Aller au contenu

marcod

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    21

  • Inscription

  • Dernière visite

Profile Information

  • Sexe
    Male
  • Localisation
    baie-comeau (québec)

Autres informations

  • Mes langues
    francais

marcod's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. marcod
    BONJOUR FALKRA VOICI LES INFO DEMANDER MERCI BREAUCOUP Logfile of random's system information tool 1.06 (written by random/random) Run by marco at 2009-11-02 21:13:24 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 88 GB (67%) free of 131 GB Total RAM: 991 MB (45% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:14:44, on 2009-11-02 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\Program Files\TELUS\Agent de service\TQAS.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\iolo\System Mechanic\SMTrayNotify.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe C:\Program Files\TELUS\Trousse SecurWeb\RPS.exe C:\Program Files\TELUS\Agent de service\TQASComHandler.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\marco\Mes documents\RSIT.exe C:\Program Files\trend micro\marco.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\TELUS\Trousse SecurWeb\pkR.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [TQAS.exe] "C:\Program Files\TELUS\Agent de service\TQAS.exe" /AUTORUN O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Monopoly\Images\armhelper.ocx O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Google Update (gupdate1c9bfcbe60925b5) (gupdate1c9bfcbe60925b5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Trousse SécurWeb (Radialpoint Security Services) - TELUS Québec - C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe O23 - Service: Trousse SécurWeb SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe O23 - Service: Trousse SécurWeb Coupe-feu (RP_FWS) - TELUS Québec - C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 7295 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\A8F5066D918ABCAD.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\NSSstub.job C:\WINDOWS\tasks\User_Feed_Synchronization-{0CCD0638-E44B-4CBD-8E3D-1B07E8940BA1}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C060EA2-E6A9-4E49-A530-D4657B8C449A}] PopKill Class - C:\Program Files\TELUS\Trousse SecurWeb\pkR.dll [2009-06-02 55536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-20 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-22 762864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-20 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-20 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TQAS.exe"=C:\Program Files\TELUS\Agent de service\TQAS.exe [2009-05-12 2303216] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-20 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3] C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-08-09 190024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\French\setup.exe:*:Enabled:Programme d'installation de Kaspersky Internet Security 7.0" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager" "C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe" "C:\Nexon\Combat Arms\NMService.exe"="C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe" "C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bc27a71-bd94-11de-a024-004063c711c9}] shell\Auto\command - H:\autorunx.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorunx.exe ======List of files/folders created in the last 1 months====== 2009-11-02 21:13:25 ----D---- C:\Program Files\trend micro 2009-11-02 21:13:24 ----D---- C:\rsit 2009-10-20 11:50:23 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-10-20 11:47:23 ----D---- C:\Program Files\NOS 2009-10-20 11:47:23 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2009-10-12 20:16:04 ----A---- C:\WINDOWS\system32\Incinerator.dll 2009-10-12 20:16:04 ----A---- C:\WINDOWS\system32\IncContxMenu.dll 2009-10-12 20:15:59 ----A---- C:\WINDOWS\system32\smrgdf.exe 2009-10-12 20:15:59 ----A---- C:\WINDOWS\system32\iolobtdfg.exe 2009-10-12 20:15:55 ----D---- C:\Program Files\iolo 2009-10-12 20:14:32 ----A---- C:\WINDOWS\system32\mfc45.dll 2009-10-12 20:14:26 ----D---- C:\Documents and Settings\marco\Application Data\iolo 2009-10-12 20:14:26 ----D---- C:\Documents and Settings\All Users\Application Data\iolo ======List of files/folders modified in the last 1 months====== 2009-11-02 21:13:25 ----RD---- C:\Program Files 2009-11-02 20:58:40 ----D---- C:\WINDOWS\system32\CatRoot2 2009-11-02 20:46:48 ----D---- C:\WINDOWS\Temp 2009-11-02 18:31:40 ----D---- C:\WINDOWS\Prefetch 2009-11-01 23:29:15 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-11-01 23:18:18 ----A---- C:\WINDOWS\WORDPAD.INI 2009-10-31 16:00:52 ----A---- C:\WINDOWS\wininit.ini 2009-10-31 15:51:02 ----D---- C:\WINDOWS\system32 2009-10-30 22:33:01 ----SHD---- C:\Config.Msi 2009-10-30 22:20:50 ----D---- C:\WINDOWS 2009-10-30 15:09:39 ----D---- C:\Documents and Settings\marco\Application Data\LimeWire 2009-10-30 05:42:02 ----SHD---- C:\WINDOWS\Installer 2009-10-30 00:33:26 ----D---- C:\WINDOWS\system32\config 2009-10-26 11:26:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-24 15:29:56 ----SHD---- C:\RECYCLER 2009-10-20 11:50:22 ----D---- C:\Program Files\Google 2009-10-20 11:47:46 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-10-13 21:29:24 ----A---- C:\WINDOWS\system32\PnkBstrA.exe 2009-10-12 20:57:55 ----RD---- C:\WINDOWS\Offline Web Pages 2009-10-12 20:57:55 ----D---- C:\WINDOWS\CSC 2009-10-12 20:57:51 ----D---- C:\Documents and Settings\marco\Application Data\DNA 2009-10-12 20:57:42 ----SHD---- C:\found.000 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 KLIF;KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [2009-04-03 179984] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [] R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-18 3279] R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2008-08-28 71184] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 RPSKT;Security Services Driver (x86); C:\WINDOWS\system32\DRIVERS\rp_skt32.sys [2008-11-26 53192] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 RadialpointSafeConnectDriver;RadialpointSafeConnectDriver; \??\C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Driver\platform_XP\SafeConnectDriver.sys [] R3 RadialpointSafeConnectFilter;RadialpointSafeConnectFilter; \??\C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Driver\platform_XP\SafeConnectFilter.sys [] R3 RadialpointSafeConnectShim;RadialpointSafeConnectShim; \??\C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Driver\platform_XP\SafeConnectShim.sys [] R3 RPPKT;Radialpoint Filter (x86); C:\WINDOWS\system32\DRIVERS\rp_pkt32.sys [2008-08-06 48384] R3 S3SavageNB;S3SavageNB; C:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2002-07-24 59264] S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [] S2 npkcrypt;npkcrypt; \??\C:\Nexon\MapleStory\npkcrypt.sys [] S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-03 701440] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys [] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-02 47360] S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 V0080Dev;Creative Camera VF0080 Driver; C:\WINDOWS\system32\DRIVERS\V0080Dev.sys [2004-10-09 503507] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-03 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2009-10-20 659376] R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2009-10-20 659376] R2 PD91Agent;PD91Agent; C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-09-22 693512] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-10-13 66872] R2 RadialpointSafeConnectAgent;Trousse SécurWeb SafeConnectAgent; C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe [2008-11-14 4937752] R2 RP_FWS;Trousse SécurWeb Coupe-feu; C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe [2009-06-02 371440] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872] R3 PD91Engine;PD91Engine; C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-09-22 910600] R3 Radialpoint Security Services;Trousse SécurWeb; C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe [2009-06-02 170736] S2 gupdate1c9bfcbe60925b5;Service Google Update (gupdate1c9bfcbe60925b5); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-17 133104] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-20 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376] S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2005-01-24 69632] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880] -----------------EOF-----------------
  2. marcod
    bonjour falkra voici le rapportrsit info om's system information tool 1.06 2009-11-02 21:14:59 ======Uninstall list====== -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Agent de service TELUS 1.5.24-->"C:\Program Files\TELUS\Agent de service\unins000.exe" Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Correctif pour Windows XP (KB918997)-->"C:\WINDOWS\$NtUninstallKB918997$\spuninst\spuninst.exe" Creative WebCam Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x40c /remove Creative WebCam Live! Pro Driver (1.01.01.1011)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0080.uns -unsext NT -plugin V0080Pin.dll -pluginres V0080Pin.crl FindyKill-->C:\FindyKill\Uninstal.exe Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Icy Tower v1.3.1-->"c:\games\icytower1.3\unins000.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} iolo technologies' System Mechanic-->"C:\Program Files\iolo\System Mechanic\unins000.exe" iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Messenger Plus! 3 & Sponsor-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08} Nero - Burning Rom (Web installer)-->C:\WINDOWS\UNNERO.exe /UNINSTALL neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Network Stumbler 0.4.0 (remove only)-->"C:\Program Files\Network Stumbler\uninst.exe" OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14} PerfectDisk 2008-->MsiExec.exe /I{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613} QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} Rhapsody Player Engine-->MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9} RPS Burn-->MsiExec.exe /I{042B2CA5-C1D3-4EE4-9BB1-098CFCA1150B} RPS CRT-->MsiExec.exe /I{47225399-2FB8-495D-B201-2AA5BFD24EA9} RPS Diagnostic Utility-->MsiExec.exe /I{E7C5FF42-81CA-4B4E-81E3-B114FE4CD407} RPS Firewall-->MsiExec.exe /I{6FCD7623-649E-42FB-8CCE-BC8743457508} RPS Ksdk-->MsiExec.exe /I{F815B833-2ABF-4C03-BB99-53C2B3224486} RPS ParentalControl-->MsiExec.exe /I{DB39FFFC-7785-4395-98D0-062AF0781A17} RPS PerfectDiskStub-->MsiExec.exe /I{7FE9B563-CB0F-4566-A0DA-F342A6B513A6} RPS PopupBlocker-->MsiExec.exe /I{4997CF7A-DD8F-431F-A7A2-337882822D1D} RPS RpsCore-->MsiExec.exe /I{FE8F0104-AD66-474B-A3E4-702DC456CA6F} RPS SafeConnect-->MsiExec.exe /I{61517010-5427-4145-B28D-EB4C5CDF3E6E} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SonicStage 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Super Mario World-->"C:\Program Files\Super Mario World\unins000.exe" SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Trousse SécurWeb-->"C:\Program Files\InstallShield Installation Information\{BEE742D4-7762-4CD2-BF0D-9A57620F320D}\setup.exe" -runfromtemp -l0x040c -removeonly VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu" Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG Web Update Wizard Version 3.00-->"C:\WINDOWS\unins000.exe" Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Trousse SécurWeb Antivirus FW: Trousse SécurWeb Coupe-feu ======System event log====== Computer Name: MARCO-39C375154 Event Code: 7036 Message: Le service PD91Engine est entré dans l'état : en cours d'exécution. Record Number: 55104 Source Name: Service Control Manager Time Written: 20090909100810.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP. Record Number: 55103 Source Name: Service Control Manager Time Written: 20090909100809.000000-240 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: MARCO-39C375154 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant. Record Number: 55102 Source Name: Service Control Manager Time Written: 20090909100809.000000-240 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: MARCO-39C375154 Event Code: 7036 Message: Le service Téléphonie est entré dans l'état : en cours d'exécution. Record Number: 55101 Source Name: Service Control Manager Time Written: 20090909100809.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 7036 Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution. Record Number: 55100 Source Name: Service Control Manager Time Written: 20090909100808.000000-240 Event Type: Informations User: =====Application event log===== Computer Name: MARCO-39C375154 Event Code: 0 Message: Record Number: 5 Source Name: gupdate1c9bfcbe60925b5 Time Written: 20091007220115.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 4 Source Name: SecurityCenter Time Written: 20091007220049.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 0 Message: Record Number: 3 Source Name: SeaPort Time Written: 20091007220046.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 0 Message: Service started Record Number: 2 Source Name: PD91Agent Time Written: 20091007220044.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 0 Message: Record Number: 1 Source Name: gupdate1c9bfcbe60925b5 Time Written: 20091007220039.000000-240 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0103 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF----------------- merci beaucoup
  3. marcod
    bonjour falkra voici le rapportrsit info om's system information tool 1.06 2009-11-02 21:14:59 ======Uninstall list====== -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Agent de service TELUS 1.5.24-->"C:\Program Files\TELUS\Agent de service\unins000.exe" Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Correctif pour Windows XP (KB918997)-->"C:\WINDOWS\$NtUninstallKB918997$\spuninst\spuninst.exe" Creative WebCam Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{363435F2-7426-11D8-9966-00A0C9663221}\setup.exe" -l0x40c /remove Creative WebCam Live! Pro Driver (1.01.01.1011)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script VF0080.uns -unsext NT -plugin V0080Pin.dll -pluginres V0080Pin.crl FindyKill-->C:\FindyKill\Uninstal.exe Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Icy Tower v1.3.1-->"c:\games\icytower1.3\unins000.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} iolo technologies' System Mechanic-->"C:\Program Files\iolo\System Mechanic\unins000.exe" iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Messenger Plus! 3 & Sponsor-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08} Nero - Burning Rom (Web installer)-->C:\WINDOWS\UNNERO.exe /UNINSTALL neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Network Stumbler 0.4.0 (remove only)-->"C:\Program Files\Network Stumbler\uninst.exe" OpenOffice.org 2.4-->MsiExec.exe /I{A122962F-331A-4C2E-93DB-AD92D8A4FB14} PerfectDisk 2008-->MsiExec.exe /I{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613} QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} Rhapsody Player Engine-->MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9} RPS Burn-->MsiExec.exe /I{042B2CA5-C1D3-4EE4-9BB1-098CFCA1150B} RPS CRT-->MsiExec.exe /I{47225399-2FB8-495D-B201-2AA5BFD24EA9} RPS Diagnostic Utility-->MsiExec.exe /I{E7C5FF42-81CA-4B4E-81E3-B114FE4CD407} RPS Firewall-->MsiExec.exe /I{6FCD7623-649E-42FB-8CCE-BC8743457508} RPS Ksdk-->MsiExec.exe /I{F815B833-2ABF-4C03-BB99-53C2B3224486} RPS ParentalControl-->MsiExec.exe /I{DB39FFFC-7785-4395-98D0-062AF0781A17} RPS PerfectDiskStub-->MsiExec.exe /I{7FE9B563-CB0F-4566-A0DA-F342A6B513A6} RPS PopupBlocker-->MsiExec.exe /I{4997CF7A-DD8F-431F-A7A2-337882822D1D} RPS RpsCore-->MsiExec.exe /I{FE8F0104-AD66-474B-A3E4-702DC456CA6F} RPS SafeConnect-->MsiExec.exe /I{61517010-5427-4145-B28D-EB4C5CDF3E6E} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SonicStage 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Super Mario World-->"C:\Program Files\Super Mario World\unins000.exe" SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Trousse SécurWeb-->"C:\Program Files\InstallShield Installation Information\{BEE742D4-7762-4CD2-BF0D-9A57620F320D}\setup.exe" -runfromtemp -l0x040c -removeonly VIA Audio Driver Setup Program-->RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -f"C:\PROGRA~1\VIATEC~1\VIAAUD~1/Uninst.isu" Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG Web Update Wizard Version 3.00-->"C:\WINDOWS\unins000.exe" Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Trousse SécurWeb Antivirus FW: Trousse SécurWeb Coupe-feu ======System event log====== Computer Name: MARCO-39C375154 Event Code: 7036 Message: Le service PD91Engine est entré dans l'état : en cours d'exécution. Record Number: 55104 Source Name: Service Control Manager Time Written: 20090909100810.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP. Record Number: 55103 Source Name: Service Control Manager Time Written: 20090909100809.000000-240 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: MARCO-39C375154 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant. Record Number: 55102 Source Name: Service Control Manager Time Written: 20090909100809.000000-240 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: MARCO-39C375154 Event Code: 7036 Message: Le service Téléphonie est entré dans l'état : en cours d'exécution. Record Number: 55101 Source Name: Service Control Manager Time Written: 20090909100809.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 7036 Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution. Record Number: 55100 Source Name: Service Control Manager Time Written: 20090909100808.000000-240 Event Type: Informations User: =====Application event log===== Computer Name: MARCO-39C375154 Event Code: 0 Message: Record Number: 5 Source Name: gupdate1c9bfcbe60925b5 Time Written: 20091007220115.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 4 Source Name: SecurityCenter Time Written: 20091007220049.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 0 Message: Record Number: 3 Source Name: SeaPort Time Written: 20091007220046.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 0 Message: Service started Record Number: 2 Source Name: PD91Agent Time Written: 20091007220044.000000-240 Event Type: Informations User: Computer Name: MARCO-39C375154 Event Code: 0 Message: Record Number: 1 Source Name: gupdate1c9bfcbe60925b5 Time Written: 20091007220039.000000-240 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Smart Projects\IsoBuster "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 1 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0103 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip -----------------EOF-----------------
  4. marcod
    bonjour falkra j'ai suivi ton conseil j'ai insaller malwarabytes et il na rien trouver lorsque je ouvre internet explorrer 1 a 2 minute avant que un message me dise un programme de votre ordinateur a corrompu le parametre de votre moteur de recherche par default internet explorer a reinitialiser le parametre de votre moteur de recherche d'origine www google.com et il prend toujour un temps énorme a effetuer son travail pour voyger d'un programma a un autre merci bonne journéé
  5. marcod
    bonjour falkra j'ai deja essayer la désinfection mais aucun succes que faire merci
  6. marcod
  7. marcod
    bonjour a vous tous j'ai un probleme de lenteur pas seulement sur internet mais généraliser et aussi lors de l'ouverture de internet mon moteur de recherche et google mais il y a un message qui apparais qui me dit que un programme a changer mon moteur de recherche voici mon hijack this, merci de prendre le temps de trouver la solution a mon problemeLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:11:53, on 2009-09-16 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TELUS\Agent de service\TQAS.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\TELUS\Trousse SecurWeb\RPS.exe C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe C:\Program Files\TELUS\Agent de service\TQASComHandler.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\TELUS\Trousse SecurWeb\pkR.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [TQAS.exe] "C:\Program Files\TELUS\Agent de service\TQAS.exe" /AUTORUN O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'marie-eve') O4 - S-1-5-21-602162358-854245398-1060284298-1004 Startup: OpenOffice.org 2.4.lnk.disabled (User 'marie-eve') O4 - S-1-5-21-602162358-854245398-1060284298-1004 User Startup: OpenOffice.org 2.4.lnk.disabled (User 'marie-eve') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Monopoly\Images\armhelper.ocx O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Google Update (gupdate1c9bfcbe60925b5) (gupdate1c9bfcbe60925b5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: npkcmsvc - Unknown owner - C:\Nexon\MapleStory\npkcmsvc.exe (file missing) O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Trousse SécurWeb (Radialpoint Security Services) - TELUS Québec - C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe O23 - Service: Trousse SécurWeb SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe O23 - Service: Trousse SécurWeb Coupe-feu (RP_FWS) - TELUS Québec - C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 6861 bytes
  8. marcod
    voici le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:47:13, on 2009-08-11 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TELUS\Trousse SecurWeb\rps.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe C:\Program Files\TELUS\Agent de service\TQASComHandler.exe C:\Program Files\TELUS\Agent de service\TQAS.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\TELUS\Trousse SecurWeb\pkR.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [TQAS.exe] "C:\Program Files\TELUS\Agent de service\TQAS.exe" /AUTORUN O4 - HKLM\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" O4 - HKLM\..\RunOnce: [uninstall Adobe Download Manager] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1noarp O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Monopoly\Images\armhelper.ocx O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Service Google Update (gupdate1c9bfcbe60925b5) (gupdate1c9bfcbe60925b5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: npkcmsvc - Unknown owner - C:\Nexon\MapleStory\npkcmsvc.exe (file missing) O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Trousse SécurWeb (Radialpoint Security Services) - TELUS Québec - C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAwareR.exe O23 - Service: Trousse SécurWeb SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\TELUS\Trousse SecurWeb\SafeConnect\Bin\SanaAgent.exe O23 - Service: Trousse SécurWeb Coupe-feu (RP_FWS) - TELUS Québec - C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 8084 bytes merci
  9. marcod
    bonjour a vous tous j'ai un probleme de lenteur sur internet et mon moteur de recherche me dit qui il y un programme qui roule derriere et qui change ma page de demarrage merci a votre équipe
  10. marcod

    PC RALENTI

    marcod a répondu à un(e) sujet de marcod dans Analyses et éradication malwares

    Merci pour les trucs et bonne journée
  11. marcod

    PC RALENTI

    marcod a répondu à un(e) sujet de marcod dans Analyses et éradication malwares

  12. marcod

    PC RALENTI

    marcod a répondu à un(e) sujet de marcod dans Analyses et éradication malwares

    Bonjour apollo J'ai fait ce que tu ma demander cocher dans Hijackthis les lignes demander et puis j'ai installer mbam je t'envoie mon Hijackthis apres mon reeboot ca ,ma l'air correct merci bonne journée Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:44:01, on 2009-04-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TELUS\Service Agent\TQSWA.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TELUS\Trousse SecurWeb\rpsupdaterR.exe C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAware.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\TELUS\Service Agent\TQSWAComHandler.exe C:\Program Files\TELUS\Trousse SecurWeb\RPS.exe C:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\TELUS\Trousse SecurWeb\pkR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O4 - HKLM\..\Run: [TQSWA.exe] "C:\Program Files\TELUS\Service Agent\TQSWA.exe" /AUTORUN O4 - HKLM\..\Run: [Trousse SécurWeb] "C:\Program Files\TELUS\Trousse SecurWeb\Rps.exe" O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\TELUS\Trousse SecurWeb\ZkRunOnceR.exe" O4 - HKLM\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe O4 - HKCU\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'marie-eve') O4 - HKUS\S-1-5-21-602162358-854245398-1060284298-1004\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" (User 'marie-eve') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Monopoly\Images\armhelper.ocx O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe O23 - Service: Service Google Update (gupdate1c9bfcbe60925b5) (gupdate1c9bfcbe60925b5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe O23 - Service: npkcmsvc - Unknown owner - C:\Nexon\MapleStory\npkcmsvc.exe (file missing) O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Trousse SécurWeb (Radialpoint Security Services) - Radialpoint Inc. - C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAware.exe O23 - Service: Trousse SécurWeb - Service de mise à jour (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\TELUS\Trousse SecurWeb\rpsupdaterR.exe O23 - Service: Trousse SécurWeb Coupe-feu (RP_FWS) - TELUS - C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 7216 bytes
  13. marcod

    PC RALENTI

    marcod a répondu à un(e) sujet de marcod dans Analyses et éradication malwares

    EN PASSANT MERCI BEAUCOUP DE PRENDRE DE TON TEMPS POUR POUVOIR M' AIDER DANS MA DÉMARCHE DE ESSAYER DE REMETTRE MON PC EN MARCHE
  14. marcod

    PC RALENTI

    marcod a répondu à un(e) sujet de marcod dans Analyses et éradication malwares

    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:27:22, on 2009-04-19 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\TELUS\Service Agent\TQSWA.exe C:\Program Files\TELUS\Trousse SecurWeb\Rps.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\TELUS\Service Agent\TQSWAComHandler.exe C:\Program Files\TELUS\Trousse SecurWeb\rpsupdaterR.exe C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAware.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\TELUS\Trousse SecurWeb\pkR.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - {f592709f-ff4a-4862-b659-4afabda56312} - (no file) O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TQSWA.exe] "C:\Program Files\TELUS\Service Agent\TQSWA.exe" /AUTORUN O4 - HKLM\..\Run: [Trousse SécurWeb] "C:\Program Files\TELUS\Trousse SecurWeb\Rps.exe" O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\TELUS\Trousse SecurWeb\ZkRunOnceR.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Pjojetuwefokibof] rundll32.exe "C:\WINDOWS\iravagifobawutil.dll",e O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe -h O4 - HKCU\..\Run: [QUAD Scheduler] C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe O4 - HKCU\..\RunOnce: [indexCleaner] "C:\Program Files\TELUS\Trousse SecurWeb\IdxClnR.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file://C:\Program Files\Monopoly\Images\stg_drm.ocx O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} (Java Plug-in 1.6.0_04) - O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Monopoly\Images\armhelper.ocx O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Fichiers communs\Authentium\AntiVirus\dvpapi.exe O23 - Service: Service Google Update (gupdate1c9bfcbe60925b5) (gupdate1c9bfcbe60925b5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe O23 - Service: npkcmsvc - Unknown owner - C:\Nexon\MapleStory\npkcmsvc.exe (file missing) O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Trousse SécurWeb (Radialpoint Security Services) - Radialpoint Inc. - C:\Program Files\TELUS\Trousse SecurWeb\RpsSecurityAware.exe O23 - Service: Trousse SécurWeb - Service de mise à jour (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\TELUS\Trousse SecurWeb\rpsupdaterR.exe O23 - Service: Trousse SécurWeb Coupe-feu (RP_FWS) - TELUS - C:\Program Files\TELUS\Trousse SecurWeb\Fws.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe -- End of file - 8246 bytes
  15. marcod
    internet prend beaucoup de temps pour ouvrir
×
×
  • Créer...