Aller au contenu

erictus

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    42

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par erictus

  1. erictus

    update antivir

    erictus a répondu à un(e) sujet de erictus dans Mises à jour utilitaires

    merci Micky_mike' ça marche ! J'ai regardé le reg qu'est-ce que c'est cette correction du registre ?[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Shell Folders] "Common AppData"="C:\\ProgramData"
  2. erictus

    update antivir

    erictus a répondu à un(e) sujet de erictus dans Mises à jour utilitaires

    ok merci j'ai réussi la mise à jour manuelle mais celà ne me dit pas pourquoi la mise à jour automatique ou via le update ne marche pas !
  3. erictus

    update antivir

    erictus a répondu à un(e) sujet de erictus dans Mises à jour utilitaires

    salut il ne se passe rien
  4. erictus
    bonjour à toutes et tous le centre de sécurité Windows m'indique que antivir est peut-être obsolète et effectivement la mise à jour antivir ne s'effectue pas que faire ?
  5. erictus
    bonjour ça était long j'ai tout fait mais n'ai pas pu avoir le fichier navilog car au redémarage antivir c'est remis en route alors j'ai cliqué ignore trente six fois. Il semble qu'il ait bien nettoyé car j'ai refait un scan que voici suivi des résultats (vierges à par des cookies) de panda et kaspersy merci pour tout plus de de pubs mais apparemment adaware spybot et antivir ça suffit pas en fait antivir ne protège pas des fichiers téléchargé et des exe comme le faisait avast. Y a-t-il autre chose à faire pour se protéger ? ;******************************************************************************* ********************************************************************************* ******************* ANALYSIS: 2008-04-12 22:03:21 PROTECTIONS: 2 MALWARE: 27 SUSPECTS: 1 ;******************************************************************************* ********************************************************************************* ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================= =================== Symantec AntiVirus Corporate Edition 10.1.5.5000 No Yes Avira AntiVir PersonalEdition 7.0.0.2 No No ;=============================================================================== ================================================================================= =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================= =================== 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.doubleclick.net/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.atdmt.com/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@atdmt[1].txt 00139535 Application/Processor HackTools No 0 Yes No C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix\Process.exe 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.tradedoubler.com/] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.tradedoubler.com/] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.tradedoubler.com/] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@tradedoubler[1].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.tradedoubler.com/] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.tradedoubler.com/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.fastclick.net/] 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.revenue.net/] 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.revenue.net/] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@com[2].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.com.com/] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.xiti.com/] 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@xiti[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[ad.yieldmanager.com/] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.apmebf.com/] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.apmebf.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.bs.serving-sys.com/] 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.weborama.fr/] 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.adtech.de/] 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@adtech[1].txt 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[fl01.ct2.comclick.com/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[fl01.ct2.comclick.com/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[fl01.ct2.comclick.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.advertising.com/] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.overture.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.zedo.com/] 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.bluestreak.com/] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[searchportal.information.com/] 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@adviva[2].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.adviva.net/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.smartadserver.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.smartadserver.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.smartadserver.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@smartadserver[1].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firefox\Profiles\zs5fvxzx.default\cookies.txt[.smartadserver.com/] 00517584 Application/SuperFast HackTools No 0 Yes No C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix\restart.exe 02080235 Generic Malware Virus/Trojan No 0 Yes No C:\Users\ARCHRO\Downloads\eMule\Temp\010.part[ ------ CASINO - POKER on-line.exe] 02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix\Reboot.exe 02388619 Application/Webmediaplayer HackTools No 0 Yes No C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe 02897870 Adware/BaiduBar Adware No 0 Yes No C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location N1{yH�M 3 ;=============================================================================== ================================================================================= =================== No C:\PROGRAM FILES\EUROBARRE\EB.EXE N1{yH�M 3 ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description N1{yH�M 3 ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== scan panda Vous êtes infecté ! Nous avons détecté que la protection Symantec AntiVirus Corporate Edition de votre PC est désactivée et à jour Vous avez besoin d'une meilleure protection pour votre PC. Les solutions Panda vous protégeront contre plus de 3 millions de virus, logiciels espions et autres menaces. Enregistrez-vous gratuitement pour désinfecter virus, vers et chevaux de Troie. DEMO Exporter vers : Menaces avec désinfection gratuite (2) Niveau de risque moyen (1)Trj/Rebooter.JVirusLatent(e)Masquer+Infos 1. C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix\Reboot.exe Niveau de risque faible (1)Generic Malwar...VirusLatent(e)Masquer+Infos 1. C:\Users\ARCHRO\Downloads\eMule\Temp\010.part... ------ CASINO - POKER on-line.exe] Seulement pour les utilisateurs enregistrés. Enregistrez-moi gratuitement - Je suis enregistré Menaces désinfectées avec la version payante (25) Niveau de risque faible (25)Adware/BaiduBa...Adware (logiciel publicitaire)Latent(e)Masquer+Infos 1. C:\Program Files\Maïdo Production\IziSpot 4\IziSpot.exe Cookie/XitiCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...xzx.default\cookies.txt[.xiti.com/] 2. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@xiti[1].txt Cookie/ApmebfCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...x.default\cookies.txt[.apmebf.com/] Application/Pr...Application de surveillanceLatent(e)Masquer+Infos 1. C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix\Process.exe Cookie/Serving...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...t\cookies.txt[.bs.serving-sys.com/] Cookie/AdtechCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@adtech[1].txt 2. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...zx.default\cookies.txt[.adtech.de/] Cookie/Smartad...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Win...Cookies\archro@smartadserver[1].txt 2. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...lt\cookies.txt[.smartadserver.com/] Cookie/Searchp...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef....txt[searchportal.information.com/] Cookie/ZedoCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...xzx.default\cookies.txt[.zedo.com/] Cookie/Serving...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...ault\cookies.txt[.serving-sys.com/] Cookie/YieldMa...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...t\cookies.txt[ad.yieldmanager.com/] Cookie/Overtur...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...default\cookies.txt[.overture.com/] Cookie/Weboram...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef....default\cookies.txt[.weborama.fr/] Cookie/AdvivaCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@adviva[2].txt 2. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...x.default\cookies.txt[.adviva.net/] Cookie/Tradedo...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...ult\cookies.txt[.tradedoubler.com/] 2. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Win...\Cookies\archro@tradedoubler[1].txt Cookie/Adverti...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...ault\cookies.txt[.advertising.com/] Cookie/Com.comCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...vxzx.default\cookies.txt[.com.com/] 2. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@com[2].txt Cookie/FastCli...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...efault\cookies.txt[.fastclick.net/] Cookie/Atlas D...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...zx.default\cookies.txt[.atdmt.com/] 2. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\archro@atdmt[1].txt Cookie/Comclic...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...cookies.txt[fl01.ct2.comclick.com/] Cookie/WUpdCookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef....default\cookies.txt[.revenue.net/] Application/Su...Application de surveillanceLatent(e)Masquer+Infos 1. C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix\restart.exe Cookie/Doublec...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...ault\cookies.txt[.doubleclick.net/] 2. C:\Users\ARCHRO\AppData\Roaming\Microsoft\Win...s\Cookies\archro@doubleclick[1].txt Cookie/Bluestr...Cookie de surveillanceLatent(e)Afficher+Infos 1. C:\Users\ARCHRO\AppData\Roaming\Mozilla\Firef...fault\cookies.txt[.bluestreak.com/] Application/We...Application de surveillanceLatent(e)Masquer+Infos 1. C:\Program Files\WebMediaPlayer\WebMediaPlayer.exe Uniquement disponible en version payante. Acheter - Je suis un client ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, April 13, 2008 9:08:56 AM Operating System: Microsoft Windows Vista Professional, (Build 6000) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 12/04/2008 Kaspersky Anti-Virus database records: 628600 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ Scan Statistics: Total number of scanned objects: 198275 Number of viruses found: 0 Number of infected objects: 0 Number of suspicious objects: 0 Duration of the scan process: 02:31:36 Infected Object Name / Virus Name / Last Action C:\Boot\BCD Object is locked skipped C:\Boot\BCD.LOG Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ibdata1 Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ib_logfile0 Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ib_logfile1 Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhasset.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhassetcacheitem.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhassetversioncacheitem.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhlabel.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhlabeltoversion.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhmessage.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpqentry.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishlog.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishserver.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishstateitem.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhresult.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhreview.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhreviewcomment.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhrole.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhschemaversion.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsequence.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhserverglobals.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsettings.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsettingssection.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhthumbnail.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhuser.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhuserrole.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhxmpmetadata.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhxmpproperty.ibd Object is locked skipped C:\Program Files\Adobe\Adobe Version Cue CS2\logs\VersionCue.log Object is locked skipped C:\Program Files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NAMES Object is locked skipped C:\Program Files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NAMES2 Object is locked skipped C:\Program Files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF Object is locked skipped C:\Program Files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext Object is locked skipped C:\Program Files\Panda Security\ActiveScan 2.0\psqstore\PSQ.CFG Object is locked skipped C:\ProgramData\Dell\QuickSet\QSLLPSVCShare Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\47f350a8a5324bd68b3d2dabcbc54778_ced3b130-b47c-456b-9eea-7aa9a1806a1e Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\7f315e812ffd0a877ef958b7a14567e5_ced3b130-b47c-456b-9eea-7aa9a1806a1e Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\df7f7f6f50e524c31c7a4851b3921a5a_ced3b130-b47c-456b-9eea-7aa9a1806a1e Object is locked skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e17459beeef013e01dbf6151b4b7cdbf_ced3b130-b47c-456b-9eea-7aa9a1806a1e Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.96.Crwl Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.96.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.ci Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wsb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010013.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy1052.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1E0A.tmp Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf1E0B.tmp Object is locked skipped C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-11022006-050253.log Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\UsrClass.dat{1877cfdf-be8c-11dc-a769-001c23b0311d}.TM.blf Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\UsrClass.dat{1877cfdf-be8c-11dc-a769-001c23b0311d}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows\UsrClass.dat{1877cfdf-be8c-11dc-a769-001c23b0311d}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\ARCHRO\AppData\Local\Microsoft\Windows Defender\FileTracker\{3642F579-2CA4-4291-8216-2CBF52E11E8B} Object is locked skipped C:\Users\ARCHRO\AppData\Local\Temp\FXSAPIDebugLogFile.txt Object is locked skipped C:\Users\ARCHRO\AppData\Local\Temp\IMG9081.tmp Object is locked skipped C:\Users\ARCHRO\AppData\Local\Temp\IMG9F1.tmp Object is locked skipped C:\Users\ARCHRO\AppData\Local\Temp\~DF1C86.tmp Object is locked skipped C:\Users\ARCHRO\AppData\Local\Temp\~DF1C90.tmp Object is locked skipped C:\Users\ARCHRO\AppData\Local\Temp\~DF8FE9.tmp Object is locked skipped C:\Users\ARCHRO\AppData\Roaming\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped C:\Users\ARCHRO\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\ARCHRO\AppData\Roaming\Spamihilator\SPAC825.tmp.log Object is locked skipped C:\Users\ARCHRO\AppData\Roaming\Spamihilator\SPAC826.tmp.log Object is locked skipped C:\Users\ARCHRO\ntuser.dat Object is locked skipped C:\Users\ARCHRO\ntuser.dat.LOG1 Object is locked skipped C:\Users\ARCHRO\ntuser.dat.LOG2 Object is locked skipped C:\Users\ARCHRO\ntuser.dat{661c5796-0715-11dd-bc53-001c23b0311d}.TM.blf Object is locked skipped C:\Users\ARCHRO\ntuser.dat{661c5796-0715-11dd-bc53-001c23b0311d}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\ARCHRO\ntuser.dat{661c5796-0715-11dd-bc53-001c23b0311d}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\CSC\v2.0.6\pq Object is locked skipped C:\Windows\Debug\PASSWD.LOG Object is locked skipped C:\Windows\Debug\sam.log Object is locked skipped C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped C:\Windows\Logs\CBS\CBS.log Object is locked skipped C:\Windows\SchedLgU.Txt Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3d4e88e9-6a70-11db-b1ba-d64300c9c793}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3d4e88e9-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3d4e88e9-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun-70-421CFC91-A93E-42AB-A35C-F06F127FCC44.lock Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3d4e88e5-6a70-11db-b1ba-d64300c9c793}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3d4e88e5-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3d4e88e5-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\SoftwareDistribution\DataStore\DataStore.edb Object is locked skipped C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log Object is locked skipped C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb Object is locked skipped C:\Windows\SoftwareDistribution\EventCache\{BD74E3A5-41F6-4717-B653-67A7D8DA6B29}.bin Object is locked skipped C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\catroot2\edb.log Object is locked skipped C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\config\COMPONENTS Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped C:\Windows\System32\config\DEFAULT Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped C:\Windows\System32\config\RegBack\SAM Object is locked skipped C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped C:\Windows\System32\config\SAM Object is locked skipped C:\Windows\System32\config\SAM.LOG1 Object is locked skipped C:\Windows\System32\config\SAM.LOG2 Object is locked skipped C:\Windows\System32\config\SECURITY Object is locked skipped C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped C:\Windows\System32\config\SOFTWARE Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped C:\Windows\System32\config\SYSTEM Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{661c577a-0715-11dd-bc53-001c23b0311d}.TxR.0.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{661c577a-0715-11dd-bc53-001c23b0311d}.TxR.1.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{661c577a-0715-11dd-bc53-001c23b0311d}.TxR.2.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{661c577a-0715-11dd-bc53-001c23b0311d}.TxR.blf Object is locked skipped C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.003 Object is locked skipped C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped C:\Windows\Temp\hsperfdata_ERICTUS$\596 Object is locked skipped C:\Windows\Temp\ib17 Object is locked skipped C:\Windows\Temp\ib18 Object is locked skipped C:\Windows\Temp\ib19 Object is locked skipped C:\Windows\Temp\TMP0000006E41D0D40369CC15DE Object is locked skipped C:\Windows\WindowsUpdate.log Object is locked skipped D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.
  6. erictus
    salut pear voici Search Navipromo version 3.5.3 commencé le 12/04/2008 à 15:07:58,06 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "ARCHRO" Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO Microsoft Windows Vista 6.0.6000 Internet Explorer : 7.0.6000.16643 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\Windows *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer trouvé ! *** Recherche dossiers dans C:\ProgramData *** *** Recherche dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs *** ...\WebMediaPlayer trouvé ! *** Recherche dossiers dans c:\users\archro\appdata\roaming\microsoft\windows\start menu\programs *** *** Recherche dossiers dans C:\Users\ARCHRO\AppData\Local\virtualstore\Program Files *** *** Recherche dossiers dans C:\Users\ARCHRO\AppData\Roaming *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Users\ARCHRO\AppData\Local\xnstwtdip.dat C:\Users\ARCHRO\AppData\Local\xnstwtdip.exe C:\Users\ARCHRO\AppData\Local\xnstwtdip_nav.dat C:\Users\ARCHRO\AppData\Local\xnstwtdip_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\Windows\system32 * * Recherche dans C:\Users\ARCHRO\AppData\Local\Microsoft * * Recherche dans C:\Users\ARCHRO\AppData\Local * * Recherche dans "C:\Users\ADMINI~1\AppData\Local" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans C:\Windows\system32 : * Dans C:\Users\ARCHRO\AppData\Local\Microsoft : * Dans C:\Users\ARCHRO\AppData\Local : xnstwtdip.dat trouvé ! * Dans "C:\Users\ADMINI~1\AppData\Local" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 12/04/2008 à 15:21:49,01 ***
  7. erictus
    bonjour à tous encore des fenetres pub intempestives puis le start update de antivir qui mache pas ça commence à devenir répétitif voici le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:13:24, on 12/04/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\sttray.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Apoint\HidFind.exe C:\Windows\System32\rundll32.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Eurobarre\eb.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking9\Ereg.ini O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: DameWare Mini Remote Control (DWMRCS) - Unknown owner - C:\WINDOWS\SYSTEM32\DWRCS.EXE (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 12883 bytes
  8. erictus
    résolu par restauration
  9. erictus
    bonjour au secours tous mes programmes ouvrent uniquement adobe reader en conséquence je vous joints depuis un autre ordinateur que faire ?
  10. erictus

    infection

    erictus a répondu à un(e) sujet de erictus dans Analyses et éradication malwares

    hello merci pour tout voici le nouveau rapport :P :P Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:23:07, on 08/04/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe C:\Program Files\Eurobarre\eb.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\wuauclt.exe C:\Program Files\FreeCommander\FreeCommander.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min/nosplash O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking9\Ereg.ini O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\Msconfig.exe" /auto O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: DameWare Mini Remote Control (DWMRCS) - Unknown owner - C:\WINDOWS\SYSTEM32\DWRCS.EXE (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 13701 bytes
  11. erictus

    infection

    erictus a répondu à un(e) sujet de erictus dans Analyses et éradication malwares

    salut evasion "doctor" et merci concernant les antivirus : j'arrive pas a me debarasser de NAV (désinstallé nettoyage du registre, il est toujours là) pour le reste c'est fait voici le rapport amicalement Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:41:07, on 08/04/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\rundll32.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe C:\Program Files\Eurobarre\eb.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\RegCleaner\RegCleanr.exe C:\PROGRA~1\MOZILL~2\FIREFOX.EXE C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NGClient] C:\Program Files\SYMANTEC\Ghost\ngctw32.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min/nosplash O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking9\Ereg.ini O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [intellibarre] C:\Users\ARCHRO\Documents\intellibarre0.976b.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Unknown owner - C:\Program Files\Symantec AntiVirus\DefWatch.exe (file missing) O23 - Service: DameWare Mini Remote Control (DWMRCS) - Unknown owner - C:\WINDOWS\SYSTEM32\DWRCS.EXE (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 14659 bytes
  12. erictus
    bonsoir je ne comprends pas ! j'ai installé antivir adaware et spybot et me voilà encore avec des fenetres intempestives que de temps perdu pour ces purée de malwares voici le rapport et merci pour votre aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:33:05, on 07/04/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\System32\ctfmon.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Fast Launcher\fl.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\ARCHRO\AppData\Local\numtb.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Windows\System32\rundll32.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Eurobarre\eb.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NGClient] C:\Program Files\SYMANTEC\Ghost\ngctw32.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min/nosplash O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [spybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking9\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking9\Ereg.ini O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [numtb] c:\users\archro\appdata\local\numtb.exe numtb O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [intellibarre] C:\Users\ARCHRO\Documents\intellibarre0.976b.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Unknown owner - C:\Program Files\Symantec AntiVirus\DefWatch.exe (file missing) O23 - Service: DameWare Mini Remote Control (DWMRCS) - Unknown owner - C:\WINDOWS\SYSTEM32\DWRCS.EXE (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 14646 bytes
  13. erictus

    rapport

    erictus a répondu à un(e) sujet de erictus dans Analyses et éradication malwares

    merci, j'ai presque tout fait panda marche pas (fenetre vide) kaspersky on line ne fonctionne pas avec vista les autres j'avais commencé mais c'était trop long je suis allé me coucher j'ai supprimé ce qui apparaissait dans l'analyse de spyware j'ai désinstallé avast au profit d'antivir (comme conseillé sur ce forum pour des histoires de réactivité) et je suis en train de faire un scan avec antivir et puis voilà les fenetres intempestives ont visiblement pour l'heure disparues merci pour tout erictus
  14. erictus

    rapport

    erictus a répondu à un(e) sujet de erictus dans Analyses et éradication malwares

    oui
  15. erictus

    rapport

    erictus a répondu à un(e) sujet de erictus dans Analyses et éradication malwares

    merci pour tous ces conseils à propos de "process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. http://www.beyondlogic.org/consulting/proc...sutil.htm" le lien est cassé à propos de norton il était installé dans l'ancienne configuration et comme j'ai installé par dessus vista pour conserver les logiciels présents, norton n'apparait plus dans le gestionnaire des logiciels donc pas de possibilité de le désinstaller je ne sais pas si tous les spywares sont supprimés cars fire fox continue à m'ouvrir des fenêtres intempestives (malgré adblock plus) voici les dernier rapports et je rajoute un HijackThis SmitFraudFix v2.308 Scan done at 21:02:57,61, 24/03/2008 Run from C:\Users\ARCHRO\Documents\smitfraudix\SmitfraudFix OS: Microsoft Windows [version 6.0.6000] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» Process C:\Windows\system32\csrss.exe C:\WINDOWS\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\WINDOWS\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\SYSTEM32\DWRCS.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Windows\system32\svchost.exe C:\Windows\System32\snmp.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\taskeng.exe C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Fast Launcher\fl.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\ARCHRO\AppData\Local\vrloeuz.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\System32\rundll32.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\notepad.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\FreeCommander\FreeCommander.exe C:\WINDOWS\system32\cmd.exe C:\Windows\system32\wbem\wmiprvse.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\ARCHRO »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\ARCHRO\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\Users\ARCHRO\FAVORI~1 »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, following keys are not inevitably infected!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, following keys are not inevitably infected!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "LoadAppInit_DLLs"=dword:00000001 »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\Windows\\system32\\userinit.exe," »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Carte réseau Broadcom 802.11g DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{475582FD-E154-4337-A192-380765C95E92}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CCS\Services\Tcpip\..\{4C9F8F8A-1760-4B73-B22D-8173BD0F22C4}: DhcpNameServer=10.81.1.5 10.0.1.5 10.0.1.6 HKLM\SYSTEM\CCS\Services\Tcpip\..\{8A14DB0B-C109-480E-9599-0BA0737105CF}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CCS\Services\Tcpip\..\{9BBDCC9C-5CB8-4551-B8B6-0254C47669C8}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{ECA5BED5-6B8B-4E7E-95B9-1A00C5086FF7}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CS1\Services\Tcpip\..\{475582FD-E154-4337-A192-380765C95E92}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CS1\Services\Tcpip\..\{4C9F8F8A-1760-4B73-B22D-8173BD0F22C4}: DhcpNameServer=10.81.1.5 10.0.1.5 10.0.1.6 HKLM\SYSTEM\CS1\Services\Tcpip\..\{8A14DB0B-C109-480E-9599-0BA0737105CF}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CS1\Services\Tcpip\..\{9BBDCC9C-5CB8-4551-B8B6-0254C47669C8}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{ECA5BED5-6B8B-4E7E-95B9-1A00C5086FF7}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CS3\Services\Tcpip\..\{475582FD-E154-4337-A192-380765C95E92}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CS3\Services\Tcpip\..\{4C9F8F8A-1760-4B73-B22D-8173BD0F22C4}: DhcpNameServer=10.81.1.5 10.0.1.5 10.0.1.6 HKLM\SYSTEM\CS3\Services\Tcpip\..\{8A14DB0B-C109-480E-9599-0BA0737105CF}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CS3\Services\Tcpip\..\{9BBDCC9C-5CB8-4551-B8B6-0254C47669C8}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{ECA5BED5-6B8B-4E7E-95B9-1A00C5086FF7}: DhcpNameServer=212.30.96.123 213.203.124.147 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End Search Navipromo version 3.5.1 commencé le 24/03/2008 à 20:47:19,56 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "ARCHRO" Mise à jour le 23.03.2008 à 22h00 par IL-MAFIOSO Microsoft Windows Vista 6.0.6000 Internet Explorer : 7.0.6000.16609 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\Windows *** *** Recherche dossiers dans C:\Program Files *** C:\Program Files\WebMediaPlayer trouvé ! *** Recherche dossiers dans C:\ProgramData *** *** Recherche dossiers dans C:\ProgramData\Microsoft\Windows\Start Menu\Programs *** ...\WebMediaPlayer trouvé ! *** Recherche dossiers dans c:\users\archro\appdata\roaming\microsoft\windows\start menu\programs *** *** Recherche dossiers dans C:\Users\ARCHRO\AppData\Local\virtualstore\Program Files *** *** Recherche dossiers dans C:\Users\ARCHRO\AppData\Roaming *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Users\ARCHRO\AppData\Local\vrloeuz.dat C:\Users\ARCHRO\AppData\Local\vrloeuz.exe C:\Users\ARCHRO\AppData\Local\vrloeuz_nav.dat C:\Users\ARCHRO\AppData\Local\vrloeuz_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\Windows\system32 * * Recherche dans C:\Users\ARCHRO\AppData\Local\Microsoft * * Recherche dans C:\Users\ARCHRO\AppData\Local * Fichiers suspects : vrloeuz.exe trouvé ! * Recherche dans "C:\Users\Administrateur\AppData\Local" * *** Recherche fichiers *** C:\Windows\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans C:\Windows\system32 : DWRCS.EXE trouvé ! DWRCST.EXE trouvé ! * Dans C:\Users\ARCHRO\AppData\Local\Microsoft : * Dans C:\Users\ARCHRO\AppData\Local : * Dans C:\Users\Administrateur\AppData\Local : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : *** Analyse terminée le 24/03/2008 à 20:59:29,35 *** Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:13:51, on 24/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Windows\System32\WLTRAY.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Fast Launcher\fl.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\System32\rundll32.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\notepad.exe C:\Program Files\FreeCommander\FreeCommander.exe C:\WINDOWS\system32\cmd.exe C:\Windows\notepad.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NGClient] C:\Program Files\SYMANTEC\Ghost\ngctw32.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Unknown owner - C:\Program Files\Symantec AntiVirus\DefWatch.exe (file missing) O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: Symantec AntiVirus - Unknown owner - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 13414 bytes
  16. erictus

    rapport

    erictus a répondu à un(e) sujet de erictus dans Analyses et éradication malwares

    salut merci j'ai fixé ces lignes est-ce tout en fait je n'utilise pas symantec mais avast car plus performant pour les améliorations de vista merci du tuyau amicalement érictus voici un nouveau log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:53:19, on 23/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\WINDOWS\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\sttray.exe C:\Program Files\Apoint\HidFind.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Windows\System32\rundll32.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Windows\System32\ctfmon.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Fast Launcher\fl.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NGClient] C:\Program Files\SYMANTEC\Ghost\ngctw32.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www-307.ibm.com/pc/support/access/a...ntent/AcpIR.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Unknown owner - C:\Program Files\Symantec AntiVirus\DefWatch.exe (file missing) O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: Symantec AntiVirus - Unknown owner - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 14780 bytes
  17. erictus
    bonjour suis nouveau sur le forum j'ai plein de pubs dans firefox voici le rapport HijackThis merci pour votre aide Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:41:07, on 23/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\WINDOWS\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\AcroTray.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\Spamihilator\spamihilator.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Fast Launcher\fl.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\PDFCreator\PDFCreator.exe C:\Program Files\allchars\AllChars.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Apoint\Apntex.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\HijackThis\HijackThis.exe C:\Program Files\Spyware Terminator\SpywareTerminator.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [NGClient] C:\Program Files\SYMANTEC\Ghost\ngctw32.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [FastLauncher] C:\Program Files\Fast Launcher\fl.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: AllChars.exe - Raccourci.lnk = C:\Program Files\allchars\AllChars.exe O4 - Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe O13 - Gopher Prefix: O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://update.microsoft.com/windowsupdate/...b?1152024248609 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab O16 - DPF: {76E5AF9D-2B3E-4FEB-A31F-A9E63A27FA29} (IASRunner Class) - https://www-307.ibm.com/pc/support/access/a...ntent/AcpIR.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Unknown owner - C:\Program Files\Symantec AntiVirus\DefWatch.exe (file missing) O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec Ghost Client Agent (NGClient) - Symantec Corporation - C:\Program Files\SYMANTEC\Ghost\NGCTW32.EXE O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: SAVRoam (SavRoam) - Unknown owner - C:\Program Files\Symantec AntiVirus\SavRoam.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: Symantec AntiVirus - Unknown owner - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 15604 bytes
×
×
  • Créer...