|
Informations |
Messages |
|
lenzo
15 messages
Barrette de RAM
|
 Le 23 Janvier 2011 à 19h45
Bonjour, je viens de faire un scan avec hijackthis, merci de me dire ce que vous pensez du resultat.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:55, on 23/01/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\jureg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kiwee Toolbar\3.2\kwtbaim.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Users\lenzo\binternet.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\lenzo\binternet.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\lenzo\Desktop\bouana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cherche.us/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: agihelper.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: pc gear fr Toolbar - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} - C:\Program Files\pc_gear_fr\tbpc_g.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: agihelper.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: pc gear fr - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} - C:\Program Files\pc_gear_fr\tbpc_g.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Kiwee Toolbar - {1c99b848-84cb-4ce4-8cd8-ed5719484d9f} - mscoree.dll (file missing)
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: pc gear fr Toolbar - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} - C:\Program Files\pc_gear_fr\tbpc_g.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\3.2\kwtbaim.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [binternet] C:\Users\lenzo\binternet.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: binternet.lnk = C:\Users\lenzo\binternet.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\lenzo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Recherche avec cherche.us - C:\Users\lenzo\scriptjava.html
O9 - Extra button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O15 - Trusted Zone: http://www.bitdefender.fr
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader4.cab?20080925093035
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 21073 bytes
|
| |
|
|
|
|
Winx
19828 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
En ligne
|
Le 23 Janvier 2011 à 20h18
Salut à toi et bienvenue, 
Afin de nous éclairer sur la nature précise de tes soucis "infectieux", ( ou pas ? )
dans un premier temps fais cette procédure et poste le rapport généré par Random's system information tool (RSIT) par
random/random
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
- Poste le contenu de log.txt (<<qui sera affiché)
ainsi que info.txt (<<qui sera réduit dans la Barre des Tâches).
// ! Important !
=======================
Citation Durant la phase de désinfection, il est absolument indispensable et primordial de ne pas rajouter de programmes à votre PC, afin de ne pas perturber la décontamination de votre machine. Faites-en un usage minimum durant cette phase.
D'autre part, ne pas utiliser d'outil(s) de décontamination de sa propre initiative, cela peut définitivement nuire à notre travail et au bon rétablissement de la machine.
C'est à la mode en ce moment, d'utiliser des outils comme Combofix sans autorisation !
C'est ABSOLUMENT proscrit ici sur ce Forum.
Il est évident qu'un PC infecté peut tout à fait devenir inutilisable malgré la tentative de désinfection, et de ce fait prendre la précaution de sauvegarder tous ses documents personnels, c'est une très bonne idée en soi....merci de prendre ça en considération 
Il est évident que je considère que l'option formatage et/ou une restauration du Système ne fait pas actuellement partie de ton intention, ce qui m'évite de perdre du temps.... merci d'avance
Ps:
======
Conseil d'ordre général
---->> Aller sur le Net avec Windows Internet Explorer, n'est pas souhaitable.
Pour vous en convaincre, un petit test de votre navigateur 
Comparez-donc Windows Internet Explorer avec Mozilla-Firefox (ce dernier devrait atteindre les 92 )
Quand à Windows Internet Explorer, j'en laisse la surprise...
Toutefois, ce qui ne veut pas dire que Windows Internet Explorer, ne doit pas être à jour ! (vérifier que vous avez la dernière version ! )
Télécharger Mozilla-Firefox 3.0. X. (le X représente évidemment la dernière version ) et le mettre à l'install comme Navigateur par défaut.
lien ici
-->source ici de conseils
Eviter à tous prix de poster dans plusieurs Forum à la fois...pas de multi-postage donc !
Poster les 2 rapports demandés (log.txt et info.txt)
En cas de fichier trop gros, suffit de le diviser sur deux réponses, ou plus.....
PS:
si tu ne peux pas télécharger en direct avec la machine infectée, il est évident qu'il faut faire usage, d'une carte SD ou clé usb via un autre PC. |
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
lenzo
15 messages
Barrette de RAM
|
Le 23 Janvier 2011 à 22h22
Salut, j' ai ma boite hotmail qui envoie des mails tous seuls a mes contact, je poste le rapport des que j' ai téléchargé le programme
|
| |
|
|
|
|
lenzo
15 messages
Barrette de RAM
|
Le 23 Janvier 2011 à 22h26
voila le resultata du log :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:55, on 23/01/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\jureg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kiwee Toolbar\3.2\kwtbaim.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Users\lenzo\binternet.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\lenzo\binternet.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\lenzo\Desktop\bouana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.cherche.us/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.cherche.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.cherche.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: agihelper.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
R3 - URLSearchHook: pc gear fr Toolbar - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} - C:\Program Files\pc_gear_fr\tbpc_g.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: agihelper.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: pc gear fr - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} - C:\Program Files\pc_gear_fr\tbpc_g.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Kiwee Toolbar - {1c99b848-84cb-4ce4-8cd8-ed5719484d9f} - mscoree.dll (file missing)
O3 - Toolbar: Eazel-FR Toolbar - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files\Eazel-FR\tbEaze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: pc gear fr Toolbar - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} - C:\Program Files\pc_gear_fr\tbpc_g.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\3.2\kwtbaim.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [binternet] C:\Users\lenzo\binternet.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: binternet.lnk = C:\Users\lenzo\binternet.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\lenzo\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O8 - Extra context menu item: Recherche avec cherche.us - C:\Users\lenzo\scriptjava.html
O9 - Extra button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Programs\PMU\PMUPoker\RunApp.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O15 - Trusted Zone: http://www.bitdefender.fr
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/framework/lib/objimageuploader/html_include/5.1.1.0/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4} (PhotoBox uploader) - http://assets.photobox.com/assets/aurigma/ImageUploader4.cab?20080925093035
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 21073 bytes
|
| |
|
|
|
|
Winx
19828 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
En ligne
|
Le 24 Janvier 2011 à 09h39
hello,
en effet quelques belles infections ( infections BT et autres petites joyeusetés ) dans cette machine,
mais rien qui ne soit pas éradicable 
Fais ceci,
* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.
* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
ensuite tu feras ceci:
Passons à la suppression:
-----------------------------------------------------------
* Double clic sur le programme Ad-Remover pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Nettoyer"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
donc je voudrais voir, deux rapports.
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
lenzo
15 messages
Barrette de RAM
|
Le 25 Janvier 2011 à 03h36
Voila le resultat du netoyage de ad remover :
.
======= RAPPORT D'AD-REMOVER 1.1.4.5 | UNIQUEMENT XP/VISTA =======
.
Mit à jour part C_XX le 31/05/2009 à 18:30
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 19:50:57, 31/05/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® ™ Home Premium Service Pack 1 v6.0.6001
Nom du PC: PC-DE-LENZO
.
Administrateur: Administrateur *Desactive*
N'est pas administrateur: Invité *Desactive*
N'est pas administrateur: IUSR_NMPR
Administrateur: lenzo
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKCU\Software\Grand Virtual
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Everest Casino
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Softwarehelper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AskTBar Uninstall
HKLM\Software\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}
HKLM\Software\Classes\CLSID\{FE063DBB-4EC0-403e-8DD8-394C54984B2C}
.
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Casino\Everest Casino.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Casino\Uninstall Everest Casino.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Casino
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker\Everest Poker.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker\Uninstall Everest Poker.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Everest Poker
C:\Users\lenzo\AppData\Roaming\EoRezo\cmhost.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo\ConfMedia.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo\db
C:\Users\lenzo\AppData\Roaming\EoRezo\eoDesktop
C:\Users\lenzo\AppData\Roaming\EoRezo\eoStats
C:\Users\lenzo\AppData\Roaming\EoRezo\host.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate
C:\Users\lenzo\AppData\Roaming\EoRezo\user.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo\eoDesktop\config.xml
C:\Users\lenzo\AppData\Roaming\EoRezo\eoDesktop\eoDesktop.html
C:\Users\lenzo\AppData\Roaming\EoRezo\eoDesktop\userConfig.xml
C:\Users\lenzo\AppData\Roaming\EoRezo\eoStats\eoStats.txt
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\Download
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\help_config.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\Software
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.dat
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\user_config.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo\SoftwareUpdate\user_profil.cyp
C:\Users\lenzo\AppData\Roaming\EoRezo
C:\Program Files\EoRezo\ConfMedia.cyp
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\EoRezo\eoEngine.url
C:\Program Files\EoRezo\EoMultiLanguage.dll
C:\Program Files\EoRezo\EoRezoComm.dll
C:\Program Files\EoRezo\EoRezoImg_17.dll
C:\Program Files\EoRezo\EoRezoImg_19.dll
C:\Program Files\EoRezo\EoRezoImg_20.dll
C:\Program Files\EoRezo\EoRezoImg_21.dll
C:\Program Files\EoRezo\EoRezoImg_22.dll
C:\Program Files\EoRezo\EoRezoImg_23.dll
C:\Program Files\EoRezo\EoRezoTools_16.dll
C:\Program Files\EoRezo\EoRezoTools_17.dll
C:\Program Files\EoRezo\EoRezoTools_18.dll
C:\Program Files\EoRezo\EoRezoTools_20.dll
C:\Program Files\EoRezo\EoRezoTools_21.dll
C:\Program Files\EoRezo\EoRezoTools_26.dll
C:\Program Files\EoRezo\EoRezoTools_27.dll
C:\Program Files\EoRezo\EoRezoTools_28.dll
C:\Program Files\EoRezo\EoRezoTools_29.dll
C:\Program Files\EoRezo\EoRezoTools_30.dll
C:\Program Files\EoRezo\FreeImage.dll
C:\Program Files\EoRezo\Host.cyp
C:\Program Files\EoRezo\lang
C:\Program Files\EoRezo\MngInstaller.dll
C:\Program Files\EoRezo\unins000.dat
C:\Program Files\EoRezo\unins000.exe
C:\Program Files\EoRezo\user.cyp
C:\Program Files\EoRezo\EoAdv\atl90.dll
C:\Program Files\EoRezo\EoAdv\EoAdv.dll
C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
C:\Program Files\EoRezo\EoAdv\mfc90.dll
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.ATL.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.CRT.manifest
C:\Program Files\EoRezo\EoAdv\Microsoft.VC90.MFC.manifest
C:\Program Files\EoRezo\EoAdv\msvcr90.dll
C:\Program Files\EoRezo\lang\ihm_eoclock.xml
C:\Program Files\EoRezo\lang\ihm_eoengine.xml
C:\Program Files\EoRezo\lang\ihm_eonet.xml
C:\Program Files\EoRezo\lang\ihm_eorezotools.xml
C:\Program Files\EoRezo\lang\ihm_eosudoku.xml
C:\Program Files\EoRezo\lang\ihm_eoweather.xml
C:\Program Files\EoRezo\lang\lang_en.xml
C:\Program Files\EoRezo\lang\lang_es.xml
C:\Program Files\EoRezo\lang\lang_fr.xml
C:\Program Files\EoRezo\lang\lang_it.xml
C:\Program Files\EoRezo
C:\Program Files\Everest Casino\build
C:\Program Files\Everest Casino\casino.exe
C:\Program Files\Everest Casino\commlib.dll
C:\Program Files\Everest Casino\cstart.exe
C:\Program Files\Everest Casino\data
C:\Program Files\Everest Casino\Everest Casino.exe
C:\Program Files\Everest Casino\floor.dll
C:\Program Files\Everest Casino\gvbase.dll
C:\Program Files\Everest Casino\gvcrt.dll
C:\Program Files\Everest Casino\gvgfx.dll
C:\Program Files\Everest Casino\gvmain.dll
C:\Program Files\Everest Casino\gvmain.exe
C:\Program Files\Everest Casino\gvnetwork.dll
C:\Program Files\Everest Casino\gvsound.dll
C:\Program Files\Everest Casino\init.ini
C:\Program Files\Everest Casino\log.dat
C:\Program Files\Everest Casino\roulette.dll
C:\Program Files\Everest Casino\settings.ini
C:\Program Files\Everest Casino\toc_fr.ini
C:\Program Files\Everest Casino\var
C:\Program Files\Everest Casino\vslots.dll
C:\Program Files\Everest Casino\build\updateserver
C:\Program Files\Everest Casino\build\updateserver\ec
C:\Program Files\Everest Casino\build\updateserver\fr
C:\Program Files\Everest Casino\build\updateserver\ec\cstart_back.jpg
C:\Program Files\Everest Casino\build\updateserver\fr\inistrings.txt
C:\Program Files\Everest Casino\data\casino
C:\Program Files\Everest Casino\data\cpanel
C:\Program Files\Everest Casino\data\floor
C:\Program Files\Everest Casino\data\roulette
C:\Program Files\Everest Casino\data\roulette_am
C:\Program Files\Everest Casino\data\shared
C:\Program Files\Everest Casino\data\startup
C:\Program Files\Everest Casino\data\vslots
C:\Program Files\Everest Casino\data\vslots_fairytale15
C:\Program Files\Everest Casino\data\casino\fr.gvt
C:\Program Files\Everest Casino\data\casino\shared.gvt
C:\Program Files\Everest Casino\data\cpanel\fr.gvt
C:\Program Files\Everest Casino\data\cpanel\shared.gvt
C:\Program Files\Everest Casino\data\floor\ec.gvt
C:\Program Files\Everest Casino\data\floor\fr.gvt
C:\Program Files\Everest Casino\data\floor\shared.gvt
C:\Program Files\Everest Casino\data\roulette\fr.gvt
C:\Program Files\Everest Casino\data\roulette\shared.gvt
C:\Program Files\Everest Casino\data\roulette_am\fr.gvt
C:\Program Files\Everest Casino\data\roulette_am\shared.gvt
C:\Program Files\Everest Casino\data\shared\fr
C:\Program Files\Everest Casino\data\shared\shared
C:\Program Files\Everest Casino\data\shared\fr\numbers
C:\Program Files\Everest Casino\data\shared\fr\ordinal.txt
C:\Program Files\Everest Casino\data\shared\fr\voices
C:\Program Files\Everest Casino\data\shared\fr\numbers\0.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\1.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\10.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\11.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\12.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\13.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\14.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\15.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\16.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\17.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\18.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\19.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\2.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\20.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\21.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\22.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\23.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\24.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\25.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\26.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\27.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\28.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\29.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\3.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\30.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\31.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\32.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\33.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\34.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\35.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\36.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\4.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\5.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\6.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\7.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\8.ogg
C:\Program Files\Everest Casino\data\shared\fr\numbers\9.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\bets_1.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\bets_2.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\bets_3.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\no_bets_1.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\plr_wins_1.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\plr_wins_2.ogg
C:\Program Files\Everest Casino\data\shared\fr\voices\plr_wins_3.ogg
C:\Program Files\Everest Casino\data\shared\shared\bitmaps
C:\Program Files\Everest Casino\data\shared\shared\paths.txt
C:\Program Files\Everest Casino\data\shared\shared\sounds
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_10.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_100.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_1000.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_10000.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_20.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_25.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_2500.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_50.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_500.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_chip_al.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_10.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_100.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_1000.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_10000.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_20.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_25.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_2500.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_50.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\btn_fun_chip_500.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cards.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor10.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor100.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor1000.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor10000.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor10000_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor1000_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor100_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor10_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor20.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor20_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor25.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor2500.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor2500_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor25_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor50.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor500.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor500_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\cursor50_fun.cur
C:\Program Files\Everest Casino\data\shared\shared\bitmaps\fun_chips.art
C:\Program Files\Everest Casino\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Casino\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Casino\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Casino\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Casino\data\startup\ec
C:\Program Files\Everest Casino\data\startup\en
C:\Program Files\Everest Casino\data\startup\fr
C:\Program Files\Everest Casino\data\startup\shared
C:\Program Files\Everest Casino\data\startup\ec\fr
C:\Program Files\Everest Casino\data\startup\ec\fr\splash.art
C:\Program Files\Everest Casino\data\startup\en\startup_strings.txt
C:\Program Files\Everest Casino\data\startup\fr\cstart.txt
C:\Program Files\Everest Casino\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Casino\data\startup\shared\icons
C:\Program Files\Everest Casino\data\startup\shared\paths.txt
C:\Program Files\Everest Casino\data\startup\shared\settings_paths.txt
C:\Program Files\Everest Casino\data\startup\shared\sounds
C:\Program Files\Everest Casino\data\startup\shared\icons\ec.ico
C:\Program Files\Everest Casino\data\startup\shared\icons\uninstall.ico
C:\Program Files\Everest Casino\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Casino\data\vslots\fr.gvt
C:\Program Files\Everest Casino\data\vslots\shared.gvt
C:\Program Files\Everest Casino\data\vslots_fairytale15\fr.gvt
C:\Program Files\Everest Casino\data\vslots_fairytale15\shared.gvt
C:\Program Files\Everest Casino\var\ec
C:\Program Files\Everest Casino\var\precachePromo.bin
C:\Program Files\Everest Casino\var\screenshots
C:\Program Files\Everest Casino\var\ec\3172183371.bin
C:\Program Files\Everest Casino\var\ec\3966282705.bin
C:\Program Files\Everest Casino\var\ec\445186126.bin
C:\Program Files\Everest Casino\var\ec\831528524.bin
C:\Program Files\Everest Casino\var\screenshots\ecfr_pvp_jacks.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_roulette_fr300.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_roulette_lv300.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_sl_at.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_sl_bollywood.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_sl_faerietale.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_sl_fashion.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_sl_olympians.jpg
C:\Program Files\Everest Casino\var\screenshots\ecfr_sol_casino_3.jpg
C:\Program Files\Everest Casino
C:\Program Files\Everest Poker\casino.exe
C:\Program Files\Everest Poker\cstart-tmp.exe
C:\Program Files\Everest Poker\cstart.exe
C:\Program Files\Everest Poker\data
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\history
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\var
C:\Program Files\Everest Poker\data\cpanel
C:\Program Files\Everest Poker\data\fonts
C:\Program Files\Everest Poker\data\mp-lobby
C:\Program Files\Everest Poker\data\mp-poker
C:\Program Files\Everest Poker\data\shared
C:\Program Files\Everest Poker\data\startup
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background
C:\Program Files\Everest Poker\data\mp-poker\fr
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\hawaii.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\shared\fr
C:\Program Files\Everest Poker\data\shared\shared
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps
C:\Program Files\Everest Poker\data\shared\shared\sounds
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en
C:\Program Files\Everest Poker\data\startup\fr
C:\Program Files\Everest Poker\data\startup\shared
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps
C:\Program Files\Everest Poker\data\startup\shared\icons
C:\Program Files\Everest Poker\data\startup\shared\sounds
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\history\1.txt
C:\Program Files\Everest Poker\history\10.txt
C:\Program Files\Everest Poker\history\11.txt
C:\Program Files\Everest Poker\history\12.txt
C:\Program Files\Everest Poker\history\13.txt
C:\Program Files\Everest Poker\history\14.txt
C:\Program Files\Everest Poker\history\15.txt
C:\Program Files\Everest Poker\history\16.txt
C:\Program Files\Everest Poker\history\17.txt
C:\Program Files\Everest Poker\history\18.txt
C:\Program Files\Everest Poker\history\19.txt
C:\Program Files\Everest Poker\history\20.txt
C:\Program Files\Everest Poker\history\21.txt
C:\Program Files\Everest Poker\history\22.txt
C:\Program Files\Everest Poker\history\23.txt
C:\Program Files\Everest Poker\history\24.txt
C:\Program Files\Everest Poker\history\25.txt
C:\Program Files\Everest Poker\history\26.txt
C:\Program Files\Everest Poker\history\27.txt
C:\Program Files\Everest Poker\history\28.txt
C:\Program Files\Everest Poker\history\29.txt
C:\Program Files\Everest Poker\history\3.txt
C:\Program Files\Everest Poker\history\30.txt
C:\Program Files\Everest Poker\history\31.txt
C:\Program Files\Everest Poker\history\32.txt
C:\Program Files\Everest Poker\history\33.txt
C:\Program Files\Everest Poker\history\34.txt
C:\Program Files\Everest Poker\history\35.txt
C:\Program Files\Everest Poker\history\36.txt
C:\Program Files\Everest Poker\history\37.txt
C:\Program Files\Everest Poker\history\38.txt
C:\Program Files\Everest Poker\history\4.txt
C:\Program Files\Everest Poker\history\40.txt
C:\Program Files\Everest Poker\history\41.txt
C:\Program Files\Everest Poker\history\42.txt
C:\Program Files\Everest Poker\history\43.txt
C:\Program Files\Everest Poker\history\44.txt
C:\Program Files\Everest Poker\history\45.txt
C:\Program Files\Everest Poker\history\47.txt
C:\Program Files\Everest Poker\history\48.txt
C:\Program Files\Everest Poker\history\49.txt
C:\Program Files\Everest Poker\history\5.txt
C:\Program Files\Everest Poker\history\52.txt
C:\Program Files\Everest Poker\history\54.txt
C:\Program Files\Everest Poker\history\55.txt
C:\Program Files\Everest Poker\history\6.txt
C:\Program Files\Everest Poker\history\60.txt
C:\Program Files\Everest Poker\history\61.txt
C:\Program Files\Everest Poker\history\62.txt
C:\Program Files\Everest Poker\history\63.txt
C:\Program Files\Everest Poker\history\64.txt
C:\Program Files\Everest Poker\history\65.txt
C:\Program Files\Everest Poker\history\66.txt
C:\Program Files\Everest Poker\history\67.txt
C:\Program Files\Everest Poker\history\69.txt
C:\Program Files\Everest Poker\history\7.txt
C:\Program Files\Everest Poker\history\70.txt
C:\Program Files\Everest Poker\history\71.txt
C:\Program Files\Everest Poker\history\72.txt
C:\Program Files\Everest Poker\history\76.txt
C:\Program Files\Everest Poker\history\8.txt
C:\Program Files\Everest Poker\history\9.txt
C:\Program Files\Everest Poker\var\content-fr.dat
C:\Program Files\Everest Poker\var\Everest Casino.exe
C:\Program Files\Everest Poker
C:\Users\lenzo\AppData\Local\Temp\is-JMPHQ.tmp\EoRezo
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-74061834.pf
C:\Users\lenzo\AppData\Roaming\MICROS~1\Windows\Cookies\lenzo@ads.eorezo[2].txt
C:\Users\lenzo\AppData\Roaming\MICROS~1\Windows\Cookies\Low\lenzo@ads.eorezo[2].txt
C:\Users\lenzo\AppData\Roaming\MICROS~1\Windows\Cookies\lenzo@dl.eorezo[1].txt
C:\Users\lenzo\AppData\Roaming\MICROS~1\Windows\Cookies\lenzo@eorezo[1].txt
C:\Users\lenzo\AppData\Roaming\MICROS~1\Windows\Cookies\Low\lenzo@eorezo[1].txt
(!) -- Fichiers temporaires supprimés.
.
============== Scan additionnel ==============
.
.
.
* Internet Explorer Version 7.0.6001.18000 *
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
============== Suspect (Cracks, Serials ... ) ==============
.
+---------------------------------------------------------------------------+
25123 Octet(s) - C:\Ad-Report-CLEAN.log
18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
167 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
Fin à: 20:02:55 | 31/05/2009
.
============== E.O.F ==============
.
|
| |
|
|
|
|
Winx
19828 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
En ligne
|
Le 25 Janvier 2011 à 10h47
re,
ça valait la peine.... 
Ensuite fais ceci:
Télécharge Malwarebytes' Anti-Malware (MBAM)
[*] Double clique sur le fichier téléchargé pour lancer le processus d'installation.
[*] Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
[*] Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
[*] Sélectionne "Exécuter un examen rapide"
[*] Clique sur "Rechercher"
[*] L'analyse démarre, le scan est relativement long, c'est normal.
[*] A la fin de l'analyse, un message s'affiche :
Citation L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
[*] Ferme tes navigateurs.
[*] Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
[*] MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
ps:
--->aide visuelle sur Mbam ici
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
lenzo
15 messages
Barrette de RAM
|
Le 25 Janvier 2011 à 15h58
Voila le resultat de MAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4052
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18999
25/01/2011 15:57:15
mbam-log-2011-01-25 (15-57-15).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 137385
Temps écoulé: 7 minute(s), 11 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec cherche.us (Redir.ChercheUs) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page_bak (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
|
| |
|
|
|
|
Winx
19828 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
En ligne
|
Le 26 Janvier 2011 à 12h05
Fais ceci:
Fais un scan de ta machine avec Spybot-S&D©®
Rends-toi sur ce lien et télécharge l'utilitaire.
Installe-le et fais la mise à jour.
Toutefois être prudent à l'install, si nécessaire décocher toute installation de Yahoo Toolbars ( et compagnie ,ça devient une manie dans les gratuits d'auto installer ces bestioles !)
De plus, n'accepte pas l'installation de "Teatimer" .
Si par hasard tu l'as accepter, ce n'est pas dramatique fais ceci:
1) Désactive le Teatimer de Spybot
[*]Ouvre Spybot
[*]Rends-toi dans le menu Mode
[*]Coche la case Mode Avancé
[*]Clique sur Outils (tout en bas)
[*]Dans Résident, tu décoches la case Resident Teatimer
-----> L'icône doit être absente de la barre des tâches...
Tutoriel animé :
-->source ici
(merci Balltrap34 !)
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
Demander de l'aide
RSS
Profil
Les Pays-Bas inscrivent la neutralité du net dans la loi
Facebook Messenger: Plus besoin d'un navigateur web pour discuter sur le chat Facebook
Google Drive: Google lancerait bientôt un service de stockage en ligne
Un tiers des divorces en Angleterre seraient liés à Facebook
Des photos privées de Mark Zuckerberg dévoilées à cause d'une faille de sécurité Facebook
Rock-It 2.0 : un amplificateur à se mettre dans la poche
Google Chrome passe devant Firefox et devient le second navigateur mondial
Procurez vous le nouveau design de Youtube dès maintenant
Appelez vos amis Facebook via Skype - même s'ils n'ont pas Skype!
Impact des cyber-attaques sur le monde réel: Aux portes d'une guerre?
Nettoyer son ordinateur des fichiers temporaires et inutiles avec CCleaner
Achetez et vendez votre matériel multimédia d'occasion sur notre service de petites annonces informatiques gratuites
