Aller au contenu

Jds17

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

Jds17's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Jds17
    Merci encore de ta gentillesse, de ton efficacité, et de la rapidité de tes réponses !!!! Continue comme ça ! :P
  2. Jds17
    Bah là je n'ai aucun problème donc je pense qu'il n'y a plus rien. Aucun message d'erreur, rien. Youpi quoi ! ^^ Merci merci !!!
  3. Jds17
    Voilà ! ############################## | Usbfix 7.004 | [suppression] Utilisateur: Jds (Administrateur) # PC-DE-JDS [sAMSUNG ELECTRONICS CO., LTD. R610] Mis à jour le 04/06/10 par El Desaparecido / C_XX Lancé à 21:03:36 | 05/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel® Pentium® Dual CPU T3400 @ 2.16GHz CPU 2: Intel® Pentium® Dual CPU T3400 @ 2.16GHz Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: Désactivé /!\ RAM -> 3066 Mo C:\ (%systemdrive%) -> Disque fixe # 144 Go (85 Go libre(s) - 59%) [] # NTFS D:\ -> Disque fixe # 144 Go (144 Go libre(s) - 100%) [] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 248 Mo (211 Mo libre(s) - 85%) [] # FAT G:\ -> Disque amovible # 2 Go (1 Go libre(s) - 60%) [] # FAT H:\ -> Disque amovible # 6 Mo (2 Mo libre(s) - 27%) [] # FAT I:\ -> Disque amovible # 12 Mo (2 Mo libre(s) - 16%) [PMBPORTABLE] # FAT ################## | Éléments infectieux | Non supprimé ! E:\Autorun.inf Supprimé! I:\Autorun.inf Non supprimé ! C:\$Recycle.Bin\S-1-5-21-2118851456-106252433-1877113301-1003 Non supprimé ! C:\$Recycle.Bin\S-1-5-21-2118851456-106252433-1877113301-500 Non supprimé ! C:\$Recycle.Bin\S-1-5-21-301917559-2911944848-2338431748-500 Non supprimé ! D:\$Recycle.Bin\S-1-5-21-2118851456-106252433-1877113301-1003 ################## | Registre | ################## | Mountpoints2 | ################## | Listing | [22/03/2009 - 15:41:36 | SHD ] C:\$Recycle.Bin [05/06/2010 - 00:59:32 | D ] C:\Ad-Remover [05/06/2010 - 00:59:46 | A | 5672] C:\Ad-Report-CLEAN[1].txt [05/06/2010 - 00:55:08 | A | 5352] C:\Ad-Report-SCAN[1].txt [18/09/2006 - 23:43:36 | A | 24] C:\autoexec.bat [05/06/2010 - 21:00:48 | RASHD ] C:\Autorun.inf [08/02/2008 - 11:31:20 | SHD ] C:\Boot [21/01/2008 - 04:24:42 | RASH | 333203] C:\bootmgr [08/02/2008 - 11:31:21 | RAS | 8192] C:\BOOTSECT.BAK [18/09/2006 - 23:43:37 | A | 10] C:\config.sys [02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings [05/06/2010 - 20:44:57 | ASH | 3215572992] C:\hiberfil.sys [08/09/2008 - 04:02:30 | D ] C:\Intel [15/01/2009 - 07:41:16 | RASH | 0] C:\IO.SYS [08/09/2008 - 04:08:19 | RA | 352] C:\Marvell0.log [15/01/2009 - 07:41:16 | RASH | 0] C:\MSDOS.SYS [08/09/2008 - 04:24:10 | RHD ] C:\MSOCache [28/07/2009 - 18:09:47 | D ] C:\NVIDIA [05/06/2010 - 20:44:56 | ASH | 3529375744] C:\pagefile.sys [21/01/2008 - 04:32:31 | D ] C:\PerfLogs [05/06/2010 - 03:41:49 | RD ] C:\Program Files [05/06/2010 - 01:24:52 | HD ] C:\ProgramData [08/09/2008 - 04:07:17 | A | 366] C:\RHDSetup.log [22/03/2009 - 15:40:10 | A | 86] C:\Setup.log [05/06/2010 - 03:00:40 | SHD ] C:\System Volume Information [05/06/2010 - 04:06:12 | A | 93056] C:\ugtdapob.sys [05/06/2010 - 21:03:50 | D ] C:\UsbFix [05/06/2010 - 21:05:10 | A | 2932] C:\Usbfix.txt [05/06/2010 - 21:00:50 | A | 5874] C:\UsbFix_Upload_Me_PC-DE-JDS.zip [22/03/2009 - 15:39:19 | RD ] C:\Users [05/06/2010 - 20:45:45 | D ] C:\Windows [05/06/2010 - 03:49:35 | D ] C:\_OTM [22/03/2009 - 15:57:52 | SHD ] D:\$RECYCLE.BIN [05/06/2010 - 21:00:48 | RASHD ] D:\Autorun.inf [07/11/2007 - 09:00:40 | A | 17734] D:\eula.1028.txt [07/11/2007 - 09:00:40 | A | 17734] D:\eula.1031.txt [07/11/2007 - 09:00:40 | A | 10134] D:\eula.1033.txt [07/11/2007 - 09:00:40 | A | 17734] D:\eula.1036.txt [07/11/2007 - 09:00:40 | A | 17734] D:\eula.1040.txt [07/11/2007 - 09:00:40 | A | 118] D:\eula.1041.txt [07/11/2007 - 09:00:40 | A | 17734] D:\eula.1042.txt [07/11/2007 - 09:00:40 | A | 17734] D:\eula.2052.txt [07/11/2007 - 09:00:40 | A | 17734] D:\eula.3082.txt [07/11/2007 - 09:00:40 | A | 1110] D:\globdata.ini [07/11/2007 - 09:03:18 | A | 562688] D:\install.exe [07/11/2007 - 09:00:40 | A | 843] D:\install.ini [07/11/2007 - 09:03:18 | A | 76304] D:\install.res.1028.dll [07/11/2007 - 09:03:18 | A | 96272] D:\install.res.1031.dll [07/11/2007 - 09:03:18 | A | 91152] D:\install.res.1033.dll [07/11/2007 - 09:03:18 | A | 97296] D:\install.res.1036.dll [07/11/2007 - 09:03:18 | A | 95248] D:\install.res.1040.dll [07/11/2007 - 09:03:18 | A | 81424] D:\install.res.1041.dll [07/11/2007 - 09:03:18 | A | 79888] D:\install.res.1042.dll [07/11/2007 - 09:03:18 | A | 75792] D:\install.res.2052.dll [07/11/2007 - 09:03:18 | A | 96272] D:\install.res.3082.dll [22/03/2009 - 15:57:22 | SHD ] D:\System Volume Information [07/11/2007 - 09:00:40 | A | 5686] D:\vcredist.bmp [07/11/2007 - 09:09:22 | A | 1442522] D:\VC_RED.cab [07/11/2007 - 09:12:28 | A | 232960] D:\VC_RED.MSI [29/05/2009 - 14:26:06 | D ] E:\Acrobat [05/05/2008 - 17:59:37 | R | 55] E:\Autorun.inf [29/05/2009 - 14:25:58 | D ] E:\DirectX [29/05/2009 - 14:25:59 | D ] E:\dotnet [29/05/2009 - 14:26:05 | D ] E:\Firewall [29/05/2009 - 14:25:58 | D ] E:\GameCenter [29/05/2009 - 14:26:18 | R | 304472] E:\Launcher.exe [29/05/2009 - 14:25:56 | D ] E:\LauncherData [29/05/2009 - 14:29:48 | R | 880416768] E:\Setup-PCM2009-1.bin [29/05/2009 - 14:38:09 | R | 1440928] E:\Setup-PCM2009.exe [29/05/2009 - 14:31:42 | R | 881852416] E:\Setup-PCM2009-2.bin [29/05/2009 - 14:33:11 | R | 881852416] E:\Setup-PCM2009-3.bin [29/05/2009 - 14:34:50 | R | 881852416] E:\Setup-PCM2009-4.bin [29/05/2009 - 14:38:05 | R | 750790515] E:\Setup-PCM2009-5.bin [29/05/2009 - 14:25:55 | D ] E:\Specific [29/05/2009 - 14:25:59 | D ] E:\vcredist [10/05/2010 - 20:15:58 | A | 20060] F:\Bloc Opératoire.odt [13/05/2010 - 16:03:42 | A | 29321] F:\BNST00.ods [18/05/2010 - 10:56:38 | AH | 4096] F:\._.Trashes [18/05/2010 - 10:56:38 | HD ] F:\.Trashes [05/06/2010 - 21:00:50 | RASHD ] F:\Autorun.inf [18/05/2010 - 10:56:38 | HD ] F:\.Spotlight-V100 [20/05/2010 - 08:15:12 | A | 39556] F:\TMT_response.wmf [13/05/2010 - 15:58:40 | A | 3180234] F:\BNST003LESION1JDS.jpg [13/05/2010 - 16:50:08 | A | 2771789] F:\BNST003LESION2JDS.jpg [14/05/2010 - 11:05:36 | A | 3589844] F:\BNST004LESIONJDS.jpg [19/05/2010 - 17:11:58 | A | 30304] F:\TMT_response_zoom.wmf [05/05/2010 - 18:10:16 | A | 3766] F:\BNST002_05-04-10_log.txt [20/05/2010 - 11:27:32 | A | 1577] F:\BNST003_05-05-10_log.txt [10/05/2010 - 17:30:48 | A | 1755] F:\BNST004_05-07-10_log.txt [20/05/2010 - 11:30:08 | A | 3027] F:\BNST005_05-12-10_log.txt [20/05/2010 - 12:16:32 | A | 4062] F:\BNST006_05-18-10_log.txt [20/05/2010 - 13:26:46 | A | 3091] F:\BNST007_05-19-10_log.txt [20/05/2010 - 14:53:32 | A | 3673805] F:\BNST005LESIONJDS.jpg [24/05/2010 - 12:04:08 | A | 5435345] F:\BNST007LESION1-2.jpg [24/05/2010 - 11:32:54 | A | 7127938] F:\BNST006LESION1.jpg [24/05/2010 - 11:51:24 | A | 4126852] F:\BNST006LESION3.jpg [24/05/2010 - 11:36:40 | A | 6739003] F:\BNST006LESION2.jpg [27/05/2010 - 12:58:10 | A | 3245] F:\MEAC001_05-25-10_log.txt [27/05/2010 - 12:58:34 | A | 2478] F:\MEAC002_05-26-10_log.txt [01/06/2010 - 10:47:54 | A | 176601] F:\MEAC002LESION.jpg [01/06/2010 - 15:07:40 | A | 275490] F:\MEAC001LESION1.jpg [01/06/2010 - 15:10:10 | A | 151172] F:\MEAC001LESION1bis.jpg [01/06/2010 - 15:17:20 | A | 223526] F:\MEAC001LESION2and1.jpg [26/05/2010 - 05:59:30 | D ] G:\DCIM [01/01/2010 - 00:00:44 | RH | 0] H:\BLTINMEM.IND [01/01/2010 - 00:00:00 | AH | 9] H:\VOLUMEID.IND [26/05/2010 - 05:56:42 | D ] H:\DCIM [01/01/2000 - 01:14:00 | N | 137088] I:\PMBP_WIN.EXE [01/01/2010 - 00:00:00 | D ] I:\MACMODULE [22/10/2009 - 12:54:48 | D ] I:\PMBP_Mac.app [22/10/2009 - 12:54:48 | D ] I:\WINMODULE ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) I:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-JDS.zip http://chiquitine.changelog.fr/Sample/Upload.php Merci de votre contribution. ################## | E.O.F |
  4. Jds17
    Voilà c'est fait. Merci ! ############################## | Usbfix 7.004 | [Recherche] Utilisateur: Jds (Administrateur) # PC-DE-JDS [sAMSUNG ELECTRONICS CO., LTD. R610] Mis à jour le 04/06/10 par El Desaparecido / C_XX Lancé à 20:48:44 | 05/06/2010 Site Web: http://pagesperso-orange.fr/NosTools/index.html Contact: FindyKill.Contact@gmail.com CPU: Intel® Pentium® Dual CPU T3400 @ 2.16GHz CPU 2: Intel® Pentium® Dual CPU T3400 @ 2.16GHz Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: Désactivé /!\ RAM -> 3066 Mo C:\ (%systemdrive%) -> Disque fixe # 144 Go (85 Go libre(s) - 59%) [] # NTFS D:\ -> Disque fixe # 144 Go (144 Go libre(s) - 100%) [] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 248 Mo (211 Mo libre(s) - 85%) [] # FAT G:\ -> Disque amovible # 2 Go (1 Go libre(s) - 60%) [] # FAT H:\ -> Disque amovible # 6 Mo (2 Mo libre(s) - 27%) [] # FAT I:\ -> Disque amovible # 12 Mo (2 Mo libre(s) - 16%) [PMBPORTABLE] # FAT ################## | Éléments infectieux | Présent! E:\Autorun.inf Présent! C:\$Recycle.Bin\S-1-5-21-2118851456-106252433-1877113301-1003 Présent! C:\$Recycle.Bin\S-1-5-21-2118851456-106252433-1877113301-500 Présent! C:\$Recycle.Bin\S-1-5-21-301917559-2911944848-2338431748-500 Présent! D:\$Recycle.Bin\S-1-5-21-2118851456-106252433-1877113301-1003 ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{d55ce255-e2d0-11dd-b33f-806e6f6e6963} Shell\AutoRun\Command = E:\Launcher.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |
  5. Jds17
    Merci encore de ton aide précieuse ! L'ordi va déjà beaucoup mieux, il n'y a plus de pages internet explorer qui s'ouvrent, plus de Anti Malware Doctor ! Par contre j'ai peut-être mon Appareil photo et mon MP3 infectés, je n'avais pas les moyens de les brancher hier. Voilà le nouveau log HiJack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:13:54, on 05/06/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18444) Boot mode: Normal Running processes: c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Users\Jds\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- End of file - 7671 bytes
  6. Jds17
    J'ai eu du mal à faire tourner GMER Rootkit , j'ai eu 3 freezes du PC à chaque fois quelques secondes après l'éxécution du programme. Sur la dernière tentative j'ai eu le temps de faire "Save". Voilà le résultat: GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-06-05 04:24:59 Windows 6.0.6001 Service Pack 1 Running: utl8udjq.exe; Driver: C:\Users\Jds\AppData\Local\Temp\ugtdapob.sys ---- System - GMER 1.0.15 ---- Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateFile [0x8A59AC50] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateProcess [0x8A59AC7A] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8A59ACA2] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0x8A59AC64] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetContextThread [0x8A59AC3C] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetInformationProcess [0x8A59AC28] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8A59ACD1] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8A59ACB8] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0x8A59AC8E] Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtCreateFile Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection Code \SystemRoot\system32\drivers\mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetInformationProcess ---- EOF - GMER 1.0.15 ----
  7. Jds17
    Bonne nuit ! All processes killed Error: Unable to interpret <Go> in the current context! ========== FILES ========== c:\users\jds\appdata\roaming\cc0e03ffe3f92abd0952b5b9674df622\gotnewupdate000.exe moved successfully. c:\users\jds\appdata\roaming\CC0E03FFE3F92ABD0952B5B9674DF622 folder moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\gotnewupdate000.exe deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Jds ->Temp folder emptied: 33023 bytes ->Temporary Internet Files folder emptied: 995257 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 85671974 bytes ->Flash cache emptied: 1329 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1414732 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 84,00 mb OTM by OldTimer - Version 3.1.12.2 log created on 06052010_034935 Files moved on Reboot... File C:\Windows\temp\mcafee_96KYv2ousKuF3mM not found! File C:\Windows\temp\mcmsc_4mjWyyirOszTuo4 not found! File C:\Windows\temp\mcmsc_YmPDc7hqghILNNu not found! C:\Windows\temp\sqlite_5sGpuCYLb3QsL1m moved successfully. File C:\Windows\temp\sqlite_BcNK7IBQZ0tmYEN not found! File C:\Windows\temp\sqlite_BcUm2HhwT3tqdbb not found! File C:\Windows\temp\sqlite_hmDh8yw7pIGy1Bd not found! C:\Windows\temp\sqlite_ReE8DFOuomEkKJC moved successfully. C:\Windows\temp\sqlite_t345EZyE9p8YX85 moved successfully. File C:\Windows\temp\sqlite_xM9jCaqphXzSWfC not found! Registry entries deleted on Reboot...
  8. Jds17
    Et je pense que cette ligne du fichier log est carrément emmerdante: O4 - HKCU\..\Run: [gotnewupdate000.exe] C:\Users\Jds\AppData\Roaming\CC0E03FFE3F92ABD0952B5B9674DF622\gotnewupdate000.exe gotnewupdate000.exe j'ai déjà vu le nom quelquepart, je crois que c'est lié avec AntiMalware Doctor, un programme qui se lance à chaque fois que j'allume mon PC, qui est apparu y'a 2 jours en même temps que les pages internet explorer ont commencé à s'ouvrir. Pour le fermer je suis obligé de passer par le gestionnaire des tâches, et quand je le ferme ça me met gotnewupdate000.exe a cessé de fonctionner, windows recherche une solution au problème. Voilà, bonne soirée/nuit.
  9. Jds17
    Voilà j'ai fait l'analyse complète, en branchant ma clé USB, je m'y connais pas trop mais y'avais l'air d'y avoir des trucs pourris dessus. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4169 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 05/06/2010 03:02:15 mbam-log-2010-06-05 (03-02-15).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|) Elément(s) analysé(s): 249615 Temps écoulé: 1 heure(s), 32 minute(s), 12 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 6 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsfe8owijfisjhgs7ye39gjsoighsd7y3eu (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsfg9w8gujsokgahi8gysgnsdgefshyjy (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mcexecwin (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qzaib7kitk (Trojan.FakeAlert) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\ProgramData\Update\seupd.exe (Trojan.Clicker) -> Quarantined and deleted successfully. C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat (Trojan.Dropper) -> Delete on reboot. C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully. --------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:10:45, on 05/06/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18444) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\Taskmgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Users\Jds\Desktop\HiJackThis.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [gotnewupdate000.exe] C:\Users\Jds\AppData\Roaming\CC0E03FFE3F92ABD0952B5B9674DF622\gotnewupdate000.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- End of file - 8248 bytes Merci encore !
  10. Jds17
    J'me fais l'analyse et le log. Je posterai dés que c'est terminé. Merci
  11. Jds17
    Merci d'avoir répondu si vite ! J'ai tout fait et voilà les 2 rapports. . ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 19/05/10 à 19:20 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 00:51:55 le 05/06/2010 | Mode normal | Option: SCAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows Vista™ Édition Familiale Premium (Service Pack 1 - X86) Nom du PC: PC-DE-JDS (SAMSUNG ELECTRONICS CO., LTD. R610) Utilisateur actuel: Jds . ============== ÉLÉMENT(S) TROUVÉ(S) ============== . . C:\Program Files\AskBarDis C:\Program Files\Mozilla FireFox\Components\AskSearch.js C:\Users\Jds\AppData\Roaming\Mozilla\FireFox\Profiles\onrq6ibg.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} C:\Users\Jds\AppData\Roaming\Mozilla\FireFox\Profiles\onrq6ibg.default\searchplugins\ask.xml . HKCU\Software\AppDataLow\AskBarDis HKCU\Software\AskBarDis HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\Classes\AskIBar.PopSwatterBarButton HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 HKLM\Software\Classes\AskToolBar.SettingsPlugin HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f} HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2} HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E} HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60} HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf} HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98} . . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.0.19 (fr) * . C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.download.dir: C:\\Users\\Jds\\Downloads C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.download.lastDir: C:\\Users\\Jds\\Desktop C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.search.defaultenginename: Ask C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.search.selectedEngine: Ask C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/ C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.0.19 C:\Users\Jds\..\onrq6ibg.default\prefs.js - keyword.URL: hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q= . TROUVÉ: C:\Users\Jds\..\onrq6ibg.default\prefs.js - user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q={searchTerms}&crm=1"); TROUVÉ: C:\Users\Jds\..\onrq6ibg.default\prefs.js - user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q="); . * Internet Explorer Version 7.0.6001.18000 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.startpagey.com Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Show_ToolBar: yes Start Page: hxxp://www.google.fr/ Use Search Asst: no . [HKLM\Software\Microsoft\Internet Explorer\Main] . AutoHide: yes Default_Page_URL: hxxp://www.startpagey.com Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: %SystemRoot%\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://www.startpagey.com Use Search Asst: no . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ======================================== . C:\Ad-Remover\Quarantine: 0 Fichier(s) C:\Ad-Remover\Backup: 1 Fichier(s) . C:\Ad-Report-SCAN[1].txt - 5228 Octet(s) . Fin à: 00:55:08, 05/06/2010 . ============== E.O.F - SCAN[1] ============== . ======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 ======= . Mis à jour par C_XX le 19/05/10 à 19:20 Contact: AdRemover.contact@gmail.com Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html . Lancé à: 00:56:55 le 05/06/2010 | Mode normal | Option: CLEAN Exécuté de: C:\Ad-Remover\ADR.exe SE: Microsoft® Windows Vista™ Édition Familiale Premium (Service Pack 1 - X86) Nom du PC: PC-DE-JDS (SAMSUNG ELECTRONICS CO., LTD. R610) Utilisateur actuel: Jds . ============== ÉLÉMENT(S) NEUTRALISÉ(S) ============== . . C:\Program Files\AskBarDis C:\Program Files\Mozilla FireFox\Components\AskSearch.js C:\Users\Jds\AppData\Roaming\Mozilla\FireFox\Profiles\onrq6ibg.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} C:\Users\Jds\AppData\Roaming\Mozilla\FireFox\Profiles\onrq6ibg.default\searchplugins\ask.xml (!) -- Fichiers temporaires supprimés. . HKCU\Software\AppDataLow\AskBarDis HKCU\Software\AskBarDis HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\Classes\AskIBar.PopSwatterBarButton HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1 HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1 HKLM\Software\Classes\AskToolBar.SettingsPlugin HKLM\Software\Classes\AskToolBar.SettingsPlugin.1 HKLM\Software\Classes\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f} HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2} HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E} HKLM\Software\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60} HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf} HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b} HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362} HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA} HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9} HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742} HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150} HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2} HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98} HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98} . . ============== SCAN ADDITIONNEL ============== . * Mozilla FireFox Version 3.0.19 (fr) * . C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.download.dir: C:\\Users\\Jds\\Downloads C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.download.lastDir: C:\\Users\\Jds\\Desktop C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.search.defaultenginename: Ask C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.search.selectedEngine: Ask C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr/ C:\Users\Jds\..\onrq6ibg.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.0.19 C:\Users\Jds\..\onrq6ibg.default\prefs.js - keyword.URL: hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q= . EFFACÉ: C:\Users\Jds\..\onrq6ibg.default\prefs.js - user_pref("extensions.snipit.chromeURL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q={searchTerms}&crm=1"); EFFACÉ: C:\Users\Jds\..\onrq6ibg.default\prefs.js - user_pref("keyword.URL", "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101699&gct=&gc=1&q="); . * Internet Explorer Version 7.0.6001.18000 * . [HKCU\Software\Microsoft\Internet Explorer\Main] . Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no . [HKLM\Software\Microsoft\Internet Explorer\Main] . AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Enable Browser Extensions: yes Local Page: %SystemRoot%\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ Use Search Asst: no . [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] . Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm . ======================================== . C:\Ad-Remover\Quarantine: 23 Fichier(s) C:\Ad-Remover\Backup: 16 Fichier(s) . C:\Ad-Report-CLEAN[1].txt - 5504 Octet(s) C:\Ad-Report-SCAN[1].txt - 5352 Octet(s) . Fin à: 00:59:46, 05/06/2010 . ============== E.O.F - CLEAN[1] ============== Voilà. Merci d'avance !
  12. Jds17
    Bonjour, depuis 2 jours alors que je n'utilise que Firefox, j'ai des pages internet explorer vers des sites étrangers qui s'ouvrent. L'analyse antivirus complète n'ayant rien changée, j'ai fait une analyse avec HiJackThis. Quelqu'un peut-il m'aider à trouver s'il y a des lignes anormales ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:23:58, on 05/06/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18444) Boot mode: Normal Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Users\Jds\AppData\Local\Temp\Ng0.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\Taskmgr.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Jds\Downloads\HiJackThis.exe C:\Users\Jds\AppData\Local\Temp\Ng1.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpagey.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagey.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [gotnewupdate000.exe] C:\Users\Jds\AppData\Roaming\CC0E03FFE3F92ABD0952B5B9674DF622\gotnewupdate000.exe O4 - HKCU\..\Run: [M5T8QL3YW3] C:\Users\Jds\AppData\Local\Temp\Ng1.exe O4 - HKCU\..\Run: [mcexecwin] rundll32.exe C:\Users\Jds\AppData\Local\Temp\umneawm9db.dll, RestoreWindows O4 - HKCU\..\Run: [hsfe8owijfisjhgs7ye39gjsoighsd7y3eu] C:\Users\Jds\AppData\Local\Temp\idrvwsnjom.exe O4 - HKCU\..\Run: [hsfg9w8gujsokgahi8gysgnsdgefshyjy] C:\Users\Jds\AppData\Local\Temp\nvsvc32.exe O4 - HKCU\..\Run: [QZAIB7KITK] C:\Users\Jds\AppData\Local\Temp\Ng0.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- End of file - 9281 bytes Merci d'avance !
×
×
  • Créer...