Sapidou
-
Compteur de contenus
13 -
Inscription
-
Dernière visite
Sapidou's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
salut Thanos, j'ai déactivé la plupart des modules que je ne jugeais pas indispensables mais dans la précipitation, il ne m'était pas venu à l'esprit de retenir leurs noms.
-
Salut, Comme l'a si bien signalé JulesetVince31 dans son post, il 'sagissait d'un module complémentaire de FireFox qui provoquait la redirection. Encore merci à Thanos d'avoir fait tout son possible pour m'aider.
-
Salut, Voici le rapport demandé FoxScan Version 1.1.1 Par Loup blanc - Zebulon.fr Scan lancé le 21/11/10 à 19:52 Microsoft Windows 7 Ultimate [version 6.1.7600] Mozilla Firefox version : 3.6.12 (fr) Dossier d'installation : C:\Program Files\Mozilla Firefox ================================================================================= ---------- Compte utilisateur : Invit‚ ================================================================================= Profil : default Dossier du profil : C:\Users\Invit‚\AppData\Roaming\mozilla\firefox\Profiles\pcgzt9k4.default\ //////////// Configuration \\\\\\\\\\\\\ ======= Profil : default ======= Mise à jour Firefox : Activé Mise à jour des modules complémentaires : Activé Mise à jour des moteurs de recherche : Activé Java : Activé Javascript : Activé Proxy : Pas de Proxy //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : default ======= La notification d'installation des modules complémentaires est activée Nom : Default Dossier : C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\ Etat : actif Nom : Skype extension Dossier : C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\ Etat : actif Nom : Java Console Dossier : C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ Etat : actif //////////// Plugins de recherche \\\\\\\\\\\\\ ======= Profil : default ======= Recherche dans "prefs.js" : browser.search.defaultenginename : browser.search.defaulturl : browser.search.selectedEngine : keyword.URL : keyword.enable : --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur ================================================================================= ---------- Compte utilisateur : Mohamed [session en cours] ================================================================================= Profil : default Dossier du profil : C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\ Pages de démarrage prefs.js : "http://google.fr/" //////////// Configuration \\\\\\\\\\\\\ ======= Profil : default ======= Mise à jour Firefox : Activé Mise à jour des modules complémentaires : Activé Mise à jour des moteurs de recherche : Activé Java : Activé Javascript : Activé Proxy : Pas de Proxy //////////// Modules complémentaires \\\\\\\\\\\\\ ======= Profil : default ======= La notification d'installation des modules complémentaires est activée Nom : z Dossier : C:\Program Files\Mozilla Firefox\extensions\{3d0f2817-b22b-4f8f-3691-b8107ffb5512}\ Etat : actif Nom : Default Dossier : C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\ Etat : actif Nom : Skype extension Dossier : C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\ Etat : Inactif Nom : Java Console Dossier : C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ Etat : actif Nom : Google Toolbar for Firefox Dossier : C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\ Etat : Inactif Nom : Softonic_France Toolbar Dossier : C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}\ Etat : Inactif Nom : Adblock Plus Dossier : C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\ Etat : actif //////////// Plugins de recherche \\\\\\\\\\\\\ ======= Profil : default ======= Recherche dans "prefs.js" : browser.search.defaultenginename : "Google" browser.search.defaulturl : browser.search.selectedEngine : keyword.URL : "http://search.myheritage.com/?orig=ds&q=" keyword.enable : User.js trouvé browser.search.defaultenginename : browser.search.defaulturl : browser.search.selectedEngine : keyword.URL : keyword.enable : --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\searchplugins\bing.xml Template : Bing C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\searchplugins\dictionary---referencecom.xml Template : http://dictionary.reference.com/browse/{searchTerms} C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\searchplugins\dictionary.xml Template : http://dictionary.reference.com/browse/{searchTerms} C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\searchplugins\rapidshare-filefinder.xml Template : http://www.google.com/cse C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\searchplugins\search-the-web.xml Template : Freecause C:\Users\Mohamed\AppData\Roaming\mozilla\firefox\Profiles\70mbwduj.default\searchplugins\torrentfinder.xml Template : http://www.google.com/cse ================================================================================= ---------- Section commune ================================================================================= //////////// DLL présentes dans C:\Program Files\Mozilla Firefox\components \\\\\\\\\\\\\ browserdirprovider.dll brwsrcmp.dll ------------------------------------------------------ //////////// Plugins de recherche \\\\\\\\\\\\\ --------- Moteurs de recherche trouvés ------------ + Formulaire de recherche configuré pour le moteur C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml Template : Amazon.fr: : Bienvenue C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml Template : {SEARCHTERMS} : Définition de {SEARCHTERMS} C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml Template : Toutes les catégories C:\Program Files\Mozilla Firefox\searchplugins\google.xml Template : Google C:\Program Files\Mozilla Firefox\searchplugins\MyHeritage.xml Template : MyHeritage.com Search C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml Template : http://fr.wikipedia.org/wiki/Special:Recherche C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml Template : Yahoo! Search - Recherche Web ------------------------------------------------------ //////////// Plugins configurés dans la Base de registre \\\\\\\\\\\\\ [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/FlashPlayer] "Description"="Adobe© Flash© Player 10.1 Plugin" "Vendor"="Adobe Systems Incorporated" "Path"="C:\Windows\system32\Macromed\Flash\NPSWF32.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@adobe.com/ShockwavePlayer] "Description"="Adobe Shockwave Player" "Vendor"="Adobe Systems Inc." "Path"="C:\Windows\system32\Adobe\Director\np32dsw.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Google.com/GoogleEarthPlugin] "Description"="Google Earth in your browser" "Vendor"="Google Inc." "Path"="C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@google.com/npPicasa3,version=3.0.0] "Description"="Picasa3 plugin" "Vendor"="Google, Inc." "Path"="D:\Programmes\Google\Picasa3\npPicasa3.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/GENUINE] "Path"="disabled" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@Microsoft.com/NpCtrl,version=1.0] "Description"="Ag Player Plugin" "Vendor"="Microsoft" "Path"="C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"="Office Authorization plug-in for NPAPI browsers" "Vendor"="Microsoft" "Path"="D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@microsoft.com/SharePoint,version=14.0] "Description"="Microsoft SharePoint Plug-in for Firefox" "Vendor"="Microsoft" "Path"="D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@tools.google.com/Google Update;version=8] "Description"="Google Update" "Vendor"="Google" "Path"="C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@videolan.org/vlc,version=1.1.4] "Description"="VLC Multimedia Plugin" "Vendor"="VideoLAN" "Path"="C:\Program Files\VideoLAN\VLC\npvlc.dll" [HKEY_LOCAL_MACHINE\software\mozillaplugins\@zylom.com/ZylomGamesPlayer] "Description"="Zylom Games Player 1.00" "Vendor"="zylom" "Path"="C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll" ------------------------------------------------------ //////////// Recherche additionnelles... \\\\\\\\\\\\\ ==== Extension supplémentaire ==== =========================== Fin du rapport ===========================
-
Salut, Mon problème est identique à celui de jorys31 et qui est très bien décrit dans son message: Lorsque j'ouvre firefox, je vais sur un site et quelques secondes après j'ai une page blanche qui s'ouvre avec en haut à gauche en bleu: "Advertise here" et à droite: "Skip This ad" Je clique sur Skip this ad pour en sortir mais quelques instant plus tard à nouveau la même page s'affiche. Ce processus se renouvelle 4 ou 5 fois et c'est terminé ca ne se reproduit plus! J'ai constaté que ce phénomène se produisait chaque fois que la date change. Il suffit de changer la date et le phénomène se reproduit 4 ou 5 fois puis terminé. C'est pour cette raison que j'avais répondu que le pc fonctionnait normalement. Je ne me doutais pas que le même problème allait se reproduire le lendemain. Encore merci pour votre aide.
-
Salut A ce jour, le problème n'est pas encore résolu.
-
Salut Voila le nouveau rapport demandé. Encore merci pour ta patience et ton aide. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:28:45, on 10/11/10 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Users\Mohamed\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe D:\Programmes\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Programmes\ManicTime\ManicTime.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe D:\Programmes\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe D:\Programmes\FSL_Launcher\FSL_Launcher.exe D:\Programmes\Internet Download Manager\IEMonitor.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Users\Mohamed\Desktop\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Programmes\Internet Download Manager\IDMIECC.dll O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "D:\Programmes\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [bCSSync] "D:\Programmes\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iDMan] D:\Programmes\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [salaatTime] C:\Program Files\Salaat Time\SalaatTime.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ManicTime] D:\Programmes\ManicTime\ManicTime.exe /minimized /name: O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [E09FXLRD_4237033] "D:\Programmes\Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [superCopier2.exe] D:\Programmes\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [OfficeSyncProcess] "D:\Programmes\Microsoft Office\Office14\MSOSYNC.EXE" O4 - Startup: FSL_Launcher.lnk = D:\Programmes\FSL_Launcher\FSL_Launcher.exe O4 - Startup: OneNote 2010 - Capture d’écran et lancement.lnk = D:\Programmes\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O8 - Extra context menu item: Télécharger avec IDM - D:\Programmes\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\Programmes\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\Programmes\Internet Download Manager\IEGetAll.htm O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programmes\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programmes\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programmes\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programmes\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - D:\Programmes\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programmes\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 25844 bytes
-
Bonsoir Je pense que j'ai copié le rapport en entier. Le voici encore une fois: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:10:10, on 09/11/10 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\system32\wbem\unsecapp.exe D:\Programmes\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Programmes\Internet Download Manager\IDMan.exe C:\Program Files\Salaat Time\SalaatTime.exe D:\Programmes\ManicTime\ManicTime.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe D:\Programmes\Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE D:\Programmes\SuperCopier2\SuperCopier2.exe D:\Programmes\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe D:\Programmes\FSL_Launcher\FSL_Launcher.exe D:\Programmes\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\explorer.exe C:\Users\Mohamed\Desktop\HiJackThis.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 1787 bytes A noter que dans le bloc-note, la dernière ligne est la ligne 39. Y-t-il un problème quelque part ?
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:10:10, on 09/11/10 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v9.00 (9.00.7930.16406) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\system32\wbem\unsecapp.exe D:\Programmes\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Programmes\Internet Download Manager\IDMan.exe C:\Program Files\Salaat Time\SalaatTime.exe D:\Programmes\ManicTime\ManicTime.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe D:\Programmes\Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE D:\Programmes\SuperCopier2\SuperCopier2.exe D:\Programmes\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe D:\Programmes\FSL_Launcher\FSL_Launcher.exe D:\Programmes\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\explorer.exe C:\Users\Mohamed\Desktop\HiJackThis.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 1787 bytes
-
Salut Je viens de poster les deux rapports demandés. Je m'excuse, je ne sais pas bien utiliser ce forum. Pour le Pc, il fonctionne normalement. Encore merci pour ton aide !
-
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-11-08.01) Microsoft Windows 7 Édition Intégrale Boot Device: \Device\HarddiskVolume2 Install Date: 11/07/10 19:25:30 System Uptime: 11/08/10 21:04:10 (2136 hours ago) Motherboard: Acer | | Makalu Processor: Intel® Core2 Duo CPU T6400 @ 2.00GHz | U2E1 | 2000/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 144 GiB total, 67,907 GiB free. D: is FIXED (NTFS) - 144 GiB total, 120,265 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP224: 20/10/10 21:48:49 - Configured Version d'évaluation de Microsoft Office Professionnel 2010 RP225: 20/10/10 21:53:21 - Removed Microsoft Office Professionnel 2010 RP227: 20/10/10 22:23:59 - Installed Version d'évaluation de Microsoft Office Professionnel 2010 RP228: 20/10/10 22:32:34 - Installed Version d'évaluation de Microsoft Office Professionnel 2010 RP229: 21/10/10 16:21:00 - Installed Version d'évaluation de Microsoft Office Professionnel Plus 2010 RP230: 22/10/10 09:29:01 - Windows Update RP231: 23/10/10 12:48:45 - Windows Update RP232: 23/10/10 13:50:01 - Nitro PDF Reader supprimé RP233: 26/10/10 08:58:08 - Installed ManicTime RP234: 26/10/10 20:22:50 - Windows Update RP235: 26/10/10 21:50:50 - Windows Update RP236: 26/10/10 21:55:38 - Windows Update RP237: 29/10/10 07:24:50 - Windows Update RP238: 30/10/10 10:47:48 - Removed Java 6 Update 21 RP239: 03/11/10 09:53:47 - Windows Update RP240: 04/11/10 08:09:59 - Windows Update RP241: 05/11/10 15:12:58 - Windows Update ==== Installed Programs ====================== ABB Image Icon Converter 5.1 Acer Arcade Deluxe Acer Crystal Eye Webcam Acer eAudio Management Acer eDataSecurity Management Acer Empowering Technology Acer ePower Management Acer eRecovery Management Acer eSettings Management Acer GameZone Console 2.0.1.1 Acer GridVista Acer Mobility Center Plug-In Acer ScreenSaver Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.0 - Français Adobe Shockwave Player 11.5 Agatha Christie Death on the Nile Alice Greenfingers Apple Application Support Apple Software Update Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver µTorrent Audacity 1.3.12 (Unicode) Avira AntiVir Personal - Free Antivirus Azada Backspin Billiards Bejeweled 2 Deluxe Big Kahuna Reef Bled Pour Tous Bricks of Egypt Bridge Baron 20 Français Caesar IV Caesar IV Demo Cake Mania Cake Mania - Lights Camera Action CCleaner Chicken Invaders 3 Contrôle ActiveX Windows Live Devices pour connexions à distance Crystal Reports for Visual Studio D3DX10 Definition update for Microsoft Office 2010 (KB982726) Dictionnaire Français Diner Dash Flo on the Go Dotfuscator Software Services - Community Edition - FRA Feedback Tool Fichiers de support d'installation de Microsoft SQL Server 2008 Football Manager 2010 Free Mp3 Wma Converter V 1.91 Funbridge2 GIMP 2.6.10 Glary Utilities 2.29.0.1032 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Google Earth HDAUDIO Soft Data Fax Modem with SmartCP HP PrecisionScan LTX ImageConverter Plus 8.0 Infra. d'app. de la couche Données Microsoft SQL Server 2008 R2 Intel® Matrix Storage Manager Internet Download Manager Jewel Quest Solitaire Kick N Rush Launch Manager Le Petit Robert 2010 Learn to Play Bridge LightScribe 1.4.142.1 Logiciel d'archivage WinRAR Mah Jong Quest III Balance of Life Mahjong Escape Ancient China Mahjong Escape Ancient Japan MahJong Quest II Deluxe Mahjongg Artifacts 2 Malwarebytes' Anti-Malware ManicTime Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile FRA Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended FRA Language Pack Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - FRA Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - FRA Microsoft Encarta 2009 - Collection Microsoft Expression Blend 3 Microsoft Expression Blend 3 SDK Microsoft Expression Design 3 Microsoft Expression Encoder 3 Microsoft Expression Studio 3 Microsoft Expression Web 3 Microsoft Expression Web 3 SP1 Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Help Viewer 1.0 Microsoft Help Viewer 1.0 Language Pack - FRA Microsoft Office Access MUI (French) 2010 Microsoft Office Excel MUI (French) 2010 Microsoft Office Groove MUI (French) 2010 Microsoft Office InfoPath MUI (French) 2010 Microsoft Office OneNote MUI (French) 2010 Microsoft Office Outlook MUI (French) 2010 Microsoft Office PowerPoint MUI (French) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Professionnel Plus 2010 Microsoft Office Proof (Arabic) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (French) 2010 Microsoft Office Publisher MUI (French) 2010 Microsoft Office Shared MUI (French) 2010 Microsoft Office Word MUI (French) 2010 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 3 SDK - Français Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server Compact 3.5 SP2 FRA Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x86) fr Microsoft Sync Framework SDK v1.0 SP1 fr Microsoft Sync Framework Services v1.0 SP1 (x86) fr Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) fr Microsoft Team Foundation Server 2010 Object Model - FRA Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual Studio 2010 Office Developer Tools (x86) Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - FRA Microsoft Visual Studio 2010 Professional - FRA Microsoft Visual Studio 2010 Professional - Français Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA Microsoft Visual Studio Macro Tools Microsoft Visual Studio Macro Tools - FRA Language Pack Microsoft Works Mise à jour pour Microsoft Outlook Social Connector (KB2289116) Modèle objet Microsoft Team Foundation Server 2010 - Français Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA Module linguistique Microsoft .NET Framework 4 Client Profile FRA Module linguistique Microsoft .NET Framework 4 Extended FRA Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA Mozilla Firefox (3.6.12) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyHeritage Family Tree Builder MySQL Connector/ODBC 3.51 Mystery Case Files - Huntsville Mystery Solitaire - Secret Island Notification de cadeaux MSN NVIDIA Drivers Objets de gestion Microsoft SQL Server 2008 R2 OpenOffice.org 3.2 Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework PC Chrono 1.1.0.6 Personal Translator 2008 Professional English French PhotoNow! Picasa 3 Pixillion Image Converter PVSonyDll QuickTime RadioSure Readiris Pro 11 Mr.Underground Edition Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Revo Uninstaller 1.89 Salaat Time 2.0 Sandlot Games Client Services 1.2.2 Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft Word 2010 (KB2345000) Service Pack 1 pour SQL Server 2008 (KB968369) Skype Toolbars Skype™ 5.0 SolSuite 2010 v10.5 Sql Server Customer Experience Improvement Program SuperCopier2 Synaptics Pointing Device Driver SYSTRAN The Treasures of Mystery Island: The Gates of Fate UltraEdit 16.20 Update for Microsoft Office 2010 (KB2202188) Update for Microsoft OneNote 2010 (KB2288640) Update for Microsoft Outlook Social Connector (KB2289116) Update for Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (KB982305) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA VLC media player 1.1.4 Web Deployment Tool WIDCOMM Bluetooth Software 6.0.1.6400 Winbond CIR Device Drivers Windows Live Bêta Windows Live Communications Platform Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Photo Common Windows Live Photo Common Beta Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Media Player Firefox Plugin WinHTTrack Website Copier 3.43-9C WPF Toolkit June 2009 (Version 3.5.40619.1) Zuma Deluxe ==== End Of File =========================== DDS (Ver_10-11-08.01) - NTFSx86 Run by Mohamed at 21:12:09,64 on 08/11/10 Internet Explorer: 9.0.7930.16406 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3067.1899 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe D:\Programmes\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork D:\Programmes\Avira\AntiVir Desktop\avguard.exe C:\Windows\system32\taskhost.exe D:\Programmes\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\conhost.exe C:\Windows\Explorer.EXE C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe C:\Program Files\Acer\Empowering Technology\Service\ETService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Acer\Mobility Center\MobilityService.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Users\Mohamed\AppData\Local\Temp\RtkBtMnt.exe D:\Programmes\Avira\AntiVir Desktop\avgnt.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe D:\Programmes\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\system32\wbem\unsecapp.exe D:\Programmes\FSL_Launcher\FSL_Launcher.exe D:\Programmes\Internet Download Manager\IEMonitor.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Mohamed\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://google.fr/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://search.myheritage.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - d:\programmes\internet download manager\IDMIECC.dll BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - c:\program files\family toolbar\tbcore3.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\progra~1\micros~1\office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - d:\progra~1\micros~1\office14\URLREDIR.DLL BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Family Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - c:\program files\family toolbar\tbcore3.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [iDMan] d:\programmes\internet download manager\IDMan.exe /onboot uRun: [salaatTime] c:\program files\salaat time\SalaatTime.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [ManicTime] d:\programmes\manictime\ManicTime.exe /minimized /name: uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler uRun: [E09FXLRD_4237033] "d:\programmes\encarta\microsoft encarta 2009 - collection dvd\EDICT.EXE" -m uRun: [superCopier2.exe] d:\programmes\supercopier2\SuperCopier2.exe uRun: [OfficeSyncProcess] "d:\programmes\microsoft office\office14\MSOSYNC.EXE" mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [CLMLServer] "c:\program files\acer arcade deluxe\acer arcade deluxe\kernel\clml\CLMLSvc.exe" mRun: [eAudio] "c:\program files\acer\empowering technology\eaudio\eAudio.exe" mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe mRun: [ePower_DMC] c:\program files\acer\empowering technology\epower\ePower_DMC.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [LManager] c:\progra~1\launch~1\QtZgAcer.EXE mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [avgnt] "d:\programmes\avira\antivir desktop\avgnt.exe" /min mRun: [bCSSync] "d:\programmes\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript StartupFolder: c:\users\mohamed\appdata\roaming\micros~1\windows\startm~1\programs\startup\fsl_la~1.lnk - d:\programmes\fsl_launcher\FSL_Launcher.exe StartupFolder: c:\users\mohamed\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - d:\programmes\microsoft office\office14\ONENOTEM.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &Envoyer à OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Télécharger avec IDM - d:\programmes\internet download manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - d:\programmes\internet download manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - d:\programmes\internet download manager\IEGetAll.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\programmes\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - d:\programmes\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\progra~1\micros~1\office14\GROOVEEX.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\mohamed\appdata\roaming\mozilla\firefox\profiles\70mbwduj.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.fr/ FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q= FF - component: c:\program files\mozilla firefox\extensions\{3d0f2817-b22b-4f8f-3691-b8107ffb5512}\components\fff0e614.dll FF - component: c:\users\mohamed\appdata\roaming\idm\idmmzcc3\components\idmmzcc.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll FF - plugin: d:\progra~1\micros~1\office14\NPAUTHZ.DLL FF - plugin: d:\progra~1\micros~1\office14\NPSPWRAP.DLL FF - plugin: d:\programmes\google\picasa3\npPicasa3.dll FF - HiddenExtension: z: No Registry Reference - c:\program files\mozilla firefox\extensions\{3d0f2817-b22b-4f8f-3691-b8107ffb5512} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: network.http.max-persistent-connections-per-server - 4 c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified ============= SERVICES / DRIVERS =============== R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\playmovie\000.fcl [2010-7-11 61424] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;d:\programmes\avira\antivir desktop\sched.exe [2010-10-13 135336] R2 AntiVirService;Avira AntiVir Guard;d:\programmes\avira\antivir desktop\avguard.exe [2010-10-13 267944] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-10-13 60936] R2 CLHNService;CLHNService;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\CLHNService.exe [2010-7-11 81504] R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2008-11-20 24576] R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2010-7-26 68240] R2 NTIPPKernel;NTIPPKernel;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\NTIPPKernel.sys [2010-7-11 122368] R3 NETw5s32;Pilote de carte Intel® Wireless WiFi Link pour Windows 7 32 bits ;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-11-21 44064] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-17 136176] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\programmes\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208] S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel® 5000 Series pour Windows Vista 32 bits;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-12 1343400] S4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336] S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936] =============== Created Last 30 ================ 2010-11-07 13:29:37 -------- d-----w- c:\users\mohamed\appdata\roaming\Malwarebytes 2010-11-07 13:29:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-07 13:29:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-07 13:29:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-07 13:29:30 -------- d-----w- c:\progra~2\Malwarebytes 2010-11-05 14:13:18 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{ab54276f-a797-4777-93da-98c95cecc362}\mpengine.dll 2010-11-03 10:36:30 -------- d-----w- C:\$RECYCLE.BIN 2010-11-03 10:25:03 98816 ----a-w- c:\windows\sed.exe 2010-11-03 10:25:03 86528 ----a-w- c:\windows\MBR.exe 2010-11-03 10:25:03 256512 ----a-w- c:\windows\PEV.exe 2010-11-03 10:25:03 161792 ----a-w- c:\windows\SWREG.exe 2010-11-02 18:43:33 -------- d-----w- c:\users\mohamed\FSL 2010-10-29 21:25:28 -------- d-----w- c:\users\mohamed\appdata\roaming\MyHeritage 2010-10-29 21:25:28 -------- d-----w- c:\progra~2\MyHeritage 2010-10-29 21:24:09 -------- d-----w- c:\program files\Family Toolbar 2010-10-29 21:24:08 454656 ----a-w- c:\windows\system32\PaintX.dll 2010-10-29 21:24:08 372736 ----a-w- c:\windows\system32\ijl15.dll 2010-10-29 21:24:08 137000 ----a-w- c:\windows\system32\msmapi32.ocx 2010-10-29 21:24:08 -------- d-----w- c:\users\mohamed\appdata\roaming\The Complete Genealogy Reporter - FTB 2010-10-29 21:23:59 -------- d-----w- C:\MyHeritage 2010-10-29 20:26:32 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL 2010-10-29 20:26:32 183808 ----a-w- c:\windows\system32\BDEADMIN.CPL 2010-10-28 10:36:07 -------- d-----w- c:\users\mohamed\VSWebCache 2010-10-26 19:47:36 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-10-26 19:47:36 417792 ----a-w- c:\windows\system32\msdri.dll 2010-10-26 19:47:36 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-10-26 19:47:36 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-10-26 19:23:28 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2010-10-24 21:45:57 180224 ----a-w- c:\windows\system32\cnvshell.dll 2010-10-22 11:50:10 -------- d-----w- c:\users\mohamed\appdata\local\Seven Zip 2010-10-21 15:22:12 -------- d-----w- c:\program files\Microsoft Analysis Services 2010-10-15 18:11:35 327168 ----a-w- c:\windows\IsUn040c.exe 2010-10-15 18:11:22 90112 ----a-w- c:\windows\system32\hpsjvset.dll 2010-10-15 18:11:22 40960 ----a-w- c:\windows\system32\hpgmausd.dll 2010-10-15 18:11:22 102400 ----a-w- c:\windows\system32\hpgmastr.dll 2010-10-14 23:44:02 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-10-14 19:19:27 94208 ----a-w- c:\program files\internet explorer\fr\iediag.resources.dll 2010-10-14 19:11:23 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2010-10-14 19:11:22 804864 ----a-w- c:\windows\system32\FntCache.dll 2010-10-14 19:11:22 737280 ----a-w- c:\windows\system32\d2d1.dll 2010-10-14 19:11:22 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2010-10-14 19:11:22 1076224 ----a-w- c:\windows\system32\DWrite.dll 2010-10-14 19:10:50 279552 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2010-10-14 19:10:50 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2010-10-14 19:10:16 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2010-10-14 19:09:07 -------- d-----w- c:\program files\Feedback Tool 2010-10-14 07:02:00 164864 ----a-w- c:\program files\windows media player\wmplayer.exe 2010-10-14 07:01:59 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-10-14 06:38:56 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe 2010-10-14 06:38:55 1413632 ----a-w- c:\windows\system32\ole32.dll 2010-10-14 06:38:33 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-10-14 06:38:31 224256 ----a-w- c:\windows\system32\schannel.dll 2010-10-14 06:38:21 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-10-14 06:38:18 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-10-14 06:38:18 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-10-14 06:35:13 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-10-14 06:35:09 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2010-10-14 06:35:09 308736 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-10-14 06:35:09 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-10-14 06:35:09 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-10-14 06:35:04 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-10-14 06:35:01 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2010-10-13 12:56:33 -------- d-----w- c:\users\mohamed\appdata\roaming\ICSharpCode 2010-10-13 09:36:04 -------- d-----w- c:\users\mohamed\appdata\roaming\stetic 2010-10-13 09:35:41 -------- d-----w- c:\users\mohamed\appdata\roaming\MonoDevelop 2010-10-13 06:26:07 -------- d-----w- c:\users\mohamed\appdata\roaming\Avira 2010-10-13 06:09:37 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-10-13 06:09:36 -------- d-----w- c:\progra~2\Avira 2010-10-11 12:12:50 -------- d-----w- c:\users\mohamed\InstallAnywhere ==================== Find3M ==================== 2010-10-19 10:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-15 11:16:21 209920 ----a-w- c:\windows\iun3401.exe 2010-09-30 13:28:08 17712 ----a-w- c:\windows\system32\nitrolocalui.dll 2010-09-30 13:28:06 26416 ----a-w- c:\windows\system32\nitrolocalmon.dll 2010-09-08 10:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 10:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-04 17:57:52 7168 ----a-w- c:\windows\system32\Pbpr01sw.dll 2010-08-31 23:46:36 1355264 ----a-w- c:\windows\system32\jscript9.dll 2010-08-31 23:44:32 367104 ----a-w- c:\windows\system32\html.iec 2010-08-31 23:44:30 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2010-08-31 23:44:24 1122304 ----a-w- c:\windows\system32\wininet.dll 2010-08-31 23:44:06 424960 ----a-w- c:\windows\system32\vbscript.dll 2010-08-31 23:43:22 23552 ----a-w- c:\windows\system32\licmgr10.dll 2010-08-31 23:43:12 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2010-08-31 23:43:12 114176 ----a-w- c:\windows\system32\iesysprep.dll 2010-08-31 23:43:10 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2010-08-31 23:43:10 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2010-08-31 23:42:58 51200 ----a-w- c:\windows\system32\admparse.dll 2010-08-31 23:42:54 75264 ----a-w- c:\windows\system32\iesetup.dll 2010-08-31 23:42:48 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2010-08-31 23:42:42 150016 ----a-w- c:\windows\system32\iexpress.exe 2010-08-31 23:42:42 149504 ----a-w- c:\windows\system32\wextract.exe 2010-08-31 23:42:20 33280 ----a-w- c:\windows\system32\imgutil.dll 2010-08-31 23:42:16 48640 ----a-w- c:\windows\system32\mshtmler.dll 2010-08-31 23:42:12 11264 ----a-w- c:\windows\system32\mshta.exe 2010-08-31 23:42:10 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2010-08-31 23:42:04 63488 ----a-w- c:\windows\system32\tdc.ocx 2010-08-31 23:41:46 160768 ----a-w- c:\windows\system32\msls31.dll 2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 10:59:24 53248 ----a-w- c:\windows\system32\unrar.dll 2010-08-13 14:51:40 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2006-10-12 03:09:40 94208 --sh--w- c:\windows\system32\SalaatTime.dll ============= FINISH: 21:13:05,53 ===============
-
Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 5065 Windows 6.1.7600 Internet Explorer 9.0.7930.16406 07/11/10 16:40:26 mbam-log-2010-11-07 (16-40-26).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 486791 Temps écoulé: 2 heure(s), 1 minute(s), 40 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ad8f456c (Adware.Adrotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ASH24SXZ9S (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\KOO9RV9K4Z (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\SMH2B46TDP (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_application (Hijacker.Application) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Windows\System32\ad8f456c.exe (Adware.Adrotator) -> Quarantined and deleted successfully. C:\Windows\System32\pnuffepgkhsbomt.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
-
ComboFix 10-11-02.04 - Mohamed 03/11/10 11:27:27.1.2 - x86 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.3067.1586 [GMT 1:00] Lancé depuis: c:\users\Mohamed\Desktop\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\users\Mohamed\AppData\Roaming\.# c:\users\Mohamed\AppData\Roaming\.#\MBX@930@3E2998.### c:\users\Mohamed\AppData\Roaming\.#\MBX@930@3E29C8.### c:\users\Mohamed\AppData\Roaming\.#\MBX@930@3E29F8.### c:\users\Mohamed\Documents\Readiris.DUS c:\windows\AUTOLNCH.REG c:\windows\system32\xmlpr0v32a.dll ----- BITS: Il y a peut-être des sites infectés ----- hxxp://wlxindex . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-03 au 2010-11-03 )))))))))))))))))))))))))))))))))))) . 2010-11-03 08:54 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A694F9FE-2AC9-44F9-AFDA-9B6810EAF9BD}\mpengine.dll 2010-11-02 18:43 . 2010-11-02 18:43 -------- d-----w- c:\users\Mohamed\FSL 2010-10-29 21:25 . 2010-10-29 21:36 -------- d-----w- c:\users\Mohamed\AppData\Roaming\MyHeritage 2010-10-29 21:25 . 2010-10-29 21:28 -------- d-----w- c:\programdata\MyHeritage 2010-10-29 21:24 . 2010-10-29 21:24 -------- d-----w- c:\program files\Family Toolbar 2010-10-29 21:24 . 2010-10-29 21:24 -------- d-----w- c:\users\Mohamed\AppData\Roaming\The Complete Genealogy Reporter - FTB 2010-10-29 21:24 . 2003-07-06 12:07 372736 ----a-w- c:\windows\system32\ijl15.dll 2010-10-29 21:24 . 2002-03-06 23:19 454656 ----a-w- c:\windows\system32\PaintX.dll 2010-10-29 21:24 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\msmapi32.ocx 2010-10-29 21:23 . 2010-10-29 21:24 -------- d-----w- C:\MyHeritage 2010-10-29 20:26 . 1999-11-12 04:11 183808 ----a-w- c:\windows\system32\BDEADMIN.CPL 2010-10-29 20:26 . 1999-01-20 04:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL 2010-10-28 10:36 . 2010-10-28 10:36 -------- d-----w- c:\users\Mohamed\VSWebCache 2010-10-26 19:47 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-10-26 19:47 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll 2010-10-26 19:47 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-10-26 19:47 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-10-26 19:23 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2010-10-24 21:45 . 2009-10-07 19:39 180224 ----a-w- c:\windows\system32\cnvshell.dll 2010-10-24 21:02 . 2010-10-24 21:02 -------- d-----w- c:\programdata\NCH Software 2010-10-24 16:52 . 2010-10-24 16:52 -------- d-----r- C:\MSOCache 2010-10-22 11:50 . 2010-10-22 11:50 -------- d-----w- c:\users\Mohamed\AppData\Local\Seven Zip 2010-10-21 15:22 . 2010-10-21 15:22 -------- d-----w- c:\program files\Microsoft Analysis Services 2010-10-16 20:46 . 2010-10-16 20:46 -------- d-----w- c:\program files\Common Files\Skype 2010-10-15 18:11 . 1998-10-07 12:08 327168 ----a-w- c:\windows\IsUn040c.exe 2010-10-15 18:11 . 2001-08-14 12:24 90112 ----a-w- c:\windows\system32\hpsjvset.dll 2010-10-15 18:11 . 2001-08-03 10:23 40960 ----a-w- c:\windows\system32\hpgmausd.dll 2010-10-15 18:11 . 2000-10-09 17:57 102400 ----a-w- c:\windows\system32\hpgmastr.dll 2010-10-14 23:44 . 2010-10-14 23:44 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-10-14 19:19 . 2010-09-01 07:30 94208 ----a-w- c:\program files\Internet Explorer\fr\iediag.resources.dll 2010-10-14 19:11 . 2010-08-16 06:14 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2010-10-14 19:11 . 2010-08-16 06:15 804864 ----a-w- c:\windows\system32\FntCache.dll 2010-10-14 19:11 . 2010-08-16 06:14 1076224 ----a-w- c:\windows\system32\DWrite.dll 2010-10-14 19:11 . 2010-08-16 06:14 737280 ----a-w- c:\windows\system32\d2d1.dll 2010-10-14 19:11 . 2010-08-16 06:14 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2010-10-14 19:10 . 2010-05-09 09:15 279552 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2010-10-14 19:10 . 2010-05-09 09:15 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2010-10-14 19:10 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2010-10-14 19:09 . 2010-10-14 19:09 -------- d-----w- c:\program files\Feedback Tool 2010-10-14 07:02 . 2010-09-01 04:26 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2010-10-14 07:01 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-10-14 06:38 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe 2010-10-14 06:38 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll 2010-10-14 06:38 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-10-14 06:38 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll 2010-10-14 06:38 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-10-14 06:38 . 2010-08-31 04:32 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-10-14 06:38 . 2010-08-31 04:32 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-10-14 06:35 . 2010-09-01 02:34 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-10-14 06:35 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-10-14 06:35 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2010-10-14 06:35 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-10-14 06:35 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-10-14 06:35 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-10-14 06:35 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2010-10-13 12:56 . 2010-10-13 17:48 -------- d-----w- c:\users\Mohamed\AppData\Roaming\ICSharpCode 2010-10-13 09:36 . 2010-10-13 09:36 -------- d-----w- c:\users\Mohamed\AppData\Roaming\stetic 2010-10-13 09:35 . 2010-10-15 13:19 -------- d-----w- c:\users\Mohamed\AppData\Roaming\MonoDevelop 2010-10-13 06:26 . 2010-10-13 06:26 -------- d-----w- c:\users\Mohamed\AppData\Roaming\Avira 2010-10-13 06:09 . 2010-08-17 12:39 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-10-13 06:09 . 2010-08-17 12:39 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-10-13 06:09 . 2010-10-13 06:09 -------- d-----w- c:\programdata\Avira 2010-10-11 12:12 . 2010-10-11 12:12 -------- d-----w- c:\users\Mohamed\InstallAnywhere 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\en-US 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\en 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\drivers\en-US 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\ar 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\0409 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\ar-SA 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\drivers\ar-SA 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\drivers\UMDF\en-US 2010-10-09 17:57 . 2010-10-09 17:57 -------- d-----w- c:\windows\system32\drivers\UMDF\ar-SA 2010-10-09 17:56 . 2010-10-14 19:34 -------- d-----w- c:\windows\system32\wbem\en-US 2010-10-09 17:56 . 2010-10-14 19:34 -------- d-----w- c:\windows\system32\wbem\ar-SA 2010-10-09 17:53 . 2009-07-13 17:42 3584 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ar-SA\LXKPTPRC.DLL.mui 2010-10-08 13:58 . 2010-10-08 14:32 -------- d-----w- c:\program files\Readiris Pro 11 2010-10-06 08:11 . 2010-10-06 08:11 -------- d-----w- c:\users\Mohamed\AppData\Roaming\Nitro PDF 2010-10-06 08:11 . 2010-09-30 13:28 17712 ----a-w- c:\windows\system32\nitrolocalui.dll 2010-10-06 08:11 . 2010-09-30 13:28 26416 ----a-w- c:\windows\system32\nitrolocalmon.dll 2010-10-06 08:09 . 2010-10-06 08:09 -------- d-----w- c:\users\Mohamed\AppData\Roaming\Downloaded Installations 2010-10-04 10:52 . 2010-10-04 10:52 -------- d-----w- c:\users\Mohamed\AppData\Local\Finkit . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-19 10:41 . 2010-07-11 17:57 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-15 11:16 . 2010-09-25 21:04 209920 ----a-w- c:\windows\iun3401.exe 2010-09-08 10:17 . 2010-09-08 10:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 10:17 . 2010-09-08 10:17 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-07 20:46 . 2010-09-07 20:46 105388 ----a-w- c:\windows\system32\ad8f456c.exe 2010-09-07 20:45 . 2010-09-07 20:45 64232 ----a-w- c:\windows\system32\pnuffepgkhsbomt.exe 2010-09-04 17:57 . 2010-09-04 17:57 7168 ----a-w- c:\windows\system32\Pbpr01sw.dll 2010-08-26 13:33 . 2010-08-26 13:33 86576 ----a-w- c:\users\Mohamed\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe 2010-08-26 13:33 . 2010-08-26 13:33 392728 ----a-w- c:\users\Mohamed\AppData\Roaming\Microsoft\Services Windows Live\Services Windows Live.dll 2010-08-26 13:33 . 2010-08-26 13:33 132672 ----a-w- c:\users\Mohamed\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe 2010-08-21 05:32 . 2010-09-17 13:11 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 10:59 . 2010-08-16 10:59 53248 ----a-w- c:\windows\system32\unrar.dll 2010-08-13 14:51 . 2010-08-13 14:51 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2010-08-10 18:44 . 2010-08-10 18:44 49016 ----a-w- c:\windows\system32\sirenacm.dll 2006-10-12 03:09 94208 --sh--w- c:\windows\System32\SalaatTime.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}"= "c:\program files\Setuprog\tbSetu.dll" [2010-02-22 2353176] [HKEY_CLASSES_ROOT\clsid\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}] 2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}] 2010-02-22 11:05 2353176 ----a-w- c:\program files\Setuprog\tbSetu.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}"= "c:\program files\Setuprog\tbSetu.dll" [2010-02-22 2353176] "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432] [HKEY_CLASSES_ROOT\clsid\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}] [HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{F4EF4468-9BBB-45A1-A2CE-F0C430A9A7E5}"= "c:\program files\Setuprog\tbSetu.dll" [2010-02-22 2353176] [HKEY_CLASSES_ROOT\clsid\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2010-07-26 12:09 70776 ----a-w- d:\programmes\Internet Download Manager\IDMShellExt.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "IDMan"="d:\programmes\Internet Download Manager\IDMan.exe" [2010-08-08 3241312] "SalaatTime"="c:\program files\Salaat Time\SalaatTime.exe" [2008-05-16 13496320] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-11 68856] "ManicTime"="d:\programmes\ManicTime\ManicTime.exe" [2010-10-19 582984] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "E09FXLRD_4237033"="d:\programmes\Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.EXE" [2008-05-28 351000] "SuperCopier2.exe"="d:\programmes\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "OfficeSyncProcess"="d:\programmes\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896] "RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 13797920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "avgnt"="d:\programmes\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768] "BCSSync"="d:\programmes\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] c:\users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2010 - Capture d'‚cran et lancement.lnk - d:\programmes\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 136176] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\programmes\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel® 5000 Series pour Windows Vista 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-12 1343400] R4 MSSQLServerADHelper100;Service SQL Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336] R4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424] S2 AntiVirSchedulerService;Avira AntiVir Planificateur;d:\programmes\Avira\AntiVir Desktop\sched.exe [2010-08-17 135336] S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-07-26 68240] S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368] S3 NETw5s32;Pilote de carte Intel® Wireless WiFi Link pour Windows 7 32 bits ;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-06-25 44064] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] --- Autres Services/Pilotes en mémoire --- *Deregistered* - UBHelper . Contenu du dossier 'Tâches planifiées' 2010-11-03 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2010-09-03 20:55] 2010-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 19:57] 2010-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-07-17 19:57] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://search.myheritage.com uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://search.myheritage.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Télécharger avec IDM - d:\programmes\Internet Download Manager\IEExt.htm IE: Télécharger le contenu de video FLV avec IDM - d:\programmes\Internet Download Manager\IEGetVL.htm IE: Télécharger tous les liens avec IDM - d:\programmes\Internet Download Manager\IEGetAll.htm Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL FF - ProfilePath - c:\users\Mohamed\AppData\Roaming\Mozilla\Firefox\Profiles\70mbwduj.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.fr/ FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q= FF - component: c:\program files\Mozilla Firefox\extensions\{3d0f2817-b22b-4f8f-3691-b8107ffb5512}\components\fff0e614.dll FF - component: c:\users\Mohamed\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: d:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: d:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: d:\programmes\Google\Picasa3\npPicasa3.dll ---- PARAMETRES FIREFOX ---- FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: network.http.max-persistent-connections-per-server - 4 c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - BHO-{490589b0-6d6c-0ff2-d460-b18f9b642010} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ShellExecuteHooks-{5ECD31F0-F91A-11d4-B3CA-00D0B70A09D2} - WDShell [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1661148129-1578780410-3629880296-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:68,76,ef,f0,30,f2,7f,3d,fd,9c,87,10,ba,c7,c5,a4,70,3d,73,61,37,39,df, c6,40,88,f9,1e,8b,02,9a,31,0e,13,da,27,44,b8,bc,b4,bf,a0,2e,22,02,dc,da,6d,\ "??"=hex:c3,0c,33,ac,a5,fc,e0,6f,43,b2,4f,a9,36,32,05,23 [HKEY_USERS\S-1-5-21-1661148129-1578780410-3629880296-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):69,b7,7f,d4,e3,a7,3e,6e,90,6e,7b,a0,14,5b,82,3b,0b,be,7a,d4,76, 30,56,c0,1d,0c,5b,92,29,63,ab,76,cc,92,6e,04,2f,1b,db,8a,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-1661148129-1578780410-3629880296-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):4b,e6,38,a2,f4,4a,bb,f8,0a,fc,7c,74,14,62,9f,e1,89,5d,35,af,d2, 3c,77,8c,84,7d,82,a9,6c,0c,8a,84,b2,9d,cf,c9,2f,43,c1,de,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-1661148129-1578780410-3629880296-1000_Classes\CLSID\{c1a4a4f1-d205-45d1-be4b-41fd221bc167}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000119 "Therad"=dword:00000006 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ [HKEY_USERS\S-1-5-21-1661148129-1578780410-3629880296-1000_Classes\CLSID\{feb9ff69-86ba-4cb1-8def-9158eb67b9a4}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000d4 "Therad"=dword:0000002a "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,85,b1,12,f9,90,dd,23,a1,a2,56,5d,f3,13,26,b2,34,1d,82,d3,1c,f3,48,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(1880) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\system32\btncopy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\nvvsvc.exe d:\programmes\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\taskhost.exe d:\programmes\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\conhost.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2010-11-03 11:41:38 - La machine a redémarré ComboFix-quarantined-files.txt 2010-11-03 10:41 Avant-CF: 73 754 329 088 octets libres Après-CF: 73 438 236 672 octets libres - - End Of File - - D515D17944656FAC19E5B2C8A076F060
-
Comment s'en débarrasser ? J'ai utilisé ComboFix.J'ai le rapport. A qui faut-il l'envoyer précisément ? Merci de votre aide. Sapidou