olala

Membres

Afficher le profil Afficher son activité

Compteur de contenus
21
Inscription
le 8 septembre 2011
Dernière visite
le 16 mars 2014

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par olala

[Résolu] FilesBunker me poursuit

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

hello tomtom d'abord merci de tes conseils et de ton aide efficace ensuite http://cjoint.com/?DCqtMqzshbU et finalement bye bye et que la vie te soit douce olala
- le 16 mars 2014
- 9 réponses
[Résolu] FilesBunker me poursuit

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

hello tomtom les liens verts ont effectivement disparu et la femme qui maigrit aussi voici le rapport de ST Pierre13 http://cjoint.com/?DCpiEyb6E3m quant à celui de MBAM il a malencontreusement disparu mais j'ai vu qu'il n'avait rien trouvé après 3h de recherche (je suis penaude) merci olala
- le 15 mars 2014
- 9 réponses
[Résolu] FilesBunker me poursuit

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

bonsoir tomtom http://cjoint.com/?DCosX7XhFjc http://cjoint.com/?DCosZyz8dRr http://cjoint.com/?DCos0KoF1kV merci olala
- le 14 mars 2014
- 9 réponses
[Résolu] FilesBunker me poursuit

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

bonjour tomtom et merci de vous pencher sur mon cas voici le rapport http://cjoint.com/?DComCntE6i9 bonne lecture
- le 14 mars 2014
- 9 réponses
[Résolu] FilesBunker me poursuit

olala a posté un sujet dans Analyses et éradication malwares

Bonjour Quel que le soit le site que je fréquente, l'ignoble Filesbunker me poursuit en truffant les textes de liens verts qui m'incitent à le fréquenter. Que puis-je faire ? Pouvez-vous m'aider à le chasser de mon ordinateur ? merci Zébulons et Zébulonnes olala
- le 13 mars 2014
- 9 réponses
[Résolu] Ouverture intempestive de sites Internet

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

bonsoir bernard53 voilà le rapport ultime : # DelFix v8.8 - Rapport créé le 17/04/2012 à 21:08:12 # Mis à jour le 12/02/12 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : alezeau - YOUR-X68QWKM9NY (Administrateur) # Exécuté depuis : C:\Documents and Settings\alezeau\Mes documents\Téléchargements\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\ZHP Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP Supprimé : C:\Documents and Settings\alezeau\Bureau\RK_Quarantine Supprimé : C:\Program Files\ZHPDiag Supprimé : C:\Program Files\Trend Micro\Hijackthis ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\Documents and Settings\alezeau\Bureau\HiJackThis.lnk Supprimé : C:\Documents and Settings\alezeau\Bureau\RKreport[1].txt Supprimé : C:\Documents and Settings\alezeau\Bureau\RKreport[2].txt Supprimé : C:\Documents and Settings\alezeau\Bureau\RogueKiller.exe Supprimé : C:\Documents and Settings\alezeau\Bureau\ZHPDiag.txt Supprimé : C:\Documents and Settings\alezeau\Bureau\ZHPFixReport.txt Supprimé : C:\Documents and Settings\alezeau\Mes documents\Téléchargements\HiJackThis.msi Supprimé : C:\Documents and Settings\alezeau\Mes documents\Téléchargements\ZHPDiag2.exe Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[R1].txt - [1818 octets] - [17/04/2012 21:07:33] DelFix[s1].txt - [1792 octets] - [17/04/2012 21:08:12] ########## EOF - C:\DelFix[s1].txt - [1916 octets] ########## et merci, merci, merci olala
- le 17 avril 2012
- 6 réponses
[Résolu] Ouverture intempestive de sites Internet

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

bonsoir Bernard53 le rapport ZHPFix Rapport de ZHPFix 1.12.3372 par Nicolas Coolman, Update du 22/11/2011 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-17-04-2012-19-34-34.txt Run by alezeau at 17/04/2012 19:34:34 Windows XP Home Edition Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\Documents and Settings\alezeau\Local Settings\Application Data\safeupdater\SafeUpdater.exe ========== Clé(s) du Registre ========== SUPPRIME Key: Service: SafeUpdater SUPPRIME Key: HKLM\Software\Babylon SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1 SUPPRIME Key: HKLM\Software\Classes\toolband.easyhidebtn SUPPRIME Key: HKLM\Software\Classes\toolband.easyhidebtn.1 SUPPRIME Key: HKLM\Software\Classes\toolband.localizer SUPPRIME Key: HKLM\Software\Classes\toolband.localizer.1 SUPPRIME Key: HKLM\Software\Classes\toolband.namehighlighter SUPPRIME Key: HKLM\Software\Classes\toolband.namehighlighterstatistics SUPPRIME Key: HKLM\Software\Classes\toolband.namehighlighterstatistics.1 SUPPRIME Key: HKLM\Software\Classes\toolband.skypeiehelper SUPPRIME Key: HKLM\Software\Classes\toolband.skypeiehelper.1 SUPPRIME Key: HKLM\Software\Classes\toolband.snameproxy SUPPRIME Key: HKLM\Software\Classes\toolband.snameproxy.1 SUPPRIME Key: HKLM\Software\Classes\Interface\{115ccbae-27b0-47c3-ba42-bab708424393} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} SUPPRIME Key: HKLM\Software\Classes\AppID\{937936af-28ca-4973-b8ae-f250406149a2} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{937936af-28ca-4973-b8ae-f250406149a2} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c7b76b90-3455-4ae6-a752-eac4d19689e5} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c7b76b90-3455-4ae6-a752-eac4d19689e5} ========== Valeur(s) du Registre ========== ABSENT Toolbar: {1E796980-9CC5-11D1-A83F-00C04FC99D61} SUPPRIME Toolbar: {1E796980-9CC5-11D1-A83F-00C04FC99D61} SUPPRIME RunValue: EoEngine SUPPRIME AAKE KeyValue: C:\Program Files\adawaretb\dtUser.exe ABSENT [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:EoEngine SUPPRIME FirewallRaz (SP) : E:\fscommand\CKSocketServer.exe SUPPRIME FirewallRaz (SP) : C:\Program Files\Orange\RIM\fscommand\RIM.exe SUPPRIME FirewallRaz (SP) : C:\Program Files\Orange\RIM\fscommand\CKSocketServer.exe Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Préférences navigateur ========== ABSENT Mozilla Pref: ========== Dossier(s) ========== SUPPRIME Folder: C:\Documents and Settings\alezeau\Application Data\Babylon SUPPRIME Folder: C:\Documents and Settings\alezeau\Local Settings\Application Data\Babylon SUPPRIME Folder: C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster SUPPRIME Folder: C:\Documents and Settings\alezeau\Local Settings\Application Data\eojet SUPPRIME Folder: C:\Documents and Settings\alezeau\Local Settings\Application Data\safeupdater SUPPRIME Flash Cookies: 200 SUPPRIME Temporaires Windows: : 132 ========== Fichier(s) ========== SUPPRIME Reboot c:\documents and settings\alezeau\local settings\application data\safeupdater\safeupdater.exe SUPPRIME File: c:\windows\tasks\googleupdatetaskmachinecore1cba08a3a6df2ea.job SUPPRIME File: c:\program files\adawaretb\dtuser.exe SUPPRIME File: c:\documents and settings\all users\bureau\babylon.lnk SUPPRIME File: c:\documents and settings\alezeau\cookies\4osw4mr6.txt ABSENT File: c:\documents and settings\alezeau\local settings\application data\babylon\setup\110643.zpb SUPPRIME File: c:\documents and settings\alezeau\local settings\temp\79423721-bab0-7891-821a-46a8126f7cdf\110643.zpb ABSENT File: c:\documents and settings\alezeau\local settings\application data\babylon\setup\setup-tbmntr903.zpb SUPPRIME File: c:\documents and settings\alezeau\local settings\temp\79423721-bab0-7891-821a-46a8126f7cdf\setup-tbmntr903.zpb SUPPRIME Reboot c:\documents and settings\alezeau\local settings\temp\hcbackup\aucache\au_cache\housecall-ctp-p.activeupdate.trendmicro.com SUPPRIME File: c:\documents and settings\alezeau\local settings\temp\housecall\pattern\bf.ptn SUPPRIME File: c:\documents and settings\alezeau\local settings\temp\housecall\pattern\crcdiff.dat SUPPRIME File: c:\documents and settings\alezeau\local settings\temp\housecall\log\fd7e025d-5aca-4bcf-afdb-398b541c09b8\configuration.xml ABSENT File: c:\documents and settings\alezeau\local settings\application data\babylon\setup\x110643.zpb SUPPRIME File: c:\documents and settings\alezeau\local settings\temp\79423721-bab0-7891-821a-46a8126f7cdf\x110643.zpb ABSENT File: c:\documents and settings\alezeau\application data\babylon\log_file.txt SUPPRIME File: c:\documents and settings\all users\application data\babylon\ad-aware96install.msi ABSENT File: c:\documents and settings\ageorges\local settings\application data\applicationhistory\explorer.exe ABSENT File: c:\documents and settings\alezeau\local settings\application data\applicationhistory\explorer.exe ABSENT Folder/File: c:\documents and settings\alezeau\application data\babylon ABSENT Folder/File: c:\documents and settings\alezeau\local settings\application data\babylon ABSENT Folder/File: c:\documents and settings\alezeau\local settings\application data\combroadcaster ABSENT Folder/File: c:\documents and settings\alezeau\local settings\application data\eojet ABSENT Folder/File: c:\documents and settings\alezeau\local settings\application data\safeupdater SUPPRIME Flash Cookies: 96 SUPPRIME Temporaires Windows: : 494 ========== Récapitulatif ========== 1 : Processus mémoire 22 : Clé(s) du Registre 9 : Valeur(s) du Registre 7 : Dossier(s) 26 : Fichier(s) 1 : Préférences navigateur End of clean in 00mn 38s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 17/04/2012 19:34:34 [6154] il ne m'a rien demandé les publicités intempestives ne se manifestent plus olala
- le 17 avril 2012
- 6 réponses
[Résolu] Ouverture intempestive de sites Internet

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

Merci Bernard53 et bonsoir Voici les rapports le premier RK : RogueKiller V7.3.2 [20/03/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/49) Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: alezeau [Droits d'admin] Mode: Recherche -- Date: 16/04/2012 18:23:51 ¤¤¤ Processus malicieux: 3 ¤¤¤ [sUSP PATH] SafeUpdater.exe -- C:\Documents and Settings\alezeau\Local Settings\Application Data\safeupdater\SafeUpdater.exe -> KILLED [TermProc] [sUSP PATH] adawarebp.dll -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll -> UNLOADED [sUSP PATH] combroadcaster.exe -- C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster\combroadcaster.exe -> KILLED [TermProc] ¤¤¤ Entrees de registre: 2 ¤¤¤ [sUSP PATH] HKLM\[...]\Run : combroadcaster ("C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster\combroadcaster.exe") -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7AA928C) SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7AA9246) SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7AA9296) SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7AA923C) SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7AA924B) SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7AA9255) SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7AA9287) SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7AA925A) SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7AA9228) SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7AA922D) SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7AA9264) SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7AA925F) SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7AA929B) SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7AA9250) SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7AA9237) S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7AA92A0) S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7AA92A5) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: ST9160310AS +++++ --- User --- [MBR] 07fd859c7c3ed358cc603d8d34b7b71e [bSP] 90bf24bac6acb365b63867c307f47b13 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 81907 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 167747328 | Size: 62673 Mo 2 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 296102016 | Size: 8004 Mo 3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 312496128 | Size: 39 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1].txt >> RKreport[1].txt le deuxième RK : RogueKiller V7.3.2 [20/03/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/49) Blog: tigzy-RK Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: alezeau [Droits d'admin] Mode: Suppression -- Date: 16/04/2012 18:26:32 ¤¤¤ Processus malicieux: 3 ¤¤¤ [sUSP PATH] SafeUpdater.exe -- C:\Documents and Settings\alezeau\Local Settings\Application Data\safeupdater\SafeUpdater.exe -> KILLED [TermProc] [sUSP PATH] adawarebp.dll -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll -> UNLOADED [sUSP PATH] combroadcaster.exe -- C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster\combroadcaster.exe -> KILLED [TermProc] ¤¤¤ Entrees de registre: 2 ¤¤¤ [sUSP PATH] HKLM\[...]\Run : combroadcaster ("C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster\combroadcaster.exe") -> DELETED [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [CHARGE] ¤¤¤ SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xF7AA928C) SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xF7AA9246) SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xF7AA9296) SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xF7AA923C) SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xF7AA924B) SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xF7AA9255) SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xF7AA9287) SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xF7AA925A) SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xF7AA9228) SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xF7AA922D) SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xF7AA9264) SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xF7AA925F) SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xF7AA929B) SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xF7AA9250) SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xF7AA9237) S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF7AA92A0) S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF7AA92A5) ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: ST9160310AS +++++ --- User --- [MBR] 07fd859c7c3ed358cc603d8d34b7b71e [bSP] 90bf24bac6acb365b63867c307f47b13 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 81907 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 167747328 | Size: 62673 Mo 2 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 296102016 | Size: 8004 Mo 3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 312496128 | Size: 39 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt le rapport de MBA Lien CJoint.com 3Dqu1Thfube et celui de ZHP Lien CJoint.com 3DquTAe00dC bon courage lala
- le 16 avril 2012
- 6 réponses
[Résolu] Ouverture intempestive de sites Internet

olala a posté un sujet dans Analyses et éradication malwares

Bonjour Je reviens vers vous pour le même problème : ouverture d'onglets publicitaires envahissants mais sur un autre ordinateur j'ai fait les manips recommandées mais ça n'a pas résolu le problème merci de votre aide voici le log de Hikjackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:34:42, on 15/04/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\alezeau\Local Settings\Application Data\safeupdater\SafeUpdater.exe C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster\combroadcaster.exe C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe C:\Program Files\Microsoft Works\WkCalRem.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Téléchargements de logiciel – Logiciel vérifié pour les virus R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll O4 - HKLM\..\Run: [cspep.exe] C:\Program Files\cspep\cspep.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [combroadcaster] "C:\Documents and Settings\alezeau\Local Settings\Application Data\combroadcaster\combroadcaster.exe" O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f (User 'Default user') O4 - Startup: wkcalrem.LNK = C:\Program Files\Microsoft Works\WkCalRem.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: SuperHybridEngine.lnk = ? O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service Google Update (gupdate1c9b1469503e0fa) (gupdate1c9b1469503e0fa) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: SafeUpdater - Unknown owner - C:\Documents and Settings\alezeau\Local Settings\Application Data\safeupdater\SafeUpdater.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SFR.DashBoard.Service - SFR - C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 10902 bytes
- le 15 avril 2012
- 6 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

Bonsoir Apollo j'ai beaucoup tardé mais je dois avouer que je n'ai pas réussi à obtenir un seul rapport (si j'ose dire) avec ESET bien que je l'aie exécuté deux fois. Il m'a quand même dit qu'il n'avait rien à me dire. Mon ordinateur est propre et pur. encore une mission accomplie Apollo ! merci infiniment olala
- le 14 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

les derniers ? 1 : # DelFix v8.3 - Rapport créé le 09/09/2011 à 23:24 # Mis à jour le 04/08/11 à 11h par Xplode # Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3 # Nom d'utilisateur : moi - MINI (Administrateur) # Exécuté depuis : C:\Documents and Settings\moi\Mes documents\Téléchargements\delfix0.exe # Option [Recherche] ~~~~~~ Dossier(s) ~~~~~~ Présent : C:\ZHP Présent : C:\Program Files\Ad-Remover Présent : C:\Program Files\trend micro\Hijackthis Présent : C:\Program Files\ZHPDiag Présent : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP ~~~~~~ Fichier(s) ~~~~~~ Présent : C:\Ad-Report-CLEAN.txt Présent : C:\JavaRa.log Présent : C:\Documents and Settings\moi\Bureau\AD-R.lnk Présent : C:\Documents and Settings\moi\Bureau\ATF-Cleaner.exe Présent : C:\Documents and Settings\moi\Bureau\Extras.Txt Présent : C:\Documents and Settings\moi\Bureau\HiJackThis.lnk Présent : C:\Documents and Settings\moi\Bureau\OTL.exe Présent : C:\Documents and Settings\moi\Bureau\OTL.Txt Présent : C:\Documents and Settings\moi\Bureau\SecurityCheck.exe Présent : C:\Documents and Settings\moi\Bureau\ZHPDiag.txt Présent : C:\Documents and Settings\moi\Bureau\ZHPDiag2.exe Présent : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk Présent : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk Présent : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk Présent : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk Présent : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk Présent : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk Présent : C:\Documents and Settings\moi\Mes documents\Téléchargements\HiJackThis.msi ~~~~~~ Registre ~~~~~~ Clé Présente : HKCU\SOFTWARE\Ad-Remover Clé Présente : HKLM\Software\OldTimer Tools Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autre ~~~~~~ ########## EOF - "C:\DelFixSearch.txt" - [2139 octets] ########## 2 : # DelFix v8.3 - Rapport créé le 09/09/2011 à 23:25 # Mis à jour le 04/08/11 à 11h par Xplode # Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3 # Nom d'utilisateur : moi - MINI (Administrateur) # Exécuté depuis : C:\Documents and Settings\moi\Mes documents\Téléchargements\delfix0.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ ~~~~~~ Fichier(s) ~~~~~~ ~~~~~~ Registre ~~~~~~ ~~~~~~ Autre ~~~~~~ -> Prefetch vidé ########## EOF - "C:\DelFixSuppr.txt" - [601 octets] ########## Bonne nuit olala
- le 9 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

un nouveau rapport ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 19:01:02 le 09/09/2011, Mode normal Microsoft Windows XP Édition familiale Service Pack 3 (X86) moi@MINI ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [6.0.2 (fr)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) -- C:\Documents and Settings\moi\Application Data\Mozilla\FireFox\Profiles\vlch6e23.default -- Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\moi\\Mes documents\\Téléchargements Prefs.js - browser.startup.homepage_override.buildID, 20110902133214 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2 ======================================== **** Internet Explorer Version [8.0.6001.18702] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Fichiers communs\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 09/09/2011 17:03:47 (2596 Octet(s)) C:\Ad-Report-CLEAN[2].txt - 09/09/2011 19:01:25 (471 Octet(s)) Fin à: 19:02:29, 09/09/2011 ============== E.O.F ============== Bonne lecture olala
- le 9 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

voici le rapport Rapport de ZHPFix 1.12.3360 par Nicolas Coolman, Update du 29/08/2011 Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-09-09-2011-14-08-00.txt Run by moi at 09/09/2011 14:08:00 Windows XP Home Edition Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} ========== Dossier(s) ========== SUPPRIME Temporaires Windows: : 87 SUPPRIME Flash Cookies: 125 ========== Fichier(s) ========== SUPPRIME Temporaires Windows: : 62 SUPPRIME Flash Cookies: 44 ========== Récapitulatif ========== 2 : Clé(s) du Registre 2 : Dossier(s) 2 : Fichier(s) End of the scan in 00mn 06s que dois-je faire ? merci olala
- le 9 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

Hello Apollo je viens donc au rapport Le voici Cijoint.fr - Service gratuit de dépôt de fichiers autrement j'ai essayé de suivre tous tes conseils olala
- le 9 septembre 2011
- 18 réponses
On m'a oublié !

olala a répondu à un(e) sujet de Gof dans Analyses et éradication malwares

Bonjour et merci Dylav Quel oeil (de tigre ?) !
- le 9 septembre 2011
- 641 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

bonsoir Apollo et merci de m'avoir répondu et merci aussi à Dylav de m'avoir sortie des oubliettes j'avais cru comprendre qu'il ne fallait pas mettre tous les rapports dans le même message ! j'ai utilisé les outils indiqués sur le forum (http://forum.zebulon.fr/rsolu-infection-par-freezefrog-t187525.html) j'ai utilisé Malawarebytes pour faire le ménage Voici le dernier rapport de Malawarebytes Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7678 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 08/09/2011 23:03:51 mbam-log-2011-09-08 (23-03-51).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 201231 Temps écoulé: 36 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Backup\moi\mes documents\téléchargements\mailpv\mailpv.exe (PUP.MailPassView) -> Quarantined and deleted successfully. L'ordinateur a l'air propre En tout cas Firefox n'ouvre plus de fenêtres publicitaires récalcitrantes à la fermeture
- le 8 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

et puis le petit dernier Results of screen317's Security Check version 0.99.18 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus ESET Online Scanner v3 ``````````````````````````````` Anti-malware/Other Utilities Check: Adobe Flash Player 10.3.181.26 Mozilla Firefox (x86 fr..) Mozilla Thunderbird (3.1.11) Thunderbird Out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent AVAST Software Avast AvastSvc.exe AVAST Software Avast avastUI.exe ``````````End of Log```````````` merci de votre lecture olala
- le 8 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

salut de nouveau le rapport "Extras" OTL logfile created on: 08/09/2011 10:45:16 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\moi\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1013,87 Mb Total Physical Memory | 534,54 Mb Available Physical Memory | 52,72% Memory free 2,39 Gb Paging File | 2,10 Gb Available in Paging File | 87,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 135,00 Gb Total Space | 112,47 Gb Free Space | 83,31% Space Free | Partition Type: NTFS Drive D: | 4,04 Gb Total Space | 2,72 Gb Free Space | 67,32% Space Free | Partition Type: FAT32 Computer Name: MINI | User Name: moi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/08 10:42:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011/02/07 17:09:08 | 000,021,424 | ---- | M] (SFR) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe PRC - [2009/09/16 10:17:12 | 000,393,320 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Android Manager\iSync.exe PRC - [2009/09/09 07:14:24 | 000,487,016 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Updater\iUpdate.exe PRC - [2009/06/25 17:30:36 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe PRC - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe PRC - [2008/12/30 09:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2008/07/03 15:58:22 | 000,094,208 | ---- | M] (sonix) -- C:\WINDOWS\PLFSetL.exe PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2011/09/08 00:35:13 | 001,548,288 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090800\algo.dll MOD - [2011/09/06 21:42:36 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090800\aswRep.dll MOD - [2011/08/11 22:35:32 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll MOD - [2011/08/11 22:35:06 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll MOD - [2011/08/11 22:34:50 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll MOD - [2011/08/11 22:34:13 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll MOD - [2011/08/11 22:33:52 | 017,403,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll MOD - [2011/08/11 22:17:49 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll MOD - [2011/08/09 22:05:49 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll MOD - [2011/08/09 22:01:41 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll MOD - [2011/06/30 22:02:04 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2009/09/28 10:53:08 | 000,406,528 | ---- | M] () -- C:\Program Files\Acer\Android Manager\FRA.dll MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2003/06/07 07:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011/08/08 09:48:34 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/02/07 17:09:08 | 000,021,424 | ---- | M] (SFR) [Auto | Running] -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe -- (SFR.DashBoard.Service) SRV - [2009/06/26 09:26:20 | 000,085,504 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/05/10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/05/10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/11/17 16:27:44 | 000,105,344 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jrdusbser.sys -- (jrdusbser) DRV - [2010/04/27 16:09:36 | 001,605,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009/08/31 12:18:16 | 005,891,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/05/06 18:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2009/03/02 07:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2009/02/03 08:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2008/08/05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2006/11/02 15:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO) DRV - [2006/01/04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_one&r=0xph06113725l03g4wu45w88n23869 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_one&r=0xph06113725l03g4wu45w88n23869 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_one&r=0xph06113725l03g4wu45w88n23869 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/08 00:06:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/08 08:41:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/07/10 22:17:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/06/21 13:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Extensions [2011/06/21 13:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/08/15 10:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\vlch6e23.default\extensions [2011/06/21 13:52:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions () (No name found) -- C:\DOCUMENTS AND SETTINGS\MOI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VLCH6E23.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\MOI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VLCH6E23.DEFAULT\EXTENSIONS\UNPLUG@COMPUNACH.XPI [2011/06/28 23:40:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011/09/08 08:41:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe (Insyde Software Corp.) O4 - HKLM..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe (Insyde Software Corp.) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix) O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( ) O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5908D28B-6889-42B0-ABA3-78791E7D226C}: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/01 23:30:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SFR_Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/09/08 10:42:22 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe [2011/09/08 09:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/09/08 00:06:38 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/09/08 00:06:38 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/09/08 00:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus [2011/09/08 00:06:37 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/09/08 00:06:37 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/09/08 00:06:37 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/09/08 00:06:36 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/09/08 00:06:36 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/09/08 00:06:36 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/09/08 00:06:19 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/09/08 00:06:18 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/09/08 00:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011/09/08 00:05:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/08/29 23:01:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\normandie2011 [2011/08/13 20:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\pilotesreseau [2011/08/13 18:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SFR [2011/08/13 18:34:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Local Settings\Application Data\SFR [2011/08/13 18:34:45 | 000,105,344 | ---- | C] (TCT International Mobile Ltd) -- C:\WINDOWS\System32\drivers\jrdusbser.sys [2011/08/13 18:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\SFR [2011/06/21 13:23:41 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll [2011/06/21 13:23:37 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll [2009/08/02 09:09:54 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll [14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/08 10:47:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/09/08 10:42:53 | 000,879,225 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\SecurityCheck.exe [2011/09/08 10:42:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe [2011/09/08 10:11:02 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/09/08 09:13:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\moi\Bureau\~$VIRUS.rtf [2011/09/08 09:12:25 | 000,003,663 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\VIRUS.rtf [2011/09/08 08:44:31 | 000,502,688 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/09/08 08:44:31 | 000,434,032 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/09/08 08:44:31 | 000,081,816 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/09/08 08:44:31 | 000,068,318 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/09/08 08:39:45 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/09/08 08:39:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/09/08 08:39:19 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys [2011/09/08 00:06:38 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2011/09/08 00:06:37 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/09/07 23:15:34 | 002,474,001 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110907 nice _03.JPG [2011/09/07 23:12:10 | 002,331,936 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110907 nice _02.JPG [2011/09/07 23:09:31 | 001,159,462 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110907 nice _11.JPG [2011/09/07 22:39:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/09/05 22:32:05 | 000,757,509 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110905 nice _04.JPG [2011/09/05 22:31:09 | 000,886,583 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110905 nice _03.JPG [2011/09/05 22:30:56 | 000,849,225 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110905 nice _01.JPG [2011/09/04 00:36:37 | 000,006,536 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\SnoodPrf.21W [2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/01 23:31:49 | 000,081,390 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Capturer03.JPG [2011/09/01 23:28:13 | 000,065,190 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Capturer02.JPG [2011/09/01 23:25:21 | 000,074,458 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Capturer01.JPG [2011/08/23 23:56:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/08/15 22:30:03 | 000,000,230 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\SFR.rtf [2011/08/13 18:34:48 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Gestionnaire de Connexion.lnk [14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/08 10:47:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/09/08 10:42:51 | 000,879,225 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\SecurityCheck.exe [2011/09/08 09:13:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\moi\Bureau\~$VIRUS.rtf [2011/09/08 09:12:24 | 000,003,663 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\VIRUS.rtf [2011/09/08 00:06:38 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2011/09/07 23:15:01 | 002,474,001 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110907 nice _03.JPG [2011/09/07 23:11:40 | 002,331,936 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110907 nice _02.JPG [2011/09/07 23:09:16 | 001,159,462 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110907 nice _11.JPG [2011/09/05 22:31:30 | 000,757,509 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110905 nice _04.JPG [2011/09/05 22:31:09 | 000,886,583 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110905 nice _03.JPG [2011/09/05 22:30:13 | 000,849,225 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110905 nice _01.JPG [2011/09/01 23:31:47 | 000,081,390 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Capturer03.JPG [2011/09/01 23:28:11 | 000,065,190 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Capturer02.JPG [2011/09/01 23:25:19 | 000,074,458 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Capturer01.JPG [2011/08/15 22:30:03 | 000,000,230 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\SFR.rtf [2011/08/13 22:31:37 | 000,006,536 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\SnoodPrf.21W [2011/08/13 18:37:59 | 001,037,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/08/13 18:34:48 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Gestionnaire de Connexion.lnk [2011/06/21 13:52:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/06/21 13:34:01 | 000,106,496 | ---- | C] () -- C:\WINDOWS\FixUVC.exe [2011/06/21 13:23:41 | 001,759,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys [2011/06/21 13:23:41 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys [2011/06/21 13:23:41 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PidList.ini [2009/08/02 09:09:45 | 000,502,688 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2009/08/02 09:09:45 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2009/08/02 09:09:45 | 000,081,816 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2009/08/02 09:09:45 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2009/08/02 09:09:33 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2009/08/02 09:09:30 | 000,434,032 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2009/08/02 09:09:30 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2009/08/02 09:09:30 | 000,068,318 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2009/08/02 09:09:30 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2009/08/02 09:09:30 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2009/08/02 09:09:29 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2009/08/02 09:09:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2009/08/02 09:09:25 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2009/08/02 09:09:25 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2009/08/02 09:09:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2009/08/02 09:09:13 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2009/08/02 02:52:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009/08/02 01:24:54 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/08/02 01:24:08 | 000,251,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/08/02 01:19:28 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat [2009/08/02 01:19:28 | 000,000,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat [2009/08/02 01:19:28 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat [2009/08/02 01:19:28 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat [2009/08/02 01:19:28 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat [2009/08/02 01:19:27 | 000,189,796 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTConvEQ.dat [2009/08/02 01:19:27 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat [2009/08/02 01:19:27 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat [2009/08/02 01:18:32 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll [2009/08/01 23:33:43 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2009/08/01 23:33:42 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe [2009/08/01 23:32:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/08/01 23:28:35 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/08/01 23:27:42 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2009/02/25 04:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/06/19 23:15:57 | 000,176,732 | ---- | M] () -- C:\aaw7boot.log [2009/08/01 23:30:27 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/06/21 13:14:33 | 000,000,216 | RHS- | M] () -- C:\boot.ini [2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009/08/01 23:30:27 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011/09/08 08:39:19 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys [2009/08/01 23:30:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/07/26 10:50:52 | 000,002,060 | ---- | M] () -- C:\MOD01SET0J00P2000X.enc [2008/09/11 11:27:43 | 000,002,488 | ---- | M] () -- C:\MOD01WOS02FRP20001.enc [2009/08/01 23:30:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/09/08 08:39:17 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2011/09/08 10:47:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/06/21 13:33:36 | 000,002,139 | ---- | M] () -- C:\RHDSetup.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [14 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2009/08/02 01:23:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2009/08/02 01:23:46 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2009/08/02 01:23:45 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/07/15 15:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2011/07/08 16:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys [2011/06/24 16:10:47 | 000,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-06 21:42:59 < End of report > mais que de lignes...
- le 8 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a répondu à un(e) sujet de olala dans Analyses et éradication malwares

re bonjour voici le rapport OTL OTL logfile created on: 08/09/2011 10:45:16 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\moi\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1013,87 Mb Total Physical Memory | 534,54 Mb Available Physical Memory | 52,72% Memory free 2,39 Gb Paging File | 2,10 Gb Available in Paging File | 87,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 135,00 Gb Total Space | 112,47 Gb Free Space | 83,31% Space Free | Partition Type: NTFS Drive D: | 4,04 Gb Total Space | 2,72 Gb Free Space | 67,32% Space Free | Partition Type: FAT32 Computer Name: MINI | User Name: moi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/09/08 10:42:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011/02/07 17:09:08 | 000,021,424 | ---- | M] (SFR) -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe PRC - [2009/09/16 10:17:12 | 000,393,320 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Android Manager\iSync.exe PRC - [2009/09/09 07:14:24 | 000,487,016 | ---- | M] (Insyde Software Corp.) -- C:\Program Files\Acer\Updater\iUpdate.exe PRC - [2009/06/25 17:30:36 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe PRC - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe PRC - [2008/12/30 09:09:54 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe PRC - [2008/07/03 15:58:22 | 000,094,208 | ---- | M] (sonix) -- C:\WINDOWS\PLFSetL.exe PRC - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/04/15 17:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2011/09/08 00:35:13 | 001,548,288 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090800\algo.dll MOD - [2011/09/06 21:42:36 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11090800\aswRep.dll MOD - [2011/08/11 22:35:32 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ca07e9cf488af1290d2340d682574a24\SMDiagnostics.ni.dll MOD - [2011/08/11 22:35:06 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll MOD - [2011/08/11 22:34:50 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll MOD - [2011/08/11 22:34:13 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll MOD - [2011/08/11 22:33:52 | 017,403,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e3a0205acab2215fbad7927d9d483aeb\System.ServiceModel.ni.dll MOD - [2011/08/11 22:17:49 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dece01bd9e9c32e47630fdfc78d3bd32\System.Runtime.Serialization.ni.dll MOD - [2011/08/09 22:05:49 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll MOD - [2011/08/09 22:01:41 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll MOD - [2011/06/30 22:02:04 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2009/09/28 10:53:08 | 000,406,528 | ---- | M] () -- C:\Program Files\Acer\Android Manager\FRA.dll MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2003/06/07 07:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2011/08/08 09:48:34 | 000,311,928 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011/02/07 17:09:08 | 000,021,424 | ---- | M] (SFR) [Auto | Running] -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe -- (SFR.DashBoard.Service) SRV - [2009/06/26 09:26:20 | 000,085,504 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2009/02/05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/04/15 17:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2011/07/21 20:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/05/10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/05/10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/11/17 16:27:44 | 000,105,344 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jrdusbser.sys -- (jrdusbser) DRV - [2010/04/27 16:09:36 | 001,605,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009/08/31 12:18:16 | 005,891,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/05/06 18:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2009/03/02 07:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2009/02/03 08:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2008/08/05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2006/11/02 15:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO) DRV - [2006/01/04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_one&r=0xph06113725l03g4wu45w88n23869 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_one&r=0xph06113725l03g4wu45w88n23869 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_one&r=0xph06113725l03g4wu45w88n23869 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/08 00:06:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/08 08:41:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/07/10 22:17:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/06/21 13:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Extensions [2011/06/21 13:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/08/15 10:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\moi\Application Data\Mozilla\Firefox\Profiles\vlch6e23.default\extensions [2011/06/21 13:52:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions () (No name found) -- C:\DOCUMENTS AND SETTINGS\MOI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VLCH6E23.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\MOI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\VLCH6E23.DEFAULT\EXTENSIONS\UNPLUG@COMPUNACH.XPI [2011/06/28 23:40:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011/09/08 08:41:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2008/04/14 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe (Insyde Software Corp.) O4 - HKLM..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe (Insyde Software Corp.) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix) O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( ) O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5908D28B-6889-42B0-ABA3-78791E7D226C}: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/01 23:30:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SFR_Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/09/08 10:42:22 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe [2011/09/08 09:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/09/08 00:06:38 | 000,307,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/09/08 00:06:38 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/09/08 00:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! Free Antivirus [2011/09/08 00:06:37 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/09/08 00:06:37 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/09/08 00:06:37 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/09/08 00:06:36 | 000,102,616 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/09/08 00:06:36 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/09/08 00:06:36 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/09/08 00:06:19 | 000,040,112 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/09/08 00:06:18 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/09/08 00:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011/09/08 00:05:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/08/29 23:01:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\normandie2011 [2011/08/13 20:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Mes documents\pilotesreseau [2011/08/13 18:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SFR [2011/08/13 18:34:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\moi\Local Settings\Application Data\SFR [2011/08/13 18:34:45 | 000,105,344 | ---- | C] (TCT International Mobile Ltd) -- C:\WINDOWS\System32\drivers\jrdusbser.sys [2011/08/13 18:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\SFR [2011/06/21 13:23:41 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll [2011/06/21 13:23:37 | 000,225,280 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll [2009/08/02 09:09:54 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll [14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/09/08 10:47:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/09/08 10:42:53 | 000,879,225 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\SecurityCheck.exe [2011/09/08 10:42:30 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\moi\Bureau\OTL.exe [2011/09/08 10:11:02 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/09/08 09:13:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\moi\Bureau\~$VIRUS.rtf [2011/09/08 09:12:25 | 000,003,663 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\VIRUS.rtf [2011/09/08 08:44:31 | 000,502,688 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2011/09/08 08:44:31 | 000,434,032 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/09/08 08:44:31 | 000,081,816 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2011/09/08 08:44:31 | 000,068,318 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/09/08 08:39:45 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/09/08 08:39:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/09/08 08:39:19 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys [2011/09/08 00:06:38 | 000,001,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2011/09/08 00:06:37 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/09/07 23:15:34 | 002,474,001 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110907 nice _03.JPG [2011/09/07 23:12:10 | 002,331,936 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110907 nice _02.JPG [2011/09/07 23:09:31 | 001,159,462 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110907 nice _11.JPG [2011/09/07 22:39:33 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/09/05 22:32:05 | 000,757,509 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110905 nice _04.JPG [2011/09/05 22:31:09 | 000,886,583 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110905 nice _03.JPG [2011/09/05 22:30:56 | 000,849,225 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\110905 nice _01.JPG [2011/09/04 00:36:37 | 000,006,536 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\SnoodPrf.21W [2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011/09/01 23:31:49 | 000,081,390 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Capturer03.JPG [2011/09/01 23:28:13 | 000,065,190 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Capturer02.JPG [2011/09/01 23:25:21 | 000,074,458 | ---- | M] () -- C:\Documents and Settings\moi\Bureau\Capturer01.JPG [2011/08/23 23:56:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/08/15 22:30:03 | 000,000,230 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\SFR.rtf [2011/08/13 18:34:48 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Gestionnaire de Connexion.lnk [14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/09/08 10:47:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/09/08 10:42:51 | 000,879,225 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\SecurityCheck.exe [2011/09/08 09:13:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\moi\Bureau\~$VIRUS.rtf [2011/09/08 09:12:24 | 000,003,663 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\VIRUS.rtf [2011/09/08 00:06:38 | 000,001,693 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk [2011/09/07 23:15:01 | 002,474,001 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110907 nice _03.JPG [2011/09/07 23:11:40 | 002,331,936 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110907 nice _02.JPG [2011/09/07 23:09:16 | 001,159,462 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110907 nice _11.JPG [2011/09/05 22:31:30 | 000,757,509 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110905 nice _04.JPG [2011/09/05 22:31:09 | 000,886,583 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110905 nice _03.JPG [2011/09/05 22:30:13 | 000,849,225 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\110905 nice _01.JPG [2011/09/01 23:31:47 | 000,081,390 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Capturer03.JPG [2011/09/01 23:28:11 | 000,065,190 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Capturer02.JPG [2011/09/01 23:25:19 | 000,074,458 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\Capturer01.JPG [2011/08/15 22:30:03 | 000,000,230 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\SFR.rtf [2011/08/13 22:31:37 | 000,006,536 | ---- | C] () -- C:\Documents and Settings\moi\Bureau\SnoodPrf.21W [2011/08/13 18:37:59 | 001,037,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2011/08/13 18:34:48 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Gestionnaire de Connexion.lnk [2011/06/21 13:52:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2011/06/21 13:34:01 | 000,106,496 | ---- | C] () -- C:\WINDOWS\FixUVC.exe [2011/06/21 13:23:41 | 001,759,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys [2011/06/21 13:23:41 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys [2011/06/21 13:23:41 | 000,000,323 | ---- | C] () -- C:\WINDOWS\PidList.ini [2009/08/02 09:09:45 | 000,502,688 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat [2009/08/02 09:09:45 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat [2009/08/02 09:09:45 | 000,081,816 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat [2009/08/02 09:09:45 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat [2009/08/02 09:09:33 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2009/08/02 09:09:30 | 000,434,032 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2009/08/02 09:09:30 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2009/08/02 09:09:30 | 000,068,318 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2009/08/02 09:09:30 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2009/08/02 09:09:30 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2009/08/02 09:09:29 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2009/08/02 09:09:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2009/08/02 09:09:25 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2009/08/02 09:09:25 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2009/08/02 09:09:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2009/08/02 09:09:13 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2009/08/02 02:52:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009/08/02 01:24:54 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009/08/02 01:24:08 | 000,251,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009/08/02 01:19:28 | 000,001,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat [2009/08/02 01:19:28 | 000,000,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat [2009/08/02 01:19:28 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat [2009/08/02 01:19:28 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat [2009/08/02 01:19:28 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat [2009/08/02 01:19:27 | 000,189,796 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTConvEQ.dat [2009/08/02 01:19:27 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat [2009/08/02 01:19:27 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat [2009/08/02 01:18:32 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll [2009/08/01 23:33:43 | 000,007,003 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2009/08/01 23:33:42 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe [2009/08/01 23:32:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009/08/01 23:28:35 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009/08/01 23:27:42 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2009/02/25 04:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/06/19 23:15:57 | 000,176,732 | ---- | M] () -- C:\aaw7boot.log [2009/08/01 23:30:27 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2011/06/21 13:14:33 | 000,000,216 | RHS- | M] () -- C:\boot.ini [2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2009/08/01 23:30:27 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS [2011/09/08 08:39:19 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys [2009/08/01 23:30:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/07/26 10:50:52 | 000,002,060 | ---- | M] () -- C:\MOD01SET0J00P2000X.enc [2008/09/11 11:27:43 | 000,002,488 | ---- | M] () -- C:\MOD01WOS02FRP20001.enc [2009/08/01 23:30:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/09/08 08:39:17 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys [2011/09/08 10:47:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/06/21 13:33:36 | 000,002,139 | ---- | M] () -- C:\RHDSetup.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [14 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2009/08/02 01:23:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2009/08/02 01:23:46 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2009/08/02 01:23:45 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2011/07/15 15:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys [2011/07/08 16:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndistapi.sys [2011/06/24 16:10:47 | 000,139,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-06 21:42:59 < End of report > quel pavé ! bon courage olala
- le 8 septembre 2011
- 18 réponses
[Résolu] FREEzeFrog et autres malfaisants

olala a posté un sujet dans Analyses et éradication malwares

Bonjour Zébulon (?) Mon ordinateur est infecté, je me suis donc inscrite sur le site pour vous demander de m'aider J'ai lu qu'il fallait faire des analyses je les ai faites le scan-results: C:\Backup\moi\Mes documents\Téléchargements\Miro_Installer.exe Win32/Toolbar.Zugo application C:\Documents and Settings\moi\Local Settings\Temp\Extract.bat Win32/Autoit.NJG cheval de troie C:\Documents and Settings\moi\Local Settings\Temp\freezefrogsa.exe menaces multiples C:\Documents and Settings\moi\Local Settings\Temp\FREEzeFrogUpgrade.exe menaces multiples C:\Documents and Settings\moi\Local Settings\Temp\user.js Win32/Autoit.NJG cheval de troie C:\Documents and Settings\moi\Local Settings\Temp\vlc_win32.exe Win32/Autoit.NJG cheval de troie C:\Documents and Settings\moi\Local Settings\Temp\nsy16.tmp\Install.dll une variante de Win32/Adware.HotBar.E application C:\Documents and Settings\moi\Local Settings\Temp\~nsu.tmp\Au_.exe une variante de Win32/Adware.HotBar.E application C:\Documents and Settings\moi\Local Settings\Temporary Internet Files\Content.IE5\8PIR4PAB\software[1].htm HTML/ScrInject.B.Gen virus C:\Documents and Settings\moi\Mes documents\Téléchargements\VLCSetup.exe une variante de Win32/Adware.HotBar.H application merci d'avance à qui voudra bien me répondre olala
- le 8 septembre 2011
- 18 réponses

Connexion

olala

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par olala

[Résolu] FilesBunker me poursuit

[Résolu] FilesBunker me poursuit

[Résolu] FilesBunker me poursuit

[Résolu] FilesBunker me poursuit

[Résolu] FilesBunker me poursuit

[Résolu] Ouverture intempestive de sites Internet

[Résolu] Ouverture intempestive de sites Internet

[Résolu] Ouverture intempestive de sites Internet

[Résolu] Ouverture intempestive de sites Internet

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

On m'a oublié !

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

[Résolu] FREEzeFrog et autres malfaisants

Zebulon

Outils en ligne

Naviguer