Aller au contenu

Zetsuharu

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    9

  • Inscription

  • Dernière visite

Zetsuharu's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Zetsuharu
    On ne m'a toujours pas répondu depuis le 14 novembre... http://forum.zebulon.fr/probleme-ecran-noir-t180949.html&p=1520196&fromsearch=1?do=findComment&comment=1520196
  2. Zetsuharu
    Bonjour à tous, je crois que l'on m'a oublié.. Ou peut-être ai-je posté dans la mauvaise section ><" Voici le lien http://forum.zebulon.fr/probleme-ecran-noir-t180949.html Merci.
  3. Zetsuharu
    Bonsoir, j'ai un petit problème avec mon ordinateur portable. De temps en temps lorsque je suis sur un jeu ou en train de regarder un film, l'ordinateur freeze quelques secondes puis l'écran devient noir mais j'entends toujours le son. Voici mon rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:27:13, on 13/11/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21293) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre6\bin\jusched.exe E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Pando Networks\Media Booster\PMB.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\HiJackThis.exe C:\Program Files\Garena\Garena.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Garena - Connecting world gamers R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Ultimate Edition R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: ;Tag&rename O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 10360 bytes Merci d'avance pour votre aide.
  4. Zetsuharu
    Tout va bien, je ne vois plus les liens infomoneyservice dans l'historique. Merci pour votre aide.
  5. Zetsuharu
    Voila le rapport de combofix : ComboFix 10-11-10.03 - Admin 11/11/2010 16:28:58.3.1 - x86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.511.254 [GMT 1:00] Lancé depuis: C:\Documents and Settings\Admin\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\config.ini C:\WINDOWS\picture.exe . \\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected . \\.\PhysicalDrive0 - Bootkit Sinowal was found and disinfected . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BOONTY_GAMES -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-11 au 2010-11-11 )))))))))))))))))))))))))))))))))))) . 2010-11-10 16:57:25 . 2010-11-10 16:57:25 -------- d-----w- C:\Documents and Settings\Admin\Application Data\Malwarebytes 2010-11-10 16:56:56 . 2010-04-29 14:39:38 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-11-10 16:56:54 . 2010-11-10 16:56:54 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-11-10 16:56:53 . 2010-11-10 16:57:01 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2010-11-10 16:56:53 . 2010-04-29 14:39:26 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-10 19:10:51 . 2010-10-10 19:10:51 2829 ----a-w- C:\WINDOWS\War3Unin.pif 2010-10-10 19:10:51 . 2010-10-10 19:10:51 139264 ----a-w- C:\WINDOWS\War3Unin.exe 2006-05-03 09:06:54 163328 --sh--r- C:\WINDOWS\system32\flvDX.dll 2007-02-21 10:47:16 31232 --sh--r- C:\WINDOWS\system32\msfDX.dll 2008-03-16 12:30:52 216064 --sh--r- C:\WINDOWS\system32\nbDX.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] 2009-10-15 08:53:58 165184 ----a-w- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 15:44:52 3883856] "AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-10-08 10:01:32 107864] "Connexion SFR 9props.exe"="C:\Program Files\SFR\Kit\9props.exe" [2009-10-15 08:53:54 959808] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:54:50 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-03-27 15:34:58 53248] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-09-16 07:08:51 149280] "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-06 21:31:08 524632] "Autoconfigurateur WiFi SFR"="C:\Program Files\SFR\Kit\WiFi\9wifi.exe" [2009-10-15 08:54:06 357696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 22:54:50 15360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Admin^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk] path=C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Admin^Menu Démarrer^Programmes^Démarrage^Personal Player.lnk] path=C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage\Personal Player.lnk backup=C:\WINDOWS\pss\Personal Player.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOK - Xchanger.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\AOK - Xchanger.lnk backup=C:\WINDOWS\pss\AOK - Xchanger.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GamersFirst LIVE!.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\GamersFirst LIVE!.lnk backup=C:\WINDOWS\pss\GamersFirst LIVE!.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^hamachi.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\hamachi.lnk backup=C:\WINDOWS\pss\hamachi.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Macro Express 3.lnk] path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Macro Express 3.lnk backup=C:\WINDOWS\pss\Macro Express 3.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 21:16:38 39792 ----a-w- L:\Program Files\Adobe Reader 8.1.2\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] 2005-05-03 19:05:00 344064 -c--a-w- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-11-07 19:48:04 323392 ----a-w- C:\Program Files\DNA\btdna.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] 2008-03-25 09:48:28 906480 ----a-w- C:\Program Files\CCleaner\CCleaner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2004-08-03 22:54:50 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-04-23 13:51:38 691656 ----a-w- C:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp] 2002-08-14 13:21:28 94208 -c--a-w- C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-01-24 10:32:28 2289664 ----a-w- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 15:44:52 3883856 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-05-13 15:57:20 26192168 ----a-r- C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperCopier.exe] 2003-04-24 22:03:26 683520 -c--a-w- C:\Program Files\SuperCopier\SuperCopier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh] 2008-09-26 17:14:06 3660848 ----a-w- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] 2007-08-30 15:43:18 4670704 ----a-w- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "C:\\WINDOWS\\system32\\dplaysvr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\adslTV\\vlc.exe"= "C:\\WINDOWS\\system32\\dpnsvr.exe"= "C:\\Program Files\\DNA\\btdna.exe"= "C:\\Program Files\\mIRC\\mirc.exe"= "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Opera\\opera.exe"= "C:\\Program Files\\SAMSUNG\\Samsung New PC Studio\\npsasvr.exe"= "C:\\Program Files\\SAMSUNG\\Samsung New PC Studio\\npsvsvr.exe"= "C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "19664:TCP"= 19664:TCP:BitComet 19664 TCP "19664:UDP"= 19664:UDP:BitComet 19664 UDP "6900:TCP"= 6900:TCP:*:Disabled:login-server "5121:TCP"= 5121:TCP:*:Disabled:map-server "6121:TCP"= 6121:TCP:*:Disabled:char-server "13557:TCP"= 13557:TCP:BitComet 13557 TCP "13557:UDP"= 13557:UDP:BitComet 13557 UDP "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "5911:TCP"= 5911:TCP:Worms4 "28900:TCP"= 28900:TCP:Worms4 "29900:TCP"= 29900:TCP:Worms4 "29901:TCP"= 29901:TCP:Worms4 "5911:UDP"= 5911:UDP:Worms4 "6500:UDP"= 6500:UDP:Worms4 "13139:UDP"= 13139:UDP:Worms4 "27900:UDP"= 27900:UDP:Worms4 "3389:TCP"= 3389:TCP:Remote Desktop "19086:TCP"= 19086:TCP:BitComet 19086 TCP "19086:UDP"= 19086:UDP:BitComet 19086 UDP "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services "2479:TCP"= 2479:TCP:Services "3246:TCP"= 3246:TCP:Services "5560:TCP"= 5560:TCP:Services "9620:TCP"= 9620:TCP:Services "7321:TCP"= 7321:TCP:Services "7320:TCP"= 7320:TCP:Services "7984:TCP"= 7984:TCP:Services "4742:TCP"= 4742:TCP:Services R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [14/02/2009 22:30:35 64160] R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [19/09/2006 16:32:21 721904] R1 GhPciScan;GhostPciScanner;C:\Program Files\Symantec\Norton Ghost 2003\GhPciScan.sys [14/08/2002 14:11:16 5632] R1 SLEE_16_DRIVER;Steganos Live Encryption Engine 16 [Driver];C:\WINDOWS\system32\drivers\sleen16.sys [11/10/2007 11:24:00 79104] R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [30/06/2010 15:45:38 238952] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34:37 1029456] R2 litsgt;litsgt;C:\WINDOWS\system32\drivers\litsgt.sys [23/04/2006 10:31:59 137344] R2 tansgt;tansgt;C:\WINDOWS\system32\drivers\tansgt.sys [23/04/2006 10:31:58 12032] R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [30/06/2010 15:45:38 36608] S2 gupdate;Service Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [23/05/2010 12:06:15 136176] S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;"L:\Program Files\LogMeInHamachi\hamachi-2.exe" -s --> L:\Program Files\LogMeInHamachi\hamachi-2.exe [?] S3 GarenaPEngine;GarenaPEngine;\??\C:\DOCUME~1\Admin\LOCALS~1\Temp\OWD59.tmp --> C:\DOCUME~1\Admin\LOCALS~1\Temp\OWD59.tmp [?] S3 GGSAFERDriver;GGSAFER Driver;\??\C:\Program Files\Garena\plugins\UI\safedrv.sys --> C:\Program Files\Garena\plugins\UI\safedrv.sys [?] S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\system32\GameMon.des -service --> C:\WINDOWS\system32\GameMon.des -service [?] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [30/06/2010 15:46:10 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [30/06/2010 15:46:10 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [30/06/2010 15:46:10 121856] S3 vaxscsi;vaxscsi;C:\WINDOWS\system32\drivers\vaxscsi.sys [19/09/2006 16:43:41 223128] S3 XDva032;XDva032;\??\C:\WINDOWS\system32\XDva032.sys --> C:\WINDOWS\system32\XDva032.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-01-24 10:30:22 451872 ----a-w- C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2010-11-06 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34:46 . 2010-03-06 21:31:10] 2010-11-11 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-23 11:06:15 . 2010-05-23 11:05:31] 2010-11-11 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-23 11:06:15 . 2010-05-23 11:05:31] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Tout télécharger avec BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm IE: Télécharger avec BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm IE: Télécharger toutes les vidéos avec BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab DPF: Yahoo! Chess - hxxp://origin.games.yahoo.net/games/clients/y/ct5_x.cab FF - ProfilePath - C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\jsgxhtqm.default\ FF - prefs.js: browser.search.selectedEngine - Wikipédia (fr) FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr FF - prefs.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= FF - plugin: C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll FF - plugin: C:\Program Files\adslTV\npvlc.dll FF - plugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: C:\Program Files\Opera\program\plugins\np_gp.dll FF - plugin: C:\Program Files\Opera\program\plugins\np_gp.dll FF - plugin: C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll FF - plugin: C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - plugin: L:\Program Files\Adobe Reader 8.1.2\Reader\browser\nppdf32.dll ---- PARAMETRES FIREFOX ---- FF - user.js: keyword.URL - hxxp://redirecterror.sfr.fr/?q= C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . . ------- Associations de fichier ------- . .reg=exefile . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-ProxyFirewall - C:\Program Files\ProxyFirewall\ProxyFirewall.exe HKLM-Run-NPSStartup - (no file) MSConfigStartUp-Adobe Photo Downloader - C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe MSConfigStartUp-avast! - C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe MSConfigStartUp-Cmaudio - cmicnfg.cpl MSConfigStartUp-EA Core - C:\Program Files\Electronic Arts\EADM\Core.exe MSConfigStartUp-ford obj proxy pop - C:\Documents and Settings\All Users\Application Data\live frag ford obj\Eggseach.exe MSConfigStartUp-HAHAHA - c:\windows\picture.exe MSConfigStartUp-LogMeIn Hamachi Ui - L:\Program Files\LogMeInHamachi\hamachi-2-ui.exe MSConfigStartUp-noun user - C:\DOCUME~1\Admin\APPLIC~1\BLAHCA~1\MpegOne.exe MSConfigStartUp-startAPI - c:\windows\picture.exe MSConfigStartUp-VPSKEYS - C:\Program Files\Vpskeys\VPSKEYS.EXE MSConfigStartUp-ZoneAlarm Client - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe AddRemove-adsl TV - C:\Program Files\adslTV\Uninstal.exe AddRemove-Age of Empires 2.0 - L:\GTA SAN ANDREAS\UNINSTAL.EXE AddRemove-EADM - C:\Program Files\Electronic Arts\EADM\Uninstall.exe AddRemove-HijackThis - C:\Documents and Settings\Admin\Mes documents\Téléchargements\HijackThis.exe AddRemove-Macro Express 3 - C:\PROGRA~1\MACROE~1\UNWISE.EXE AddRemove-MKV Minimum Set (LD-Anime) - MatroskaSplitter & VSFilter_is1 - C:\Program Files\LD-Anime\unins000.exe AddRemove-Ragnarok Online - C:\WINDOWS\IFinst27.exe AddRemove-Ragnarok Sakray - C:\WINDOWS\IFinst27.exe AddRemove-Slayers Online_is1 - L:\Slayers Online\unins000.exe AddRemove-SubtitleWorkshop - C:\Program Files\URUSoft\Subtitle Workshop\uninstall.exe AddRemove-Super macro - C:\Program Files\Super macro\uninst.exe AddRemove-SUPER © - C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe AddRemove-WAMP5_is1 - L:\wamp\unins000.exe AddRemove-XileROPatch - L:\Program Files\Gravity\Uninstal.exe
  6. Zetsuharu
    Bonjour je n'arrive pas à obtenir le rapport de combofix, après les 50 procédures du scan l'écran devient bleu et je suis obligé d'éteindre l'ordinateur...
  7. Zetsuharu
    Et voici le rapport de Mbam : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 5089 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 10/11/2010 20:26:04 mbam-log-2010-11-10 (20-26-04).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|L:\|) Elément(s) analysé(s): 355871 Temps écoulé: 1 heure(s), 53 minute(s), 48 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 9 Fichier(s) infecté(s): 15 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\rthdbpl (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} (Worm.Prolaco.M) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Worm.Prolaco.M) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Worm.Prolaco.M) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\chrome (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\components (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\defaults (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\defaults\preferences (PUP.OfferBox) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\GameLAN\Bin\msvcirt.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{ECF6DCF7-8B02-4C8F-AB58-7D5384CF2A4B}\RP757\A0246091.dll (Trojan.Dropper) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{ECF6DCF7-8B02-4C8F-AB58-7D5384CF2A4B}\RP757\A0246092.dll (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Mes documents\Téléchargements\Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest (Worm.Prolaco.M) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf (Worm.Prolaco.M) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul (Worm.Prolaco.M) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\config.dat (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\config.xml (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\chrome.manifest (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\install.rdf (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\chrome\OfferBoxffx.jar (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\components\DataXPCOM.dll (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\components\DataXPCOM_TypeLib.xpt (PUP.OfferBox) -> Quarantined and deleted successfully. C:\Documents and Settings\HelpAssistant.ADMIN-ZDI7JZNC2\Application Data\OfferBox\offerboxffx@offerbox.com\defaults\preferences\offerboxffxPrefs.js (PUP.OfferBox) -> Quarantined and deleted successfully.
  8. Zetsuharu
    Alors voici les deux rapports de AD-R : ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 09/11/10 à 22:30 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 17:37:28 le 10/11/2010, Mode normal Microsoft Windows XP Professionnel Service Pack 2 (X86) Admin@ADMIN-ZDI7JZNC2 ( ) ============== RECHERCHE ============== Fichier trouvé: C:\WINDOWS\pack.epk Dossier trouvé: C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\conduit Fichier trouvé: C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\searchplugins\conduit.xml Dossier trouvé: C:\Documents and Settings\HelpAssistant\Application Data\Dealio Dossier trouvé: C:\Documents and Settings\Admin\Application Data\freeTVRadio Dossier trouvé: C:\Documents and Settings\Admin\Application Data\Search Settings Dossier trouvé: C:\Documents and Settings\HelpAssistant\Application Data\Search Settings Dossier trouvé: C:\Program Files\Search Settings Dossier trouvé: C:\Documents and Settings\Admin\Application Data\OfferBox Fichier trouvé: C:\WINDOWS\system32\umryadce_nav.dat Fichier trouvé: C:\WINDOWS\system32\umryadce.dat Fichier trouvé: C:\WINDOWS\system32\umryadce_navps.dat -- Fichier ouvert: C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\Prefs.js -- Ligne trouvée: user_pref("CT1060933.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne trouvée: user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106... Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&Sea... -- Fichier Fermé -- Clé trouvée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Clé trouvée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} Clé trouvée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} Clé trouvée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\umryadce Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO Clé trouvée: HKLM\Software\Classes\SearchSettings.BHO.1 Clé trouvée: HKLM\Software\Conduit Clé trouvée: HKLM\Software\iAvatars.com Clé trouvée: HKLM\Software\Search Settings Clé trouvée: HKCU\Software\OfferBox Clé trouvée: HKCU\Software\Conduit Clé trouvée: HKCU\Software\Search Settings Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Dealio Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\freeTVRadio Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MessengerSkinner Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Zango Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\OfferBox Clé trouvée: HKLM\Software\Classes\Installer\Products\79CAA1B036589D14EA74856E2A220F1E Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\79CAA1B036589D14EA74856E2A220F1E Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83FA27D5-25B5-4D24-B796-DF742F08A5CF} Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} Clé trouvée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119EF862C6B3A0D853419B87EB3E2F6C78640A Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.12 (fr)] ** -- C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\User.js -- keyword.URL, hxxp://redirecterror.sfr.fr/?q= -- C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\Prefs.js -- browser.download.dir, C:\\Documents and Settings\\Admin\\Bureau browser.download.lastDir, C:\\Documents and Settings\\Admin\\Bureau browser.search.defaultenginename, Google browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms} browser.search.selectedEngine, Wikipédia (fr) browser.startup.homepage, hxxp://www.google.fr browser.startup.homepage_override.mstone, rv:1.9.2.12 keyword.URL, hxxp://redirecterror.sfr.fr/?q= -- C:\Documents and Settings\HelpAssistant\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\Prefs.js -- browser.download.dir, C:\\Documents and Settings\\Admin\\Bureau browser.download.lastDir, C:\\Documents and Settings\\Admin\\Bureau browser.search.defaultenginename, Google browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= browser.search.selectedEngine, DAEMON Search browser.startup.homepage, hxxp://www.google.fr browser.startup.homepage_override.mstone, rv:1.9.1.8 keyword.URL, hxxp://search.sweetim.com/search.asp?src=2&q= ======================================== ** Internet Explorer Version [6.0.2900.2180] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://g.msn.fr/0SEFRFR/SAOS02 Search Page: hxxp://home.microsoft.com/access/allinone.asp Show_ToolBar: yes Start Page: hxxp://search.bearshare.com/fr/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 10/11/2010 (5178 Octet(s)) Fin à: 17:39:06, 10/11/2010 ============== E.O.F ============== ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 09/11/10 à 22:30 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:05:19 le 10/11/2010, Mode normal Microsoft Windows XP Professionnel Service Pack 2 (X86) Admin@ADMIN-ZDI7JZNC2 ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [3.6.12 (fr)] ** -- C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\User.js -- keyword.URL, hxxp://redirecterror.sfr.fr/?q= -- C:\Documents and Settings\Admin\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\Prefs.js -- browser.download.dir, C:\\Documents and Settings\\Admin\\Bureau browser.download.lastDir, C:\\Documents and Settings\\Admin\\Bureau browser.search.defaultenginename, Google browser.search.selectedEngine, Wikipédia (fr) browser.startup.homepage, hxxp://www.google.fr browser.startup.homepage_override.mstone, rv:1.9.2.12 keyword.URL, hxxp://redirecterror.sfr.fr/?q= -- C:\Documents and Settings\HelpAssistant\Application Data\Mozilla\FireFox\Profiles\jsgxhtqm.default\Prefs.js -- browser.download.dir, C:\\Documents and Settings\\Admin\\Bureau browser.download.lastDir, C:\\Documents and Settings\\Admin\\Bureau browser.search.defaultenginename, Google browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= browser.search.selectedEngine, DAEMON Search browser.startup.homepage, hxxp://www.google.fr browser.startup.homepage_override.mstone, rv:1.9.1.8 keyword.URL, hxxp://search.sweetim.com/search.asp?src=2&q= ======================================== ** Internet Explorer Version [6.0.2900.2180] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: no [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 10/11/2010 (741 Octet(s)) C:\Ad-Report-SCAN[1].txt - 10/11/2010 (3144 Octet(s)) Fin à: 18:07:17, 10/11/2010 ============== E.O.F ==============
  9. Zetsuharu
    Bonjour, j'ai remarqué il y a quelques temps que quand j'éteins mon PC, une page firefox 404 Not Found s'ouvre avant que le PC ne s'éteigne. J'ai donc rallumé l'ordinateur pour vérifier les historiques de firefox et je vois que chaque jour il y a les sites http://infomoneyservice.com/1/blank.php http://infomoneyservice.com/2/blank.php et http://infomoneyservice.com/4/blank.php en début d'historique. Mon ordinateur n'a pas l'air d'avoir de problème particulier mais vaut mieux être prudent. Voici mon rapport hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:38:46, on 10/11/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\WINDOWS\SYSTEM32\GEARSEC.EXE C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\SFR\Kit\WiFi\9wifi.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SFR\Kit\9props.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Admin\Mes documents\Téléchargements\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) F2 - REG:system.ini: Shell=explorer.exe, O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file) O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Autoconfigurateur WiFi SFR] "C:\Program Files\SFR\Kit\WiFi\9wifi.exe" O4 - HKCU\..\Run: [ProxyFirewall] C:\Program Files\ProxyFirewall\ProxyFirewall.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon O4 - HKLM\..\Policies\Explorer\Run: [RTHDBPL] C:\Documents and Settings\Admin\Application Data\SystemProc\lsass.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll/206 (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: Yahoo! Chess - http://origin.games.yahoo.net/games/clients/y/ct5_x.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - Unknown owner - L:\Program Files\LogMeInHamachi\hamachi-2.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: wampapache - Unknown owner - L:\wamp\apache2\bin\httpd.exe (file missing) O23 - Service: wampmysqld - Unknown owner - L:\wamp\mysql\bin\mysqld-nt.exe (file missing) -- End of file - 11010 bytes Voila merci.
×
×
  • Créer...