8x\ps_files\unprot.ps
C:\Program Files\SYS\gs8x\ps_files\viewcmyk.ps
C:\Program Files\SYS\gs8x\ps_files\viewgif.ps
C:\Program Files\SYS\gs8x\ps_files\viewjpeg.ps
C:\Program Files\SYS\gs8x\ps_files\viewmiff.ps
C:\Program Files\SYS\gs8x\ps_files\viewpbm.ps
C:\Program Files\SYS\gs8x\ps_files\viewpcx.ps
C:\Program Files\SYS\gs8x\ps_files\viewps2a.ps
C:\Program Files\SYS\gs8x\ps_files\wftopfa.ps
C:\Program Files\SYS\gs8x\ps_files\winmaps.ps
C:\Program Files\SYS\gs8x\ps_files\wrfont.ps
C:\Program Files\SYS\gs8x\ps_files\xlatmap
C:\Program Files\SYS\gs8x\ps_files\zeroline.ps
C:\Program Files\SYS\gs8x\ps_files
C:\Program Files\SYS\gs8x
C:\Program Files\SYS\jade\bin\win32\grove.dll
C:\Program Files\SYS\jade\bin\win32\groveoa.dll
C:\Program Files\SYS\jade\bin\win32\jade.exe
C:\Program Files\SYS\jade\bin\win32\msvcrt.dll
C:\Program Files\SYS\jade\bin\win32\nsgmls.exe
C:\Program Files\SYS\jade\bin\win32\ogrove13.dll
C:\Program Files\SYS\jade\bin\win32\ogroveoa.dll
C:\Program Files\SYS\jade\bin\win32\onsgmls.exe
C:\Program Files\SYS\jade\bin\win32\openjade.exe
C:\Program Files\SYS\jade\bin\win32\opent.exe
C:\Program Files\SYS\jade\bin\win32\osgmlnorm.exe
C:\Program Files\SYS\jade\bin\win32\osp134.dll
C:\Program Files\SYS\jade\bin\win32\ospam.exe
C:\Program Files\SYS\jade\bin\win32\ospgrove13.dll
C:\Program Files\SYS\jade\bin\win32\ostyle13.dll
C:\Program Files\SYS\jade\bin\win32\osx.exe
C:\Program Files\SYS\jade\bin\win32\sgmlnorm.exe
C:\Program Files\SYS\jade\bin\win32\sp132.dll
C:\Program Files\SYS\jade\bin\win32\sp133.dll
C:\Program Files\SYS\jade\bin\win32\spam.exe
C:\Program Files\SYS\jade\bin\win32\spent.exe
C:\Program Files\SYS\jade\bin\win32\spgrove.dll
C:\Program Files\SYS\jade\bin\win32\style.dll
C:\Program Files\SYS\jade\bin\win32\sx.exe
C:\Program Files\SYS\jade\bin\win32
C:\Program Files\SYS\jade\bin
C:\Program Files\SYS\jade\docbook\bin\ChangeLog
C:\Program Files\SYS\jade\docbook\bin\collateindex.pl
C:\Program Files\SYS\jade\docbook\bin\collateindex.pl.1
C:\Program Files\SYS\jade\docbook\bin
C:\Program Files\SYS\jade\docbook\BUGS
C:\Program Files\SYS\jade\docbook\catalog
C:\Program Files\SYS\jade\docbook\ChangeLog
C:\Program Files\SYS\jade\docbook\common\catalog
C:\Program Files\SYS\jade\docbook\common\ChangeLog
C:\Program Files\SYS\jade\docbook\common\cs-hack.pl
C:\Program Files\SYS\jade\docbook\common\dbcommon.dsl
C:\Program Files\SYS\jade\docbook\common\dbl10n.dsl
C:\Program Files\SYS\jade\docbook\common\dbl10n.ent
C:\Program Files\SYS\jade\docbook\common\dbl10n.pl
C:\Program Files\SYS\jade\docbook\common\dbl10n.template
C:\Program Files\SYS\jade\docbook\common\dbl1af.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1af.ent
C:\Program Files\SYS\jade\docbook\common\dbl1bg.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1bg.ent
C:\Program Files\SYS\jade\docbook\common\dbl1bs.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1bs.ent
C:\Program Files\SYS\jade\docbook\common\dbl1ca.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1ca.ent
C:\Program Files\SYS\jade\docbook\common\dbl1cs.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1cs.ent
C:\Program Files\SYS\jade\docbook\common\dbl1da.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1da.ent
C:\Program Files\SYS\jade\docbook\common\dbl1de.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1de.ent
C:\Program Files\SYS\jade\docbook\common\dbl1el.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1el.ent
C:\Program Files\SYS\jade\docbook\common\dbl1en.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1en.ent
C:\Program Files\SYS\jade\docbook\common\dbl1es.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1es.ent
C:\Program Files\SYS\jade\docbook\common\dbl1et.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1et.ent
C:\Program Files\SYS\jade\docbook\common\dbl1eu.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1eu.ent
C:\Program Files\SYS\jade\docbook\common\dbl1fi.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1fi.ent
C:\Program Files\SYS\jade\docbook\common\dbl1fr.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1fr.ent
C:\Program Files\SYS\jade\docbook\common\dbl1hu.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1hu.ent
C:\Program Files\SYS\jade\docbook\common\dbl1id.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1id.ent
C:\Program Files\SYS\jade\docbook\common\dbl1it.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1it.ent
C:\Program Files\SYS\jade\docbook\common\dbl1ja.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1ja.ent
C:\Program Files\SYS\jade\docbook\common\dbl1ko.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1ko.ent
C:\Program Files\SYS\jade\docbook\common\dbl1nl.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1nl.ent
C:\Program Files\SYS\jade\docbook\common\dbl1nn.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1nn.ent
C:\Program Files\SYS\jade\docbook\common\dbl1no.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1no.ent
C:\Program Files\SYS\jade\docbook\common\dbl1null.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1pl.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1pl.ent
C:\Program Files\SYS\jade\docbook\common\dbl1pt.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1pt.ent
C:\Program Files\SYS\jade\docbook\common\dbl1ptbr.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1ptbr.ent
C:\Program Files\SYS\jade\docbook\common\dbl1ro.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1ro.ent
C:\Program Files\SYS\jade\docbook\common\dbl1ru.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1ru.ent
C:\Program Files\SYS\jade\docbook\common\dbl1sk.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1sk.ent
C:\Program Files\SYS\jade\docbook\common\dbl1sl.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1sl.ent
C:\Program Files\SYS\jade\docbook\common\dbl1sr.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1sr.ent
C:\Program Files\SYS\jade\docbook\common\dbl1sv.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1sv.ent
C:\Program Files\SYS\jade\docbook\common\dbl1th.ent
C:\Program Files\SYS\jade\docbook\common\dbl1tr.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1tr.ent
C:\Program Files\SYS\jade\docbook\common\dbl1uk.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1uk.ent
C:\Program Files\SYS\jade\docbook\common\dbl1xh.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1xh.ent
C:\Program Files\SYS\jade\docbook\common\dbl1zhcn.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1zhcn.ent
C:\Program Files\SYS\jade\docbook\common\dbl1zhtw.dsl
C:\Program Files\SYS\jade\docbook\common\dbl1zhtw.ent
C:\Program Files\SYS\jade\docbook\common\dbtable.dsl
C:\Program Files\SYS\jade\docbook\common\README
C:\Program Files\SYS\jade\docbook\common
C:\Program Files\SYS\jade\docbook\contrib\header\header.dsl
C:\Program Files\SYS\jade\docbook\contrib\header\ja\rptstylesheets.xml
C:\Program Files\SYS\jade\docbook\contrib\header\ja
C:\Program Files\SYS\jade\docbook\contrib\header\rptstylesheets.xml
C:\Program Files\SYS\jade\docbook\contrib\header
C:\Program Files\SYS\jade\docbook\contrib\html\ChangeLog
C:\Program Files\SYS\jade\docbook\contrib\html\short-biblioentry.dsl
C:\Program Files\SYS\jade\docbook\contrib\html
C:\Program Files\SYS\jade\docbook\contrib\imagemap\ChangeLog
C:\Program Files\SYS\jade\docbook\contrib\imagemap\imagemap.dsl
C:\Program Files\SYS\jade\docbook\contrib\imagemap\testdoc.sgm
C:\Program Files\SYS\jade\docbook\contrib\imagemap\testimg.jpg
C:\Program Files\SYS\jade\docbook\contrib\imagemap
C:\Program Files\SYS\jade\docbook\contrib\print\ChangeLog
C:\Program Files\SYS\jade\docbook\contrib\print\short-biblioentry.dsl
C:\Program Files\SYS\jade\docbook\contrib\print
C:\Program Files\SYS\jade\docbook\contrib\renumberinpart\ChangeLog
C:\Program Files\SYS\jade\docbook\contrib\renumberinpart\renumberinpart.dsl
C:\Program Files\SYS\jade\docbook\contrib\renumberinpart\test.sgm
C:\Program Files\SYS\jade\docbook\contrib\renumberinpart
C:\Program Files\SYS\jade\docbook\contrib\subdoc\book.sgm
C:\Program Files\SYS\jade\docbook\contrib\subdoc\ChangeLog
C:\Program Files\SYS\jade\docbook\contrib\subdoc\subdoc.dsl
C:\Program Files\SYS\jade\docbook\contrib\subdoc\subdoc.dtd
C:\Program Files\SYS\jade\docbook\contrib\subdoc\subdoc1.sgm
C:\Program Files\SYS\jade\docbook\contrib\subdoc\subdoc2.sgm
C:\Program Files\SYS\jade\docbook\contrib\subdoc\subdocbc.mod
C:\Program Files\SYS\jade\docbook\contrib\subdoc
C:\Program Files\SYS\jade\docbook\contrib\textlink\textlink.dsl
C:\Program Files\SYS\jade\docbook\contrib\textlink
C:\Program Files\SYS\jade\docbook\contrib
C:\Program Files\SYS\jade\docbook\docbook-dsssl-1.79.zip
C:\Program Files\SYS\jade\docbook\docbook.dcl
C:\Program Files\SYS\jade\docbook\dtd\30chg.txt
C:\Program Files\SYS\jade\docbook\dtd\31chg.txt
C:\Program Files\SYS\jade\docbook\dtd\40chg.txt
C:\Program Files\SYS\jade\docbook\dtd\40issues.txt
C:\Program Files\SYS\jade\docbook\dtd\50issues.txt
C:\Program Files\SYS\jade\docbook\dtd\announce.txt
C:\Program Files\SYS\jade\docbook\dtd\cals-tbl.dtd
C:\Program Files\SYS\jade\docbook\dtd\ChangeLog
C:\Program Files\SYS\jade\docbook\dtd\dbcent.mod
C:\Program Files\SYS\jade\docbook\dtd\dbgenent.mod
C:\Program Files\SYS\jade\docbook\dtd\dbhier.mod
C:\Program Files\SYS\jade\docbook\dtd\dbnotn.mod
C:\Program Files\SYS\jade\docbook\dtd\dbpool.mod
C:\Program Files\SYS\jade\docbook\dtd\docbook-old.cat
C:\Program Files\SYS\jade\docbook\dtd\docbook.cat
C:\Program Files\SYS\jade\docbook\dtd\docbook.dcl
C:\Program Files\SYS\jade\docbook\dtd\docbook.dtd
C:\Program Files\SYS\jade\docbook\dtd\readme.txt
C:\Program Files\SYS\jade\docbook\dtd
C:\Program Files\SYS\jade\docbook\dtds\dbdsssl\ChangeLog
C:\Program Files\SYS\jade\docbook\dtds\dbdsssl\dbdsssl.dtd
C:\Program Files\SYS\jade\docbook\dtds\dbdsssl
C:\Program Files\SYS\jade\docbook\dtds\decls\ChangeLog
C:\Program Files\SYS\jade\docbook\dtds\decls\docbook.dcl
C:\Program Files\SYS\jade\docbook\dtds\decls\xml.dcl
C:\Program Files\SYS\jade\docbook\dtds\decls
C:\Program Files\SYS\jade\docbook
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Utilisateur anonyme
24 janv. 2010 à 23:10
post un nouveau rapport rsit.a++
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
25 janv. 2010 à 06:47
Cette fois-ci il n'y a plus qu'un seul rapport,le voici:

log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by dany at 2010-01-25 06:44:09
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 5 GB (6%) free of 85 GB
Total RAM: 1790 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:44:19, on 25/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\WindowsMobile\wmdSync.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\wermgr.exe
C:\Users\dany\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
D:\telechargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\dany.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [OA004Cfg.exe] OA004Cfg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\dany\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{86BB3648-3355-4386-8553-A45C10CBD218}: NameServer = 213.166.201.1,213.166.201.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b29d9527f0b3) (gupdate1c9b29d9527f0b3) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Utilisateur anonyme
25 janv. 2010 à 10:10
• Bonjour

• Télécharge et installe : Malwarebyte’s Anti-Malware
• (NB : S'il te manque"COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
• A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
• Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
• Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
• Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
• A la fin du scan, clique sur Afficher les résultats
• Coche tous les éléments détectés puis clique sur Supprimer la sélection
• Enregistre le rapport
• S'il t'est demandé de redémarrer, clique sur Yes
• Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
• Si tu as besoin d’aide regarde ce tutorial
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
25 janv. 2010 à 17:43
Salut! j'ai fait ce que tu m'as demandé de faire et voici le rapport avec Malwarebytes,il a notamment trouvé 7 trucs infectés que j'ai supprimé:

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3633
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18882

25/01/2010 17:32:24
mbam-log-2010-01-25 (17-32-24).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 539178
Temps écoulé: 3 hour(s), 38 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WS9E3IQBKY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\iMesh Applications\iMesh\Skins\PS.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Users\dany\AppData\Local\Temp\Kvp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\sshnas21.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
25 janv. 2010 à 18:25
Cette fois tu tes débarrassé de ce renos.

Pour vérifier post un nouveau rapport rsit.a++
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
25 janv. 2010 à 18:30
ah je l'espère bien..En tout cas je te remercie beaucoup de m'avoir aidé !!! voici le nouveau rapport:


Logfile of random's system information tool 1.06 (written by random/random)
Run by dany at 2010-01-25 18:27:29
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 5 GB (6%) free of 85 GB
Total RAM: 1790 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:48, on 25/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\WindowsMobile\wmdSync.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\dany\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\telechargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\dany.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\DataMngr\IEBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [OA004Cfg.exe] OA004Cfg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\dany\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{86BB3648-3355-4386-8553-A45C10CBD218}: NameServer = 213.166.201.1,213.166.201.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b29d9527f0b3) (gupdate1c9b29d9527f0b3) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Utilisateur anonyme
25 janv. 2010 à 18:33
Il reste encore des infections.On va utiliser un autre tool.
• Télécharge et enregistre le fichier d installation sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
ou
https://www.androidworld.fr/
• Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )
• Ouvre le dossier Ad-remover présent sur ton bureau, et double clique sur Ad-remover.bat.
* Sous XP : double-cliquez sur l'icône pour lancer l'outil.
* Si tu es sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
• Au menu principal choisi l'option "L" et tape sur [entrée] .
• Laisse travailler l'outil et ne touche à rien ...
• Poste le rapport qui apparait à la fin.
• ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note :
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis
entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels
de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces
antivirus.




0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
25 janv. 2010 à 21:23
ouh ça doit être un bon vieux trojan super expérimenté! voici le rapport :


.
======= RAPPORT D'AD-REMOVER 1.1.4.6_I | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 24.01.2010 à 14:33
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:47:20, 25/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ HomeBasic Service Pack 2 v6.0.6001
Nom du PC: PC-DE-DANY | Utilisateur actuel: dany
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

C:\Users\dany\AppData\Roaming\Mozilla\FireFox\Profiles\tmyc5ah0.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
C:\Users\dany\AppData\Roaming\Mozilla\FireFox\Profiles\tmyc5ah0.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\dany\AppData\Roaming\Mozilla\FireFox\Profiles\tmyc5ah0.default\iMeshMediabarTb
C:\Users\dany\AppData\Roaming\Mozilla\FireFox\Profiles\tmyc5ah0.default\searchplugins\iMeshWebSearch.xml
C:\Users\dany\AppData\Roaming\Mozilla\FireFox\Profiles\tmyc5ah0.default\searchplugins\sweetim.xml
C:\Users\dany\AppData\Roaming\Mozilla\FireFox\Profiles\tmyc5ah0.default\SweetIMToolbarData
C:\Users\dany\Music\Imesh - ... [b]ERREUR SUPPRESSION !!/b
C:\Users\dany\DOCUME~1\Imesh
C:\Program Files\Mozilla FireFox\extensions\linkcontent@iminent
C:\Program Files\Mozilla FireFox\searchplugins\iMeshWebSearch.xml
C:\Users\dany\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\imesh.lnk
C:\Users\dany\AppData\Local\Temp\iMesh user license agreement.txt
C:\Users\dany\AppData\Local\Temp\iMeshInstaller
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\iMesh
C:\Program Files\DaemonTools_WhenUSave_Installer
C:\Program Files\iMesh Applications
C:\Program Files\Iminent
C:\Program Files\Kiwee Toolbar
C:\Program Files\SweetIM
C:\Program Files\Viewpoint
C:\Users\dany\AppData\Roaming\EoRezo
C:\Users\dany\AppData\Local\iMesh
C:\Users\dany\AppData\Local\Iminent
C:\Users\dany\AppData\LocalLow\imeshmediabartb
C:\Users\dany\AppData\LocalLow\Kiwee Toolbar
C:\Users\dany\AppData\LocalLow\SweetIM
C:\ProgramData\SweetIM
C:\ProgramData\Viewpoint
C:\Windows\Installer\207310.msi
C:\Windows\Installer\207316.msi
C:\Windows\system32\config\systemprofile\AppData\Roaming\agi
C:\Users\Public\Desktop\iMesh.lnk

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\AGI
HKCU\software\EoRezo
HKCU\software\iMesh
HKCU\software\Iminent
HKCU\software\LanConfig
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\Registry\User\S-1-5-21-286427491-102743630-1157507676-1000\Software\Sweetim
HKCU\software\microsoft\internet explorer\searchscopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKCU\software\SweetIM
HKLM\software\classes\AG.MediaPlayerCOM
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\software\classes\appid\EoRezoBHO.DLL
HKLM\Software\Classes\Applications\iMesh.exe
HKLM\software\classes\AxMetaStream.MetaStreamCtl
HKLM\software\classes\AxMetaStream.MetaStreamCtl.1
HKLM\software\classes\AxMetaStream.MetaStreamCtlSecondary
HKLM\software\classes\AxMetaStream.MetaStreamCtlSecondary.1
HKLM\Software\Classes\CLSID\{01AD9322-02FF-4f4f-AC52-92FDA5AE65F0}
HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
HKLM\Software\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
HKLM\Software\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
HKLM\Software\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
HKLM\Software\Classes\CLSID\{5EB0259D-AB79-4ae6-A6E6-24FFE21C3DA4}
HKLM\Software\Classes\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}
HKLM\Software\Classes\CLSID\{696E3174-4F6C-4777-7834-654C4A705677}
HKLM\Software\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
HKLM\Software\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
HKLM\Software\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
HKLM\Software\Classes\CLSID\{87CD3140-EEC0-463F-8872-6E564D9DEDE5}
HKLM\Software\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\Software\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
HKLM\Software\Classes\CLSID\{B0639356-335C-4E47-B63C-12531A7A5206}
HKLM\Software\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
HKLM\Software\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\CLSID\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}
HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
HKLM\Software\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
HKLM\software\classes\DiscoveryHelper.iMesh6Discovery
HKLM\software\classes\DiscoveryHelper.iMesh6Discovery.1
HKLM\software\classes\EoRezoBHO.EoBHO
HKLM\software\classes\EoRezoBHO.EoBHO.1
HKLM\software\classes\iMesh.AudioCD
HKLM\software\classes\iMesh.Device
HKLM\software\classes\iMesh.file
HKLM\software\classes\iMeshIEHelper.UrlHelper
HKLM\software\classes\iMeshIEHelper.UrlHelper.1
HKLM\Software\Classes\Interface\{0CA97EEE-C8C4-4B10-A332-10AF1FBEB534}
HKLM\Software\Classes\Interface\{3E16A203-C0AA-4D44-ACC5-38A70A8C76DA}
HKLM\Software\Classes\Interface\{819DB72D-1C28-4387-9778-E2FF3DC86F74}
HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}
HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
HKLM\software\classes\KiweeIEToolbar.KiweeToolbar
HKLM\software\classes\KiweeIEToolbar.KiweeToolbar.1
HKLM\software\classes\KiweeIEToolbar.ToolbarInfo
HKLM\software\classes\KiweeIEToolbar.ToolbarInfo.1
HKLM\software\classes\MediaPlayer.GraphicsUtils
HKLM\software\classes\MediaPlayer.GraphicsUtils.1
HKLM\software\classes\MgMediaPlayer.GifAnimator
HKLM\software\classes\MgMediaPlayer.GifAnimator.1
HKLM\software\classes\SWEETIE.IEToolbar
HKLM\software\classes\SWEETIE.IEToolbar.1
HKLM\software\classes\SWEETIE.SWEETIE
HKLM\software\classes\SWEETIE.SWEETIE.3
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook
HKLM\software\classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1
HKLM\software\classes\Toolbar3.SWEETIE
HKLM\software\classes\Toolbar3.SWEETIE.1
HKLM\Software\Classes\TypeLib\{2C6674DB-EFB5-464A-A715-3E770B9C8A94}
HKLM\Software\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
HKLM\Software\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
HKLM\Software\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}
HKLM\Software\Classes\TypeLib\{ADEA3C4E-2184-40A2-9556-488456427E80}
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
HKLM\Software\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
HKLM\Software\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
HKLM\software\iMesh
HKLM\software\Iminent
HKLM\software\MetaStream
HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D35620-51D9-11DE-9D13-2DB156D89593}
HKLM\software\microsoft\internet explorer\searchscopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847}
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\351716A953E21214898904032EAE2E81
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A189D17A469616C4688D23E192996267
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
HKLM\software\microsoft\windows\currentversion\uninstall\{266C7330-C0F4-49E5-8F20-A56F9F822875}
HKLM\software\microsoft\windows\currentversion\uninstall\iMesh
HKLM\software\microsoft\windows\currentversion\uninstall\ViewpointMediaPlayer
HKLM\software\SweetIM
HKLM\software\Viewpoint
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.7 [fr] *
.
Nom du profil: tmyc5ah0.default (dany)
.
(dany, prefs.js) Browser.download.dir, D:\telechargements
(dany, prefs.js) Browser.download.lastDir, C:\Users\dany\Pictures
(dany, prefs.js) Browser.search.defaultenginename, iMesh Web Search
(dany, prefs.js) Browser.search.selectedEngine, iMesh Web Search
(dany, prefs.js) Browser.startup.homepage, hxxp://search.imesh.com/
(dany, prefs.js) Extensions.enabledItems, piclens@cooliris.com:1.11.6a,DTToolbar@toolbarnet.com:1.0.0.5,{c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8,{1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.19,{000a9d1c-beef-4f90-9363-039d445309b8}:0.5.33.0,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.1,support@pdfcreator-toolbar.org:1.0,{64161300-e22b-11db-8314-0800200c9a66}:0.9.1,{EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8,unplug@compunach:2.024,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546,{28D35620-51D9-11DE-9D13-2DB156D89593}:3.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.7
(dany, prefs.js) Keyword.URL, hxxp://search.imesh.com/webResults.html?src=ffb&q=
(dany, prefs.js) Sweetim.toolbar.previous.keyword.URL, hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
.
(dany, prefs.js) EFFACE - Browser.search.defaultenginename, iMesh Web Search
(dany, prefs.js) EFFACE - Browser.search.order.1, iMesh Web Search
(dany, prefs.js) EFFACE - Browser.search.selectedEngine, iMesh Web Search
(dany, prefs.js) EFFACE - Sweetim.toolbar.highlight.colors, #FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0
(dany, prefs.js) EFFACE - Sweetim.toolbar.logger.ConsoleHandler.MinReportLevel, 7
(dany, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.FileName, ff-toolbar.log
(dany, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MaxFileSize, 200000
(dany, prefs.js) EFFACE - Sweetim.toolbar.logger.FileHandler.MinReportLevel, 7
(dany, prefs.js) EFFACE - Sweetim.toolbar.mode.debug, false
(dany, prefs.js) EFFACE - Sweetim.toolbar.previous.keyword.URL, hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=
(dany, prefs.js) EFFACE - Sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://search.yahoo.com/*\ param=\p=\ /><EXTERNAL_SEARCH engine=\hxxp://search.sweetim.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*.live.*/*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://*youtube.com/\ param=\search_query=\ /><EXTERNAL_SEARCH engine=\hxxp://*.ebay.*/search/*\ param=\satitle=\ /><EXTERNAL_SEARCH engine=\hxxp://*.amazon.com/s/*\ param=\field-keywords=\ /></TOOLBAR>
(dany, prefs.js) EFFACE - Sweetim.toolbar.search.history.capacity, 10
(dany, prefs.js) EFFACE - Sweetim.toolbar.simapp_id, {DCD792E8-EFBF-11DD-BF18-001D7276DAF2}
(dany, prefs.js) EFFACE - Sweetim.toolbar.version, 1.0.0.8
.
.
.
* Internet Explorer Version 8.0.6001.18882 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Do404Search: 01000000
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Enable Browser Extensions: yes
Use Custom Search URL: 1 (0x1)
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Use Search Asst: no
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Users\dany\AppData\Local\Temp\Saf22D9.tmp\((Demonoid.com))-Boson_Netsim_7_0_for_CCNP_Crack_1632690.0622.torrent
C:\Users\dany\AppData\Local\Temp\Saf7EA4.tmp\Papycools_NEW_PATCH_PES_28.rar
C:\Users\dany\AppData\Local\Temp\SafE097.tmp\O-Demonoid.com-O_PES_2009_1_20_Patch_EXTRA_STUFF_1632690.0622.torrent
C:\Users\dany\Documents\crack_pes2009\reloaded.nfo
C:\Users\dany\Downloads\Vmware_Workstation_6.0.5.109488\keygen.exe
C:\Users\dany\Videos\Downloads\Patch PRO-EVO 2009 v1.00 - Part Commentaires.exe
.
===================================
.
21860 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
29969 Fichier(s) - C:\Users\dany\AppData\Local\Temp
106 Fichier(s) - C:\Windows\Temp
0 Fichier(s) - C:\Windows\Prefetch
.
20 Fichier(s) - C:\Ad-Remover\BACKUP
1486 Fichier(s) - C:\Ad-Remover\QUARANTINE
.
Fin à: 20:14:24 | 25/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.
0
Utilisateur anonyme
25 janv. 2010 à 23:08
Vires tes cracks et keygen sources de tes ennuis.
Ad Remover a fait un sacré beaucoup.;)

pour vérification post un nouveau rapport rsit.
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
26 janv. 2010 à 01:45
oui apparemment il est efficace, j'ai viré toutes les saletés et voici le nouveau rapport rsit:


Logfile of random's system information tool 1.06 (written by random/random)
Run by dany at 2010-01-26 01:40:58
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 16 GB (19%) free of 85 GB
Total RAM: 1790 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:41:15, on 26/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\dany\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\explorer.exe
C:\Program Files\QuickTime\QuickTimePlayer.exe
D:\telechargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\dany.exe
C:\Windows\system32\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [DataMngr] C:\Program Files\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\dany\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{86BB3648-3355-4386-8553-A45C10CBD218}: NameServer = 213.166.201.1,213.166.201.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b29d9527f0b3) (gupdate1c9b29d9527f0b3) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Utilisateur anonyme
26 janv. 2010 à 07:06
* Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/ (de OldTimer) sur ton Bureau
* Double-clique sur OTMoveIt.exe pour le lancer.
* copie la liste en gras ci-dessous et colle la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.



:processes
explorer.exe

:services


:drivers



:files
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

:reg
[-HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-


:commands
[emptytemp]
[purity]
[start explorer]
[reboot]




-----------------------------

* clique sur MoveIt! pour lancer la suppression.
* Le résultat apparaitra dans le cadre "Results".
* Clique sur Exit pour fermer.
* Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
* Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.

***************************************************************************
• Télécharge CCleaner : https://www.ccleaner.com/ccleaner/download
• Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corriger ton registre .
• Lors de l'installation choisis bien "français" en langue .
• avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 premières.
• Un tuto ( aide ): http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
• Utilisation:
• ! déconnecte toi et ferme toutes applications en cours !
• va dans "nettoyeur" : fais -analyse- puis -nettoyage
• va dans "registre": fais -chercher les erreurs- et -réparer toutes les erreurs-
( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
• ( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ...)
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
26 janv. 2010 à 18:13
Après le scan,j'ai eu un rapport qui a été généré automatiquement..je ne sais pas si c'est de celui là que tu parles, car je n'ai pas trouvé le chemin C:\_OTMoveIt\MovedFiles

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Error: Unable to interpret <:drivers> in the current context!
========== FILES ==========
LoadLibrary failed for C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
========== REGISTRY ==========
Registry key HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: dany
->Temp folder emptied: 1600928098 bytes
->Temporary Internet Files folder emptied: 10264462 bytes
->Java cache emptied: 70201821 bytes
->FireFox cache emptied: 85307970 bytes
->Google Chrome cache emptied: 219954675 bytes
->Apple Safari cache emptied: 129480183 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 429106878 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 183339 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 7619310 bytes
RecycleBin emptied: 6554308 bytes

Total Files Cleaned = 2 441,00 mb


OTM by OldTimer - Version 3.1.6.0 log created on 01262010_122529

Files moved on Reboot...
File C:\Windows\temp\JET88EE.tmp not found!
C:\Windows\temp\vmware-vmount.log moved successfully.

Registry entries deleted on Reboot...
0
Utilisateur anonyme
26 janv. 2010 à 19:21
Nickel

Post un nouveau rapport rsit.a++
0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
26 janv. 2010 à 19:27
ok voici le rapport rsit:

Logfile of random's system information tool 1.06 (written by random/random)
Run by dany at 2010-01-26 19:23:33
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 19 GB (23%) free of 85 GB
Total RAM: 1790 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:05, on 26/01/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\dany\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dany\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\dany\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dany\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dany\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Users\dany\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wuauclt.exe
C:\Users\dany\AppData\Local\Google\Chrome\Application\chrome.exe
D:\telechargements\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\dany.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\dany\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\dany\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Paramètres de Google &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{86BB3648-3355-4386-8553-A45C10CBD218}: NameServer = 213.166.201.1,213.166.201.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c9b29d9527f0b3) (gupdate1c9b29d9527f0b3) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Utilisateur anonyme
26 janv. 2010 à 20:28
Vires ce programme.Il est vérolés.

C:\Program Files\DAEMON Tools Toolbar

***********************************************************
télécharge et installes vista SP2

***********************************************************
• Pour naviguer sur internet plus en sécurité et à l’abri des publicités, je te conseille vivement d’installer et d'utiliser le navigateur firefox Une fois que c'est fait, lance le et installe l’ extension de sécurité suivantes : adblock plus
pour bloquer les publicités ;

• WOT - Extension pour ton navigateur internet :
Voici une extension à télécharger qui te permettra, en faisant tes recherches sur google, de savoir si le site proposé lors de tes recherches est un site de confiance ou un site à éviter car il pourrait infecter ton PC :
Pour Firefox : https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/
Pour internet explorer : https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp
-------------------------------------------------------------------------------------------------------------------------

 Je conseille de mettre a jour internet explorer même si vous ne l’utilisé jamais. Les MAJ systéme se font par le biais de IE. Par conséquent on évite les failles de sécurité.
• Télécharger IE8 : ici

• Si Java n'est pas à jour, c'est une faille de sécurité.
• Télécharge : JavaRa.zip
• Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
• Double-clique sur le répertoire JavaRa obtenu.
• Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)• Clique sur SearchFor Updates.
• Sélectionne Update Using jucheck.exe puis clique sur Search.
• Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
• Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
• Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
• Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
* Note : le rapport se trouve aussi là : ( C:\JavaRa.log )

• Si Adobe Reader n’est pas à jour, c’est une faille de sécurité. Désinstalle le en allant dans menu démarrer --> panneau de configuration --> ajout/suppression de programmes. Puis télécharge et installe la nouvelle version. https://acrobat.adobe.com/fr/fr/acrobat/pdf-reader.html

• Tu dois aussi mettre à jour tous tes autres programmes pour combler des failles de sécurité... Vérifie les mises disponibles à l'aide de ce petit programme (choisis la version sans installation) : Update Checker https://www.commentcamarche.net/faq/9908-filehippo-app-manager-vos-logiciels-sont-ils-a-jour
Installe le avec les paramètres par défaut en cliquant chaques fois sur Suivant.

Une fois installé, patiente quelques secondes et tu verras apparaître une icône verte dans ta barre des tâches te signalant qu'il y a des mises à jour disponibles.

Double-cliques sur l'icône pour être redirrigé sur le site de téléchargement des mises à jour.

* Un conseil : n'installe pas les BETA
====================================================
Pour éliminer les programmes de desinfections.

• Télécharge ToolsCleaner de A.Roshtein sur ton Bureau.(sur un des 2 liens)
http://pc-system.fr/
• Clique sur Recherche et laisse le scan se terminer.
• Clique, sur Suppression pour finaliser.
• Tu peux, si tu le souhaites, te servir des Options facultatives.
• Clique sur Quitter, pour que le rapport puisse se créer.
• Poste moi le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur( C:\).
------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------
Désactiver/Réactiver la restauration système de Vista
• Après une désinfection, il est nécessaire de désactiver puis réactiver la restauration système pour la purger car les points de restauration peuvent être infectés.
• Cliquez sur le bouton Vista, faîtes un clic droit sur "Ordinateur" puis cliquez sur "Propriétés" .
• Cliquez ensuite sur "Protection du système" .
• Décochez la case du ou des disque(s) pour lesquels vous souhaitez désactiver la restauration du système .
• Une confirmation est nécessaire et vous informe que les points de restaurations existants vont être supprimés sans possibilité de retour en arrière .
• Pour réactiver la restauration système, il suffit de cocher à nouveau les cases.
• Pensé a vider la corbeille.
-----------------------------------------------------------------------------------------------------






Tu peux mettre ton problème résolu !!Comment mettre résolu ??


0
glover68 Messages postés 12 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 27 janvier 2010
27 janv. 2010 à 20:02
ok j'ai fait tout ce que tu m'as dit et voici le rapport avec Toolscleaner. je te remercie beaucoup de ton aide.@+++

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\VundoFix.txt: trouvé !
C:\Vundofix backups: trouvé !
C:\Rsit: trouvé !
C:\Ad-remover: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\dany\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: trouvé !
C:\Users\dany\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\dany\Desktop\HijackThis.lnk: trouvé !
0
Utilisateur anonyme
27 janv. 2010 à 20:44
Clique, sur Suppression pour finaliser.
0