Pc lent
bilk5
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour
voici un rapport hijacthis
y a til un pb grave
merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:21, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: &Bloquer cette fenêtre pub. - C:\Program Files\Pack Sécurité\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Protection IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/2.0.10.00/cab/aolpPlugins.10.6.0.6.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.fr.aol.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} - https://www.msn.com/fr-fr/
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - https://www.pixum.fr/?p_ref=crm_umleitung_photoreflex_1113
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.fr.aol.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp08.photoprintit.de/microsite/2697/defaults/activex/IPSUploader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
voici un rapport hijacthis
y a til un pb grave
merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:21, on 04/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsrw.exe
C:\Program Files\Pack Sécurité\FSPC\fspc.exe
C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fssm32.exe
C:\Program Files\Pack Sécurité\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Pack Sécurité\Anti-Spyware\fsaw.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Philips\SPC 200NC PC Camera\TrayMin200.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
C:\Program Files\Pack Sécurité\backweb\361343\Program\fspex.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\LCL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Sécurité\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Pack Sécurité.lnk = ?
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: TrayMin300.exe.lnk = ?
O8 - Extra context menu item: &Bloquer cette fenêtre pub. - C:\Program Files\Pack Sécurité\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Protection IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Sécurité\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) - http://o.aolcdn.com/pictures/ap/Resources/2.0.10.00/cab/aolpPlugins.10.6.0.6.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.fr.aol.com/molbin/shared/mcinsctl/fr/4,0,0,84/mcinsctl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} - https://www.msn.com/fr-fr/
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - https://www.pixum.fr/?p_ref=crm_umleitung_photoreflex_1113
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.fr.aol.com/molbin/shared/mcgdmgr/fr/1,0,0,21/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://asp08.photoprintit.de/microsite/2697/defaults/activex/IPSUploader.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Pack Sécurité (BackWeb Plug-in - 361343) - Pack Securite - C:\PROGRA~1\PACKSC~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS - F-Secure Corp. - C:\Program Files\Pack Sécurité\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
A voir également:
- Pc lent
- Pc lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
- Double ecran pc - Guide
7 réponses
Salut alors désinstalle tous tes logiciel de sécurité. Et installe AntiVir,Malwarebytes Anti-Malware,Ccleaner et active le pare-feu XP.
AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)
PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE.
AntiVir: https://www.01net.com/outils/telecharger/windows/Securite/antivirus-antitrojan/fiches/tele13198.html
Tutoriel AntiVir: https://www.malekal.com/avira-free-security-antivirus-gratuit/
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
Ccleaner: https://www.01net.com/outils/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/tele32599.html
Tutoriel Ccleaner: https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php (Tu l'installe sans la bare d'outil Yahoo)
PS: TU LES INSTALLES SEULEMENT ET TU NE FAIS PAS D'ANALYSE. TU FAIS UNE MISE A JOUR A ANTIVIR ET MALWAREBYTES ANTI-MALWARE.
voila le rapport antivir:
Avira AntiVir Personal
Report file date: lundi 9 juin 2008 17:35
Scanning for 1319842 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PERSO-B8GG9T34L
Version information:
BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 08:15:14
ANTIVIR3.VDF : 7.0.4.164 232448 Bytes 09/06/2008 14:55:26
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 07/06/2008 08:11:49
AESCN.DLL : 8.1.0.21 119156 Bytes 07/06/2008 08:11:48
AERDL.DLL : 8.1.0.20 418165 Bytes 06/06/2008 08:15:26
AEPACK.DLL : 8.1.1.5 364918 Bytes 06/06/2008 08:15:24
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 06/06/2008 08:15:23
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 07/06/2008 08:11:47
AEHELP.DLL : 8.1.0.15 115063 Bytes 06/06/2008 08:15:18
AEGEN.DLL : 8.1.0.28 307572 Bytes 07/06/2008 08:11:44
AEEMU.DLL : 8.1.0.6 430451 Bytes 06/06/2008 08:15:17
AECORE.DLL : 8.1.0.31 168310 Bytes 07/06/2008 08:11:43
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 9 juin 2008 17:35
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'TrayMin200.exe' - '1' Module(s) have been scanned
Scan process 'WkCalRem.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'awkaqce.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'Money Express.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ECB-CLEO.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'dlbkbmon.exe' - '1' Module(s) have been scanned
Scan process 'VM_STI.EXE' - '1' Module(s) have been scanned
Scan process 'dlbkbmgr.exe' - '1' Module(s) have been scanned
Scan process 'point32.exe' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'dragdiag.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'type32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'w3dbsmgr.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'WGE_SRV.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
52 processes with 52 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '32' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP270\A0219517.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP270\A0219545.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
End of the scan: lundi 9 juin 2008 18:32
Used time: 57:06 min
The scan has been done completely.
5490 Scanning directories
505789 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
2 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
505787 Files not concerned
3943 Archives were scanned
1 Warnings
2 Notes
Avira AntiVir Personal
Report file date: lundi 9 juin 2008 17:35
Scanning for 1319842 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PERSO-B8GG9T34L
Version information:
BUILD.DAT : 8.1.0.308 16478 Bytes 28/05/2008 17:03:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.120 2206720 Bytes 01/06/2008 08:15:14
ANTIVIR3.VDF : 7.0.4.164 232448 Bytes 09/06/2008 14:55:26
Engineversion : 8.1.0.55
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.40 266618 Bytes 07/06/2008 08:11:49
AESCN.DLL : 8.1.0.21 119156 Bytes 07/06/2008 08:11:48
AERDL.DLL : 8.1.0.20 418165 Bytes 06/06/2008 08:15:26
AEPACK.DLL : 8.1.1.5 364918 Bytes 06/06/2008 08:15:24
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 06/06/2008 08:15:23
AEHEUR.DLL : 8.1.0.30 1253750 Bytes 07/06/2008 08:11:47
AEHELP.DLL : 8.1.0.15 115063 Bytes 06/06/2008 08:15:18
AEGEN.DLL : 8.1.0.28 307572 Bytes 07/06/2008 08:11:44
AEEMU.DLL : 8.1.0.6 430451 Bytes 06/06/2008 08:15:17
AECORE.DLL : 8.1.0.31 168310 Bytes 07/06/2008 08:11:43
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: lundi 9 juin 2008 17:35
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'TrayMin200.exe' - '1' Module(s) have been scanned
Scan process 'WkCalRem.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'awkaqce.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'Money Express.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ECB-CLEO.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'dlbkbmon.exe' - '1' Module(s) have been scanned
Scan process 'VM_STI.EXE' - '1' Module(s) have been scanned
Scan process 'dlbkbmgr.exe' - '1' Module(s) have been scanned
Scan process 'point32.exe' - '1' Module(s) have been scanned
Scan process 'WkUFind.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'dragdiag.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'type32.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'w3dbsmgr.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'WGE_SRV.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
52 processes with 52 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '32' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP270\A0219517.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP270\A0219545.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[NOTE] The file was deleted!
End of the scan: lundi 9 juin 2008 18:32
Used time: 57:06 min
The scan has been done completely.
5490 Scanning directories
505789 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
2 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
505787 Files not concerned
3943 Archives were scanned
1 Warnings
2 Notes
1) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
2) Scan avec Malwarebyte's Anti-Malware
*Lance Malwarebyte's Anti-Malware
*Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
*A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
*Suppression des éléments détectés >>>> clique sur Supprimer la sélection
*S'il t'es demandé de redémarrer >>> clique sur "Yes"
*--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
2) Scan avec Malwarebyte's Anti-Malware
*Lance Malwarebyte's Anti-Malware
*Puis vs dans l'onglet "Recherche" puis coche "Exécuter un examen complet" puis "Rechercher sélectionne tes disques durs" puis clique sur "Lancer l’examen"
*A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
*Suppression des éléments détectés >>>> clique sur Supprimer la sélection
*S'il t'es demandé de redémarrer >>> clique sur "Yes"
*--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
voila le rapport MBAM
Malwarebytes' Anti-Malware 1.15
Version de la base de données: 831
19:56:58 09/06/2008
mbam-log-6-9-2008 (19-56-58).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 94670
Temps écoulé: 38 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 11
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webmediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\WebMediaPlayer.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.15
Version de la base de données: 831
19:56:58 09/06/2008
mbam-log-6-9-2008 (19-56-58).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 94670
Temps écoulé: 38 minute(s), 39 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 11
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webmediaplayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\WebMediaPlayer (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\WebMediaPlayer\Conditions générales.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Confidentialité.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\sqlite3.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\Website.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\webmedias (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Bureau\WebMediaPlayer.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
Ok merci maintenant fais un scan en ligne avec Internet Explorer stp:
BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm
Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel.
BitDefender en ligne: http://www.bitdefender.fr/scan_fr/scan8/ie.html
Tutoriel BitDefender en ligne: http://cybersecurite.xooit.com/t201-Scan-en-ligne-BitDefender.htm
Ps: N'oublies pas de me poster le rapport. Si tu as besoin d'aide aide toi tu tutoriel.
voila le rapport bit def.
BitDefender Online Scanner
Scan report generated at: Tue, Jun 10, 2008 - 00:02:08
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time 01:13:23
Files 511996
Folders 5402
Boot Sectors 2
Archives 1923
Packed Files 11175
Results
Identified Viruses 3
Infected Files 4
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 4
Engines Info
Virus Definitions 1257126
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 42
Unpack plugins 7
E-mail plugins 6
System plugins 5
Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes
Scanned File Status
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006 Detected with: Adware.Navipromo.BZM
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006 Deleted
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g) Update failed
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Detected with: Adware.Navipromo.BZM
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Deleted
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g) Update failed
C:\Documents and Settings\philippe\Mes documents\mise a jour\devcpp4\SpywareSecure_trial_setup.exe=>(NSIS o) Detected with: Adware.SpywareSecure.B
C:\Documents and Settings\philippe\Mes documents\mise a jour\devcpp4\SpywareSecure_trial_setup.exe=>(NSIS o) Deleted
C:\Documents and Settings\philippe\Mes documents\mise a jour\devcpp4\SpywareSecure_trial_setup.exe Update failed
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220772.dll Detected with: Adware.Toolbar.Searchit.F
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220772.dll Deleted
BitDefender Online Scanner
Scan report generated at: Tue, Jun 10, 2008 - 00:02:08
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time 01:13:23
Files 511996
Folders 5402
Boot Sectors 2
Archives 1923
Packed Files 11175
Results
Identified Viruses 3
Infected Files 4
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 4
Engines Info
Virus Definitions 1257126
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 16
Archive plugins 42
Unpack plugins 7
E-mail plugins 6
System plugins 5
Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes
Scanned File Status
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006 Detected with: Adware.Navipromo.BZM
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0006 Deleted
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g) Update failed
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Detected with: Adware.Navipromo.BZM
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g)=>lzma_solid_nsis0002 Deleted
C:\Documents and Settings\philippe\Local Settings\Temp\pack.epk=>(NSIS 2g)=>lzma_solid_nsis0014=>(NSIS g) Update failed
C:\Documents and Settings\philippe\Mes documents\mise a jour\devcpp4\SpywareSecure_trial_setup.exe=>(NSIS o) Detected with: Adware.SpywareSecure.B
C:\Documents and Settings\philippe\Mes documents\mise a jour\devcpp4\SpywareSecure_trial_setup.exe=>(NSIS o) Deleted
C:\Documents and Settings\philippe\Mes documents\mise a jour\devcpp4\SpywareSecure_trial_setup.exe Update failed
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220772.dll Detected with: Adware.Toolbar.Searchit.F
C:\System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220772.dll Deleted
Ok maintenant fais ceci:
Défragmenter le disque dur:
*Pour l'exécuter, cliquez sur le bouton Démarrer, sur Tous les programmes, sur Accessoires, Outils systèmes puis sur Défragmenteur de disque.
*Cliquez sur le bouton Analyser. Le logiciel examine alors votre disque dur.
*Cliquez sur le bouton Afficher le rapport. (enregistre le et poste le moi stp) (que si tu as XP).
*Cliquez sur le bouton Défragmenter.
Défragmenter le disque dur:
*Pour l'exécuter, cliquez sur le bouton Démarrer, sur Tous les programmes, sur Accessoires, Outils systèmes puis sur Défragmenteur de disque.
*Cliquez sur le bouton Analyser. Le logiciel examine alors votre disque dur.
*Cliquez sur le bouton Afficher le rapport. (enregistre le et poste le moi stp) (que si tu as XP).
*Cliquez sur le bouton Défragmenter.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bonjour,
j'avais défrgmenté il y a qq jours.
voila donc le rapport et je redefragmente tout de suite
A+ et merci
Volume (C:)
Taille du volume = 76,32 Go
Taille de cluster = 4 Ko
Espace utilisé = 11,63 Go
Espace libre = 64,69 Go
Pourcentage d'espace libre = 84 %
Fragmentation du volume
Fragmentation totale = 1 %
Fragmentation de fichiers = 3 %
Fragmentation de l'espace libre = 0 %
Fragmentation de fichiers
Total de fichiers = 54 372
Taille moyenne de fichier = 293 Ko
Total de fichiers fragmentés = 1 041
Total de fragments en trop = 4 110
Nombre moyen de fragments par fichier = 1,07
Fragmentation du fichier paginé
Taille du fichier paginé = 384 Mo
Total de fragments = 1
Fragmentation de dossier
Total de dossiers = 5 389
Dossiers fragmentés = 9
Fragments de dossiers en trop = 98
Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 81 Mo
Nombre d'enregistrements dans la MFT = 60 033
Pourcentage d'utilisation de la MFT = 72 %
Total de fragments dans la MFT = 2
--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers les plus fragmentés
134 8 Mo \WINDOWS\PCHEALTH\HELPCTR\DataColl\CollectedData_1634.xml
110 7 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223901.rbf
103 6 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP281\A0223870.exe
90 6 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224186.rbf
88 144 Mo \Documents and Settings\philippe\Local Settings\Application Data\Google\GoogleEarth\dbCache.dat
87 5 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220495.rbf
84 5 Mo \Documents and Settings\philippe\Mes documents\Money Sauvegarde.mbf
72 5 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225541.exe
57 4 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220505.rbf
47 8 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP285\snapshot\Repository\FS\OBJECTS.DATA
46 12 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223890.rbf
43 45 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP279\A0220802.msi
43 3 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223948.msi
43 45 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224217.rbf
39 184 Ko \WINDOWS\BDOSCAN8\plugins
37 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223900.rbf
36 4 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224463.msi
35 1 Ko \Documents and Settings\philippe\ntuser.dat.LOG
34 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225626.dll
29 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225848.exe
28 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225732.dll
28 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223927.rbf
28 6 Mo \WINDOWS\BDOSCAN8\plugins\emalware.cvd
27 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220499.rbf
26 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220515.rbf
26 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220503.rbf
25 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP283\A0223951.rbf
24 1 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220501.rbf
24 1 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP283\A0223988.msi
24 1 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224194.rbf
j'avais défrgmenté il y a qq jours.
voila donc le rapport et je redefragmente tout de suite
A+ et merci
Volume (C:)
Taille du volume = 76,32 Go
Taille de cluster = 4 Ko
Espace utilisé = 11,63 Go
Espace libre = 64,69 Go
Pourcentage d'espace libre = 84 %
Fragmentation du volume
Fragmentation totale = 1 %
Fragmentation de fichiers = 3 %
Fragmentation de l'espace libre = 0 %
Fragmentation de fichiers
Total de fichiers = 54 372
Taille moyenne de fichier = 293 Ko
Total de fichiers fragmentés = 1 041
Total de fragments en trop = 4 110
Nombre moyen de fragments par fichier = 1,07
Fragmentation du fichier paginé
Taille du fichier paginé = 384 Mo
Total de fragments = 1
Fragmentation de dossier
Total de dossiers = 5 389
Dossiers fragmentés = 9
Fragments de dossiers en trop = 98
Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 81 Mo
Nombre d'enregistrements dans la MFT = 60 033
Pourcentage d'utilisation de la MFT = 72 %
Total de fragments dans la MFT = 2
--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers les plus fragmentés
134 8 Mo \WINDOWS\PCHEALTH\HELPCTR\DataColl\CollectedData_1634.xml
110 7 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223901.rbf
103 6 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP281\A0223870.exe
90 6 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224186.rbf
88 144 Mo \Documents and Settings\philippe\Local Settings\Application Data\Google\GoogleEarth\dbCache.dat
87 5 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220495.rbf
84 5 Mo \Documents and Settings\philippe\Mes documents\Money Sauvegarde.mbf
72 5 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225541.exe
57 4 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220505.rbf
47 8 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP285\snapshot\Repository\FS\OBJECTS.DATA
46 12 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223890.rbf
43 45 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP279\A0220802.msi
43 3 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223948.msi
43 45 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224217.rbf
39 184 Ko \WINDOWS\BDOSCAN8\plugins
37 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223900.rbf
36 4 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224463.msi
35 1 Ko \Documents and Settings\philippe\ntuser.dat.LOG
34 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225626.dll
29 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225848.exe
28 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0225732.dll
28 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP282\A0223927.rbf
28 6 Mo \WINDOWS\BDOSCAN8\plugins\emalware.cvd
27 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220499.rbf
26 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220515.rbf
26 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220503.rbf
25 2 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP283\A0223951.rbf
24 1 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP278\A0220501.rbf
24 1 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP283\A0223988.msi
24 1 Mo \System Volume Information\_restore{D8B5F8D6-6FBC-4117-BB23-33BF887BC52A}\RP284\A0224194.rbf
defragmentetion terminée, voila le rapport
Volume (C:)
Taille du volume = 76,32 Go
Taille de cluster = 4 Ko
Espace utilisé = 11,63 Go
Espace libre = 64,69 Go
Pourcentage d'espace libre = 84 %
Fragmentation du volume
Fragmentation totale = 0 %
Fragmentation de fichiers = 0 %
Fragmentation de l'espace libre = 0 %
Fragmentation de fichiers
Total de fichiers = 54 373
Taille moyenne de fichier = 293 Ko
Total de fichiers fragmentés = 0
Total de fragments en trop = 0
Nombre moyen de fragments par fichier = 1,00
Fragmentation du fichier paginé
Taille du fichier paginé = 384 Mo
Total de fragments = 1
Fragmentation de dossier
Total de dossiers = 5 389
Dossiers fragmentés = 1
Fragments de dossiers en trop = 0
Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 81 Mo
Nombre d'enregistrements dans la MFT = 60 034
Pourcentage d'utilisation de la MFT = 72 %
Total de fragments dans la MFT = 2
--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers qui ne peuvent pas être défragmentés
Aucun
Volume (C:)
Taille du volume = 76,32 Go
Taille de cluster = 4 Ko
Espace utilisé = 11,63 Go
Espace libre = 64,69 Go
Pourcentage d'espace libre = 84 %
Fragmentation du volume
Fragmentation totale = 0 %
Fragmentation de fichiers = 0 %
Fragmentation de l'espace libre = 0 %
Fragmentation de fichiers
Total de fichiers = 54 373
Taille moyenne de fichier = 293 Ko
Total de fichiers fragmentés = 0
Total de fragments en trop = 0
Nombre moyen de fragments par fichier = 1,00
Fragmentation du fichier paginé
Taille du fichier paginé = 384 Mo
Total de fragments = 1
Fragmentation de dossier
Total de dossiers = 5 389
Dossiers fragmentés = 1
Fragments de dossiers en trop = 0
Fragmentation de la table de fichiers principale (MFT)
Taille totale de la MFT = 81 Mo
Nombre d'enregistrements dans la MFT = 60 034
Pourcentage d'utilisation de la MFT = 72 %
Total de fragments dans la MFT = 2
--------------------------------------------------------------------------------
Fragments Taille du fichierFichiers qui ne peuvent pas être défragmentés
Aucun
*Ok ouvre "Ccleaner" vas dans l'onglet "Option" puis "Avancé" puis décoches "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures.". Puis vas dans l'onglet "Nettoyeur" fais "Analyse" puis "Lancer le nettoyage". Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée". Tu refais tous ca 4-5 fois (le nettoyage et le registre).
*Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
*Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
Puis vas dans l'onglet "Nettoyeur" fais "Analyse" puis "Lancer le nettoyage". Puis vas dans l'onglet "Registre" puis fait "Chercher des erreurs" puis "Réparer les erreurs sélectionnée". Tu refais tous ca 4-5 fois (le nettoyage et le registre).
*Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
*Puis reste dans "Ccleaner" puis va dans "Option" puis "Propriété" puis coches "Nettoyer automatiquement l'ordinateur au démarrage".
vois tu autre chose a faire
Mode sans Echec:
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
PS: JE TE CONSEILLE D'ENREGISTRER CE MESSAGE DANS TON BUREAU OU CAS OU.
ca fait 2 jours que je tente de rentrer ds le mode sans echec et je n'y arrive pas
je me trouve nul et je viens de realiser que mon clavier est cordless et ne prend la main que sous windows
vois tu une manip pour m'en sortir
merci