Aller au contenu

pamposh

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    32

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par pamposh

  1. pamposh
    Le grand menage a commence, et voici le log Hijackthis d'un des pc, qui lui aussi nous affiche Internet Exploiter. De plus il y a un ***ain de message qui apparait lors du demarrage concernant un fichier inexistant. Lorsque j'avais vu ca, "notre cher et tendre ingenieur" m'avait dit que ce n'etait pas grave et que l'on ne pouvait rien y faire , mais du coup je pense que peut-etre Hijackthi peut me regler l'affaire si je coche la case F3 Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 7:51:37 PM, on 3/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\tlntsvr.exe C:\WINDOWS\System32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Creative\Shared Files\CamTray.exe C:\Program Files\Software Informer\softinfo.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Exploiter R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\WINDOWS\system32\KHATRA.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing) O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\iMesh MediaBar\iMeshIEHelper.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Search - ?p=ZU O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.co.in/s/v/57.11/uploader2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - https://vbv.samsungcard.co.kr/XecureObject/.../xw_install.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} (GoToMeeting/GoToWebinar Web Starter) - https://www1.gotomeeting.com/default/applets/g2mdlax.cab O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} (BankPayEFTCtrl Control) - https://www.jinair.com/Script/BankPayEFT.cab O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://mail.daum.net/hanmail-ax/DaumActive...cab?ver=2,0,0,5 O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://www.jinair.com/Script/npkcx_vista.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 10487 bytes Si tu y croises des trucs pas clairs, fais moi signe, car je sens pour ce pc, que "notre et tendre ingenieur" nous cache des trucs sur ce pc. Desolee d'abuser de tes talents, mais ca m'est d'une aide incomparable...
  2. pamposh
    Bonjour, Bon ben ca sent le grand menage de printemps chez les pc... Le malade se porte bien, et semble retablit. Du coup j'ai jete un coup d'oeil aux 4 autres, je les utilise rarement, et encore moins avec IE, mais plutot avec firefox... Essentiel ici vu la vitesse de connexion que l'on a J'ai suivi la meme procedure que pour notre rescape, et un autre pc montrait des signes aigus de delire. IE s'ouvrait avec comme titre Internet Exploiter, elle est pas mal celle-la, non. Je suis sure que je ne l'aurai pas remarquer... J'aurai bien opte pour d'autres websearcher, mais les clients seraient completement paumes, j'ai Safari sur 2 machines, qui n'est jamais utilise. A part IE, il n'existe rien d'autre pour eux. Je ferme ma parenthese sur l'usage tres sommaire d'un pc par mes clients. J'ai fait des heures supp hier et aujourd'hui pour pouvoir charger le plus possible Antivir. Maintenant 3 pc en sont equipes. Il me reste a chercher le tombeau de ton defunt forum pour voir ce qu'il existe en Firewall sympa et efficace. Encore une fois merci beaucoup, tu m'as considerablement rendue la tache plus facile et mes clients plus satisfaits d'avoir a nouveau un pc qui fonctionne... MERCI
  3. pamposh
    Bonjour, Merci beaucoup pour tes precieux conseils. Je suis desolee de repondre si tard, mais ici la vitesse de connexion est assez aleatoire et le cybercafe tres populaire, du coup je n'arrivais pas a charger Antivir. C'est chose faite. Voici le log : Avira AntiVir Personal Report file date: Tuesday, March 09, 2010 11:19 Scanning for 1830646 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : HHH1 Version information: BUILD.DAT : 9.0.0.415 21609 Bytes 11/8/2009 10:00:00 AVSCAN.EXE : 9.0.3.10 466689 Bytes 10/13/2009 05:56:33 AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 05:28:24 LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 06:05:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 05:28:52 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 02:05:52 VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 05:33:26 VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 05:36:33 VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 05:37:13 VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 05:38:49 VBASE005.VDF : 7.10.4.204 2048 Bytes 3/5/2010 05:38:49 VBASE006.VDF : 7.10.4.205 2048 Bytes 3/5/2010 05:38:50 VBASE007.VDF : 7.10.4.206 2048 Bytes 3/5/2010 05:38:51 VBASE008.VDF : 7.10.4.207 2048 Bytes 3/5/2010 05:38:53 VBASE009.VDF : 7.10.4.208 2048 Bytes 3/5/2010 05:38:53 VBASE010.VDF : 7.10.4.209 2048 Bytes 3/5/2010 05:38:55 VBASE011.VDF : 7.10.4.210 2048 Bytes 3/5/2010 05:38:55 VBASE012.VDF : 7.10.4.211 2048 Bytes 3/5/2010 05:38:56 VBASE013.VDF : 7.10.4.242 153088 Bytes 3/8/2010 05:39:19 VBASE014.VDF : 7.10.4.243 2048 Bytes 3/8/2010 05:39:19 VBASE015.VDF : 7.10.4.244 2048 Bytes 3/8/2010 05:39:20 VBASE016.VDF : 7.10.4.245 2048 Bytes 3/8/2010 05:39:20 VBASE017.VDF : 7.10.4.246 2048 Bytes 3/8/2010 05:39:21 VBASE018.VDF : 7.10.4.247 2048 Bytes 3/8/2010 05:39:21 VBASE019.VDF : 7.10.4.248 2048 Bytes 3/8/2010 05:39:21 VBASE020.VDF : 7.10.4.249 2048 Bytes 3/8/2010 05:39:22 VBASE021.VDF : 7.10.4.250 2048 Bytes 3/8/2010 05:39:22 VBASE022.VDF : 7.10.4.251 2048 Bytes 3/8/2010 05:39:22 VBASE023.VDF : 7.10.4.252 2048 Bytes 3/8/2010 05:39:22 VBASE024.VDF : 7.10.4.253 2048 Bytes 3/8/2010 05:39:23 VBASE025.VDF : 7.10.4.254 2048 Bytes 3/8/2010 05:39:23 VBASE026.VDF : 7.10.4.255 2048 Bytes 3/8/2010 05:39:23 VBASE027.VDF : 7.10.5.0 2048 Bytes 3/8/2010 05:39:24 VBASE028.VDF : 7.10.5.1 2048 Bytes 3/8/2010 05:39:24 VBASE029.VDF : 7.10.5.2 2048 Bytes 3/8/2010 05:39:25 VBASE030.VDF : 7.10.5.3 2048 Bytes 3/8/2010 05:39:25 VBASE031.VDF : 7.10.5.5 16896 Bytes 3/8/2010 05:39:28 Engineversion : 8.2.1.180 AEVDF.DLL : 8.1.1.3 106868 Bytes 3/9/2010 05:44:48 AESCRIPT.DLL : 8.1.3.17 1032570 Bytes 3/9/2010 05:44:46 AESCN.DLL : 8.1.5.0 127347 Bytes 3/9/2010 05:43:08 AESBX.DLL : 8.1.2.0 254323 Bytes 3/9/2010 05:44:52 AERDL.DLL : 8.1.4.2 479602 Bytes 3/9/2010 05:42:24 AEPACK.DLL : 8.2.1.0 426356 Bytes 3/9/2010 05:41:54 AEOFFICE.DLL : 8.1.0.39 196987 Bytes 3/9/2010 05:41:43 AEHEUR.DLL : 8.1.1.7 2326902 Bytes 3/9/2010 05:41:37 AEHELP.DLL : 8.1.10.1 237942 Bytes 3/9/2010 05:39:57 AEGEN.DLL : 8.1.2.0 373107 Bytes 3/9/2010 05:39:51 AEEMU.DLL : 8.1.1.0 393587 Bytes 11/8/2009 02:08:26 AECORE.DLL : 8.1.12.2 188790 Bytes 3/9/2010 05:39:36 AEBB.DLL : 8.1.0.3 53618 Bytes 11/8/2009 02:08:20 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 03:17:59 AVPREF.DLL : 9.0.3.0 44289 Bytes 8/26/2009 09:44:02 AVREP.DLL : 8.0.0.7 159784 Bytes 3/9/2010 05:44:55 AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 05:02:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 09:35:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 05:07:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 09:33:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 02:51:33 NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 05:02:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 10:09:58 RCTEXT.DLL : 9.0.73.0 86785 Bytes 10/13/2009 06:55:47 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR, Start of the scan: Tuesday, March 09, 2010 11:19 Starting search for hidden objects. '32358' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'hprblog.exe' - '1' Module(s) have been scanned Scan process 'hpqste08.exe' - '1' Module(s) have been scanned Scan process 'ONENOTEM.EXE' - '1' Module(s) have been scanned Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned Scan process 'soundman.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'igfxtray.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned Scan process 'jqs.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 35 processes with 35 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '59' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\Documents and Settings\HHH5\Local Settings\Temp\22.tmp [DETECTION] Is the TR/FraudP.anmu.2992 Trojan C:\Documents and Settings\HHH5\Local Settings\Temp\Temporary Directory 1 for UPS_invoice_Nr515[1].zip\UPS_invoice_Nr515.exe [DETECTION] Is the TR/Spy.ZBot.aflz Trojan C:\System Volume Information\_restore{03C0FBDF-3115-4939-BB3C-A5BBEB18FB50}\RP63\A0012916.vbs [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus C:\WINDOWS\system32\CleanVirus.vbs [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus Begin scan in 'D:\' Beginning disinfection: C:\Documents and Settings\HHH5\Local Settings\Temp\22.tmp [DETECTION] Is the TR/FraudP.anmu.2992 Trojan [NOTE] The file was moved to '4bc3ea38.qua'! C:\Documents and Settings\HHH5\Local Settings\Temp\Temporary Directory 1 for UPS_invoice_Nr515[1].zip\UPS_invoice_Nr515.exe [DETECTION] Is the TR/Spy.ZBot.aflz Trojan [NOTE] The file was moved to '4be8ea56.qua'! C:\System Volume Information\_restore{03C0FBDF-3115-4939-BB3C-A5BBEB18FB50}\RP63\A0012916.vbs [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus [NOTE] The file was moved to '4bc5ea37.qua'! C:\WINDOWS\system32\CleanVirus.vbs [DETECTION] Contains recognition pattern of the HTML/Rce.Gen HTML script virus [NOTE] The file was moved to '4bfaea73.qua'! End of the scan: Tuesday, March 09, 2010 11:56 Used time: 36:11 Minute(s) The scan has been done completely. 3076 Scanned directories 150318 Files were scanned 4 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 4 Files were moved to quarantine 0 Files were renamed 1 Files cannot be scanned 150313 Files not concerned 1139 Archives were scanned 1 Warnings 5 Notes 32358 Objects were scanned with rootkit scan 0 Hidden objects were found Pour ce qui concerne la petite liste des outils essentiels: 1 antivirus : j'ai donc maintenant 2 pc equipes d'Antivir et les 3 autres sont encore sous Avast (ainsi que mon portable perso) 1 firewall: pour le moment tous les pc sont sous le firewall de Windows (est-ce suffisant??? ) 1 antimalware/spyware : tous les pc ont MBAM. De plus j'ai charge Spybot Search&Destroy. Est-ce suffisant, pour avoir le moins de problemes possibles ?? Je vais me pencher un peu plus sur les liens que tu m'as fait suivre sur ton post. (USBFIX, proteger son pc gratuitement, etc...)
  4. pamposh
    Il est vrai que je ne suis pas super satisfaite par Avast. Depuis quelques semaines j'ai recupere pas mal de trucs pas tre sympas, mais sans complications. Pour resumer en quelques mots ma vie, je suis expatriee en Inde, ou je gere un cyber cafe depuis 2 ans, et ici, malgre le niveau (soit disant) d\en infromatique, les professionnels a qui j'ai rencontre, ne m'ont fait que du bricolage a l'indienne ... J'ai donc 5 pc a gerer, plus mon portable J'ai longtemps hesite entre Avast, AVG et Antivir, mais la je vais donc opte pour Antivir, qui semble plus efficace ces temps-ci, d'apres ce que j'ai pu lire a droite et a gauche. En tout cas merci pour les conseils, J'ai peur d'en demander trop, mais a ton avis quel serait les essentiels a avoir sur les pc, pour faire front encas de probleme... Je suis toujours preneuse de ce genre de tuyaux
  5. pamposh
    A la suite du scan et du log Hijackthis que je viens d'envoyer dans mon premier post. J'ai tente un ultime fix de ce ****ing "R1 HKCU fusion|ace" etc... J'ai de suite ouvert IE, et quelle surprise, d'1 c'etait plus rapide et de 2 fuison|ace entreprise... a disparu. Alleluya, enfin, je reste vigilante, Merci Apollo
  6. pamposh
    bonjour, Merci Apollo pour les conseils, j'ai tout suivi a la lettre, mais toujours rien de change quant a la apge d'acceuil IE. MBAM n'a rien detecte. Retour a la case depart. Comme demande voici le log MBAM apres le long scan et le log Hijakthis que je viens de faire. Le meme "R1 HKCU\software\microsoft\intrnet Explorer\main,window title fusion|ace entreprises-internet explorer" apparait toujours. Si tu as d'autres conseils, je suis preneuse... LOG MBAM : Malwarebytes' Anti-Malware 1.44 Database version: 3828 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/6/2010 1:49:10 PM mbam-log-2010-03-06 (13-49-10).txt Scan type: Full Scan (C:\|D:\|F:\|) Objects scanned: 148374 Time elapsed: 42 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) LOG HIJACKTHIS : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:11:16 PM, on 3/6/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.in/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Fusion|Ace Enterprises-Internet Explorer O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6392 bytes
  7. pamposh
    Bonjour du bout du monde, Novice sur ce forum, j'espere deposer mon post a la bonne rubrique et je suis desolee, je n'ai pas pu prendre le temps de lire tous les sujets et les posts pour voir si il y avait eventuellement le reponse a mon lourd probleme... Depuis quelques jours, la page d'acceuil d'IE souvre avce pour titre fusion|Ace-Entreprises Internet Explorer et plante regulierement. J'ai utilise Hijackthis, j'ai repere dans le log ce qui ne collait pas et essaye de le fixer, mais fusion|ace reprend toujour le dessus. Je ne fais peut-etre pas les bonnes manips... Merci de me depanner Voici le log que ja'i obtenu avec Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:06:16 PM, on 3/5/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscript.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Fusion|Ace Enterprises-Internet Explorer F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\CleanVirus.vbs O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6465 bytes
×
×
  • Créer...