Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Pubs intempestives [RESOLU]

Fanny33

Par Fanny33
dans Analyses et éradication malwares

 Partager

Messages recommandés

Fanny33 Junior Member

Fanny33

Posté(e)
Posté(e) (modifié)

Bonsoir,

Comme beaucoup j'ai des problèmes de publicités intempestives dès mon ouverture de Firefox.

J'ai effectué toutes les opérations de pré-nettoyage.

Je poste donc le rapport Hijackthis.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:48:16, on 23/11/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\sony\ISB Utility\ISBMgr.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\sony\Network Utility\LANUtil.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Fanny\AppData\Local\ogophpqx.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Program Files\Rex\RexDaemon\RexDaemon.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\conime.exe

C:\Program Files\HijackThis\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navcli...YS_frFR334FR335

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://wpad.insa-toulouse.fr/wpad.dat

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll

O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPAIEAddOn.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1800\wso.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [internet Today Task] "C:\Program Files\Internet Today\1.1.0.1090\InternetToday.exe"

O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ogophpqx] "c:\users\fanny\appdata\local\ogophpqx.exe" ogophpqx

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Service Rex.lnk = C:\Program Files\Rex\RexDaemon\RexDaemon.exe

O4 - Global Startup: McAfee Security Scan.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FEB6AB-23A4-4AA3-B8C5-8C9A82E1C485}: NameServer = 195.83.9.11,195.83.9.12

O18 - Protocol: skype4com - (no CLSID) - (no file)

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe

O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe

O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe

O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 10897 bytes

 

 

 

 

En attente de votre aide, un grand merci d'avance.

Fanny.

Modifié par Fanny33

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

Salut et bienvenue sur le forum :P

 

Quelques liens pour t'aider à commencer :

 

On va voir ensemble ce qui se passe sur ton PC ; comme tous les intervenants ici, nous aidons bénévolement en fonction de nos activités personnelles. On va essayer d'aller au plus vite, mais il faudra peut-être parfois être patient pour attendre une réponse, pas d'affolement :P

 

Pour répondre ou ajouter un post, un rapport, etc, utilise le bouton t_reply.gif. :P

(bouton qui se trouve entre "Flash" et "Nouveau")

 

*********

 

Pour te débarrasser de ces pubs en quelques secondes >>

 

Particularités si vous avez Windows Vista:

 

1) Désactivez l'UAC durant toute l'utilisation de Navilog1

2) Toujours lancer Navilog1 via clic-droit "exécuter en tant qu'administrateur"

 

******

 

Télécharge Navilog1(par IL-MAFIOSO) sur ton bureau

 

  • Ensuite double clique sur navilog1.exe pour lancer l'installation.
  • Une fois l'installation terminée, double-clique sur le raccourci Navilog1 présent sur le bureau.
     
  • Laisse-toi guider. Appuie sur une touche quand on te le demande.
  • Au menu principal, choisis 1 et valide.
     
    < Ne fais pas le choix 2 >
     
  • Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
  • Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.
     
  • Patiente jusqu'au message "Scan terminé le......"
  • Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
  • Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.
     
  • PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt

Fanny33 Junior Member

Fanny33

Posté(e)
  • Auteur
Posté(e)

Voilà le nouveau rapport :

 

 

Fix Navipromo version 4.0.5 commencé le 23/11/2009 21:12:19,33

 

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!

!!! Postez ce rapport sur le forum pour le faire analyser !!!

 

Outil exécuté depuis C:\Program Files\navilog1

 

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

 

Microsoft® Windows Vista Édition Familiale Premium ( v6.0.6002 ) Service Pack 2

X86-based PC ( Multiprocessor Free : Intel® Pentium® Dual CPU T3400 @ 2.16GHz )

BIOS : BIOS Date: 05/09/08 11:12:06 Ver: 08.00.10

USER : Fanny ( Administrator )

BOOT : Normal boot

 

 

 

 

C:\ (Local Disk) - NTFS - Total:288 Go (Free:65 Go)

D:\ (USB) - FAT - Total:982 Mo (Free:0 Go)

E:\ (USB)

F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

 

 

Recherche executée en mode normal

 

Nettoyage exécuté au redémarrage de l'ordinateur

 

 

C:\Windows\prefetch\ogophpqx*.pf supprimé !

C:\Users\Fanny\AppData\Local\ogophpqx.exe supprimé !

C:\Users\Fanny\AppData\Local\ogophpqx.dat supprimé !

C:\Users\Fanny\AppData\Local\ogophpqx_nav.dat supprimé !

C:\Users\Fanny\AppData\Local\ogophpqx_navps.dat supprimé !

 

 

Nettoyage contenu C:\Windows\Temp effectué !

Nettoyage contenu C:\Users\Fanny\AppData\Local\Temp effectué !

 

 

*** Sauvegarde du Registre vers dossier Safebackup ***

 

sauvegarde du Registre réalisée avec succès !

 

*** Nettoyage Registre ***

 

Nettoyage Registre Ok

 

 

 

 

*** Scan terminé 23/11/2009 21:16:17,33 ***

 

 

 

 

 

Merci beaucoup pour cette aide aussi rapide apportée à des novices comme moi!

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

De rien! Tu me confirmera, mais normalement tu ne dois plus voir ces pubs intempestives s'afficher lors de tes surfs :P

 

On va en profiter pour faire un petit scan supplémentaire avec un programme que tu vas pouvoir conserver: si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complêt"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

 

Ca permettra de voir si rien ne nous échappe.

Fanny33 Junior Member

Fanny33

Posté(e)
  • Auteur
Posté(e)

En effet, je n'ai plus de publicités! Enfin! Merci énormément!

Autre rapport :

 

 

 

Malwarebytes' Anti-Malware 1.41

Version de la base de données: 3219

Windows 6.0.6002 Service Pack 2

 

23/11/2009 22:46:13

mbam-log-2009-11-23 (22-46-13).txt

 

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|)

Eléments examinés: 241791

Temps écoulé: 1 hour(s), 3 minute(s), 28 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 6

Clé(s) du Registre infectée(s): 20

Valeur(s) du Registre infectée(s): 1

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 23

Fichier(s) infecté(s): 61

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

C:\Program Files\Web Search Operator\3.1.0.1800\WSOCommon.dll (Adware.Agent) -> Delete on reboot.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Delete on reboot.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\ACECommon.dll (Adware.Agent) -> Delete on reboot.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Delete on reboot.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPACommon.dll (Adware.Agent) -> Delete on reboot.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Delete on reboot.

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{565dd573-549e-4da9-8cd7-6ae3df25339a} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet today task (Adware.Agent) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

C:\Program Files\Internet Today\1.1.0.1090 (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800 (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\Data (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\components (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050 (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\Data (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520 (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\Data (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\components (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Quarantined and deleted successfully.

 

Fichier(s) infecté(s):

C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPAIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\WSO.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Users\Fanny\Downloads\installecrocpopup(2).exe (Adware.EShoper) -> Quarantined and deleted successfully.

C:\Users\Fanny\Downloads\installecrocpopup.exe (Adware.EShoper) -> Quarantined and deleted successfully.

C:\Users\Fanny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\InternetToday.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\Microsoft.VC80.CRT.manifest (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\msvcr80.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\PixelLogExe.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Internet Today\1.1.0.1090\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\WSOCommon.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\wsopx.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\WSOAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\content\WSOAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\chrome\content\WSOAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Web Search Operator\3.1.0.1800\FF\components\WSOFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\ACECommon.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\ACEIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\acepx.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Automated Content Enhancer\4.1.0.5050\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPAHelper.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPAIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\CPAIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\cpapx.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Customized Platform Advancer\3.1.0.1520\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

Très bien! on a bien fait de passer MBAM!

 

On va finir comme ceci >>

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit

Fanny33 Junior Member

Fanny33

Posté(e)
  • Auteur
Posté(e)

Log.txt

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Fanny at 2009-11-23 23:05:33

Microsoft® Windows Vista Édition Familiale Premium Service Pack 2

System drive C: has 67 GB (23%) free of 295 GB

Total RAM: 3038 MB (54% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:05:43, on 23/11/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\sony\ISB Utility\ISBMgr.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\sony\Marketing Tools\MarketingTools.exe

C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\sony\Network Utility\LANUtil.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Program Files\Rex\RexDaemon\RexDaemon.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Windows\system32\conime.exe

C:\Program Files\Cisco Systems\VPN Client\vpngui.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\McAfee Security Scan\1.0.150\McUICnt.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Fanny\Downloads\RSIT.exe

C:\Program Files\HijackThis\Fanny.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navcli...YS_frFR334FR335

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://wpad.insa-toulouse.fr/wpad.dat

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Service Rex.lnk = C:\Program Files\Rex\RexDaemon\RexDaemon.exe

O4 - Global Startup: McAfee Security Scan.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{111A417F-10A3-4C43-92E7-3B558B82C292}: Domain = insa-toulouse.fr

O17 - HKLM\System\CCS\Services\Tcpip\..\{111A417F-10A3-4C43-92E7-3B558B82C292}: NameServer = 195.83.9.11,195.83.9.12

O17 - HKLM\System\CCS\Services\Tcpip\..\{A6FEB6AB-23A4-4AA3-B8C5-8C9A82E1C485}: NameServer = 195.83.9.11,195.83.9.12

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = insa-toulouse.fr

O17 - HKLM\System\CS1\Services\Tcpip\..\{111A417F-10A3-4C43-92E7-3B558B82C292}: Domain = insa-toulouse.fr

O17 - HKLM\System\CS1\Services\Tcpip\..\{111A417F-10A3-4C43-92E7-3B558B82C292}: NameServer = 195.83.9.11,195.83.9.12

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = insa-toulouse.fr

O18 - Protocol: skype4com - (no CLSID) - (no file)

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe

O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe

O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe

O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 11185 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\User_Feed_Synchronization-{993CC614-5B25-41B4-B820-E2D485B41097}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-06 6703648]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-10 835584]

"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2008-12-18 317288]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-22 30192]

"MarketingTools"=C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2009-03-30 26112]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-20 177472]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2008-12-21 274432]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

VPN Client.lnk - C:\Windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico

 

C:\Users\Fanny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Service Rex.lnk - C:\Program Files\Rex\RexDaemon\RexDaemon.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

igfxdev.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]

C:\Windows\system32\VESWinlogon.dll [2009-01-19 98304]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d9b5ccc-cabc-11de-ae5e-001dbaea6865}]

shell\AutoRun\command - H:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fbe168f-6d12-11de-891a-001dbaea6865}]

shell\AutoRun\command - G:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b60df49a-8c96-11de-8a7d-001dbaea6865}]

shell\AutoRun\command - H:\LaunchU3.exe -a

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec8d90a4-68bf-11de-a230-806e6f6e6963}]

shell\AutoRun\command - F:\Autorun.exe

 

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2009-11-23 23:05:33 ----D---- C:\rsit

2009-11-23 21:40:25 ----D---- C:\Users\Fanny\AppData\Roaming\Malwarebytes

2009-11-23 21:40:18 ----D---- C:\ProgramData\Malwarebytes

2009-11-23 21:40:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-11-23 21:12:19 ----A---- C:\cleannavi.txt

2009-11-23 21:12:00 ----D---- C:\Program Files\Navilog1

2009-11-23 20:41:37 ----D---- C:\Program Files\HijackThis

2009-11-23 19:37:39 ----A---- C:\Windows\ntbtlog.txt

2009-11-20 22:00:14 ----D---- C:\ProgramData\McAfee Security Scan

2009-11-20 22:00:14 ----D---- C:\Program Files\McAfee Security Scan

2009-11-18 11:42:31 ----D---- C:\Program Files\Windows Portable Devices

2009-11-18 11:35:35 ----A---- C:\Windows\system32\UIAnimation.dll

2009-11-18 11:35:34 ----A---- C:\Windows\system32\UIRibbonRes.dll

2009-11-18 11:35:33 ----A---- C:\Windows\system32\UIRibbon.dll

2009-11-18 11:35:03 ----A---- C:\Windows\system32\WMPhoto.dll

2009-11-18 11:35:02 ----A---- C:\Windows\system32\cdd.dll

2009-11-18 11:35:01 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2009-11-18 11:35:01 ----A---- C:\Windows\system32\d3d10warp.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\XpsRasterService.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2009-11-18 11:35:00 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\dxdiagn.dll

2009-11-18 11:35:00 ----A---- C:\Windows\system32\dxdiag.exe

2009-11-18 11:35:00 ----A---- C:\Windows\system32\d2d1.dll

2009-11-18 11:34:59 ----A---- C:\Windows\system32\xpsservices.dll

2009-11-18 11:34:59 ----A---- C:\Windows\system32\XpsPrint.dll

2009-11-18 11:34:59 ----A---- C:\Windows\system32\OpcServices.dll

2009-11-18 11:34:59 ----A---- C:\Windows\system32\FntCache.dll

2009-11-18 11:34:59 ----A---- C:\Windows\system32\DWrite.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\dxgi.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\d3d11.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\d3d10level9.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\d3d10core.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\d3d10_1core.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\d3d10_1.dll

2009-11-18 11:34:58 ----A---- C:\Windows\system32\d3d10.dll

2009-11-18 11:32:46 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2009-11-18 11:32:46 ----A---- C:\Windows\system32\wpdbusenum.dll

2009-11-18 11:32:46 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2009-11-18 11:32:25 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2009-11-18 11:32:18 ----A---- C:\Windows\system32\wpdshext.dll

2009-11-18 11:32:18 ----A---- C:\Windows\system32\WpdMtpUS.dll

2009-11-18 11:32:18 ----A---- C:\Windows\system32\WpdConns.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\WPDSp.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\WpdMtp.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\wpd_ci.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-11-18 11:32:17 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-11-18 11:28:12 ----A---- C:\Windows\system32\oleaccrc.dll

2009-11-18 11:28:09 ----A---- C:\Windows\system32\oleacc.dll

2009-11-18 11:28:08 ----A---- C:\Windows\system32\UIAutomationCore.dll

2009-11-17 17:48:03 ----A---- C:\Windows\system32\lsdelete.exe

2009-11-16 23:03:43 ----HDC---- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2009-11-16 23:03:15 ----D---- C:\ProgramData\Lavasoft

2009-11-16 23:03:15 ----D---- C:\Program Files\Lavasoft

2009-11-16 22:19:19 ----D---- C:\ProgramData\Spybot - Search & Destroy

2009-11-16 22:19:19 ----D---- C:\Program Files\Spybot - Search & Destroy

2009-11-13 21:28:05 ----A---- C:\Windows\system32\mshtml.dll

2009-11-13 21:26:21 ----A---- C:\Windows\system32\WSDApi.dll

2009-11-13 15:45:03 ----D---- C:\Program Files\Gameztar Toolbar

2009-11-12 18:12:23 ----D---- C:\ProgramData\Roxio

2009-11-12 18:12:22 ----D---- C:\Users\Fanny\AppData\Roaming\Roxio

2009-11-01 15:50:22 ----D---- C:\Program Files\Common Files\DivX Shared

2009-11-01 15:50:19 ----D---- C:\Program Files\DivX

2009-10-29 11:40:48 ----A---- C:\Windows\system32\wups2.dll

2009-10-29 11:40:47 ----A---- C:\Windows\system32\wucltux.dll

2009-10-29 11:40:47 ----A---- C:\Windows\system32\wuauclt.exe

2009-10-29 11:40:46 ----A---- C:\Windows\system32\wuaueng.dll

2009-10-29 11:40:32 ----A---- C:\Windows\system32\wups.dll

2009-10-29 11:40:31 ----A---- C:\Windows\system32\wudriver.dll

2009-10-29 11:40:31 ----A---- C:\Windows\system32\wuapi.dll

2009-10-29 11:40:18 ----A---- C:\Windows\system32\wuwebv.dll

2009-10-29 11:40:18 ----A---- C:\Windows\system32\wuapp.exe

2009-10-28 11:39:06 ----A---- C:\Windows\system32\wmp.dll

2009-10-28 11:39:03 ----A---- C:\Windows\system32\unregmp2.exe

2009-10-28 11:39:01 ----A---- C:\Windows\system32\wmploc.DLL

 

======List of files/folders modified in the last 1 months======

 

2009-11-23 23:05:42 ----D---- C:\Windows\Temp

2009-11-23 22:55:10 ----D---- C:\Windows\System32

2009-11-23 22:55:10 ----D---- C:\Windows\inf

2009-11-23 22:55:10 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-11-23 22:48:41 ----D---- C:\Windows\Tasks

2009-11-23 22:46:13 ----D---- C:\Program Files

2009-11-23 21:40:19 ----D---- C:\Windows\system32\drivers

2009-11-23 21:40:18 ----D---- C:\ProgramData

2009-11-23 21:21:41 ----HD---- C:\Windows\system32\GroupPolicy

2009-11-23 21:18:41 ----D---- C:\Program Files\Mozilla Firefox

2009-11-23 21:16:19 ----D---- C:\Windows\Prefetch

2009-11-23 20:39:11 ----D---- C:\Windows

2009-11-23 19:23:57 ----D---- C:\Users\Fanny\AppData\Roaming\Skype

2009-11-23 19:15:21 ----SHD---- C:\System Volume Information

2009-11-23 19:14:58 ----SHD---- C:\Windows\Installer

2009-11-23 19:14:58 ----D---- C:\Windows\winsxs

2009-11-23 17:12:33 ----D---- C:\Windows\system32\catroot

2009-11-23 17:08:40 ----D---- C:\Users\Fanny\AppData\Roaming\vlc

2009-11-23 16:03:12 ----D---- C:\Users\Fanny\AppData\Roaming\skypePM

2009-11-23 10:15:06 ----D---- C:\Program Files\Google

2009-11-22 22:31:27 ----D---- C:\ProgramData\Google

2009-11-22 22:30:21 ----D---- C:\ProgramData\eMule

2009-11-22 22:29:55 ----D---- C:\Program Files\3DBELOTE

2009-11-22 22:00:14 ----D---- C:\ProgramData\McAfee

2009-11-22 21:17:32 ----SD---- C:\Windows\Downloaded Program Files

2009-11-22 14:03:34 ----D---- C:\Users\Fanny\AppData\Roaming\dvdcss

2009-11-18 21:39:29 ----D---- C:\Windows\rescache

2009-11-18 21:22:27 ----D---- C:\Windows\system32\Tasks

2009-11-18 11:42:32 ----D---- C:\Windows\system32\fr-FR

2009-11-18 11:42:31 ----D---- C:\Windows\system32\wbem

2009-11-18 11:42:29 ----D---- C:\Windows\system32\zh-TW

2009-11-18 11:42:29 ----D---- C:\Windows\system32\zh-HK

2009-11-18 11:42:29 ----D---- C:\Windows\system32\zh-CN

2009-11-18 11:42:29 ----D---- C:\Windows\system32\uk-UA

2009-11-18 11:42:29 ----D---- C:\Windows\system32\tr-TR

2009-11-18 11:42:29 ----D---- C:\Windows\system32\th-TH

2009-11-18 11:42:29 ----D---- C:\Windows\system32\sv-SE

2009-11-18 11:42:29 ----D---- C:\Windows\system32\sr-Latn-CS

2009-11-18 11:42:29 ----D---- C:\Windows\system32\sl-SI

2009-11-18 11:42:29 ----D---- C:\Windows\system32\sk-SK

2009-11-18 11:42:29 ----D---- C:\Windows\system32\ru-RU

2009-11-18 11:42:29 ----D---- C:\Windows\system32\ro-RO

2009-11-18 11:42:29 ----D---- C:\Windows\system32\pt-PT

2009-11-18 11:42:29 ----D---- C:\Windows\system32\pt-BR

2009-11-18 11:42:29 ----D---- C:\Windows\system32\pl-PL

2009-11-18 11:42:29 ----D---- C:\Windows\system32\nl-NL

2009-11-18 11:42:29 ----D---- C:\Windows\system32\nb-NO

2009-11-18 11:42:29 ----D---- C:\Windows\system32\lv-LV

2009-11-18 11:42:29 ----D---- C:\Windows\system32\lt-LT

2009-11-18 11:42:29 ----D---- C:\Windows\system32\ko-KR

2009-11-18 11:42:29 ----D---- C:\Windows\system32\ja-JP

2009-11-18 11:42:29 ----D---- C:\Windows\system32\it-IT

2009-11-18 11:42:29 ----D---- C:\Windows\system32\hu-HU

2009-11-18 11:42:29 ----D---- C:\Windows\system32\hr-HR

2009-11-18 11:42:29 ----D---- C:\Windows\system32\he-IL

2009-11-18 11:42:29 ----D---- C:\Windows\system32\fi-FI

2009-11-18 11:42:29 ----D---- C:\Windows\system32\et-EE

2009-11-18 11:42:29 ----D---- C:\Windows\system32\es-ES

2009-11-18 11:42:29 ----D---- C:\Windows\system32\en-US

2009-11-18 11:42:29 ----D---- C:\Windows\system32\el-GR

2009-11-18 11:42:29 ----D---- C:\Windows\system32\de-DE

2009-11-18 11:42:29 ----D---- C:\Windows\system32\da-DK

2009-11-18 11:42:29 ----D---- C:\Windows\system32\cs-CZ

2009-11-18 11:42:29 ----D---- C:\Windows\system32\bg-BG

2009-11-18 11:42:29 ----D---- C:\Windows\system32\ar-SA

2009-11-18 11:35:22 ----D---- C:\Windows\system32\catroot2

2009-11-16 23:05:12 ----DC---- C:\Windows\system32\DRVSTORE

2009-11-15 02:33:21 ----D---- C:\Program Files\Windows Mail

2009-11-14 14:39:48 ----D---- C:\ProgramData\Microsoft Help

2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe

2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe

2009-11-01 15:50:22 ----D---- C:\Program Files\Common Files

2009-10-29 11:44:22 ----D---- C:\Program Files\Windows Media Player

2009-10-29 11:44:22 ----D---- C:\Program Files\Internet Explorer

2009-10-29 11:34:25 ----D---- C:\Windows\system32\WDI

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-08-17 23152]

R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-08-17 114768]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-08-17 51376]

R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2008-11-24 10216]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-08-17 53328]

R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2007-04-03 306295]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-25 12672]

R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-10-23 68608]

R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2008-10-23 46592]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-25 8192]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 17920]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-10-23 937984]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-01-06 3847168]

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-25 985600]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-25 207360]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-06 2254880]

R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2008-11-19 9344]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-10 181560]

R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-25 659968]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-05-28 310272]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-06-05 39424]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-06-07 131000]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-01-06 692224]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]

R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-24 1169232]

R2 NSUService;NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [2008-12-21 303104]

R2 uCamMonitor;CamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

R2 VAIO Event Service;VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [2009-01-19 203624]

R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 415592]

R2 VCFw;VAIO Content Folder Watcher; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]

R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-01-21 192512]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-25 386560]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]

R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-01-21 313264]

S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-22 30192]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2009-01-07 114688]

S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-01-20 120104]

S3 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-01-20 70952]

S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-01-20 390440]

S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-01-20 75048]

S3 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-01-20 91432]

S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-01-21 69632]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-01-16 83240]

 

-----------------EOF-----------------

 

 

Info.txt

 

info.txt logfile of random's system information tool 1.06 2009-11-23 23:05:46

 

======Uninstall list======

 

-->"C:\Program Files\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x040c -removeonly

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

-->C:\Program Files\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x040c -removeonly

-->C:\Program Files\InstallShield Installation Information\{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}\setup.exe -runfromtemp -l0x040c -removeonly

-->C:\Program Files\InstallShield Installation Information\{B2C4A8C4-AA20-425D-9FEE-C78039238C81}\setup.exe -runfromtemp -l0x040c -removeonly

-->C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x040c -removeonly

7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"

Activer Norton Online Backup-->MsiExec.exe /I{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}

Ad-Aware-->"C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE

Ad-Aware-->C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}

Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

ArcSoft Magic-i Visual Effects 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7BB90344-0647-468E-925A-7F69F7983421}\Setup.exe" -l0x40c

ArcSoft WebCam Companion 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9973498D-EA29-4A68-BE0B-C88D6E03E928}\Setup.exe" -l0x40c

Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}

avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini

Canon MP210 series-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series /L0x000c

Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini

Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini

Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini

Catalyst Control Center - Branding-->MsiExec.exe /I{9EAC0E21-510E-4259-A9C6-F5D5B8969036}

Cisco Systems VPN Client 5.0.00.0340-->MsiExec.exe /X{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}

Click to Disc Editor-->C:\Program Files\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe -runfromtemp -l0x040c

Click to Disc-->C:\Program Files\InstallShield Installation Information\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}\setup.exe -runfromtemp -l0x040c -removeonly

Croc Pop Up+-->C:\Program Files\crocpopup+\Uninstal.exe

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

 

 

 

 

 

Voilà lesdeux rapports demandés.

Encore merci du temps que vous m'accordez.

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

ok c'est tout bon :P

 

Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

 

O4 - Global Startup: McAfee Security Scan.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

-Ferme tous les programmes et clique sur "Fix Checked"

 

Une petite correction dans la base de registre >>

 

Rend toi sur cette page afin de télécharger le fichier nuke.reg sur ton Bureau => http://senduit.com/da82ba

Patiente une seconde: le téléchargement va se lancer automatiquement.

 

Double-clique sur le fichier: au message qui s'affiche, clique sur OK pour faire fusionner le fichier avec le registre.

Elimine le fichier une fois l'opération effectuée.

 

Je repasse pour quelques conseils :P

Fanny33 Junior Member

Fanny33

Posté(e)
  • Auteur
Posté(e)

Bonjour,

Ca y est, j'ai effectué les dernières manipulations!

On touche au but!

 

Merci pour votre aide, et c'est vrai que je ne serais pas contre quelques conseils pour sécuriser mon ordinateur!

Merci encore.

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Tu peux désinstaller le programme navilog 4.0.5 à présent.

Supprime aussi le dossier C:\Program Files\Navilog1

 

Tu peux conserver RSIT si tu veux. Il pourrait te servir de nouveau. Sinon, supprime le fichier RSIT.exe sur le Bureau ainsi que le dossier C:\rsit

 

Tu peux conserver MBAM: Il ne protègera pas ton pc car pour bénéficier de sa fonction de protection résidente et ses mises à jour automatiques, il faudra acheter la licence. Ceci dit, il est toujours efficace pour nettoyer ton pc! il suffit juste de le mettre à jour manuellement avant tout scan

 

Le pc est protégé par Avast...Je te conseille de lire ce comparatif très intéressant de Malekal Morte afin de te faire une idée quant à l'efficacité de cet antivirus > http://forum.malekal.com/ftopic3528.php

C'est une étude indépendante et sérieuse! Je ne saurais que te conseiller de désinstaller Avast et d'installer Antivir afin de protéger ton pc au mieux.

 

Si tu décides d'installer Antivir procède ainsi >

 

-Télécharge Antivir sur le bureau, mais ne le lance pas encore!

 

- Désinstalle Avast et redémarre le pc.

 

- Installe Antivir.

 

- Mets Antivir à jour et configure le en suivant les indications du Tutoriel vidéo d'angelique

(les réglages sont identiques même si la version décrite est en anglais).

 

 

Quand tu voudras faire un scan du pc avec Antivir procède ainsi >>

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

 

Double-clique sur son icône près de l'horloge: cela ouvre l'interface principale.

Clique ensuite sur "Contrôler syst." à droite de "Dernier contrôle syst. intégral".

/!\\ Cela peut être long.

Tu peux sauvegarder le rapport en fin de parcours (bouton "Rapport").

 

Si Antivir détecte des fichiers infectés, mets les en quarantaine: choisis "Déplacer en quarantaine" dans la liste des actions.

Tu peux automatiser ce type d'action en cochant la case Appliquer la sélection à toutes les détections.

img-215734c8f3z.png

Cela permet de ne pas rester à la surveiller.:P

 

*********

 

 

Il faut bien garder ton système et les logiciels à jour pour éviter les vulnérabilités.

Tu peux utiliser ce programme qui aide à faire le point sur les logiciels qui ont besoin d'une mise à jour >>PSI de Secunia<<

 

JavaRa peut t'y aider pour Java : http://raproducts.org/

 

Je te conseille vivement de faire des sauvegardes régulières des données qui ont de l'importance pour toi. Lorsqu'on y pense, il est souvent trop tard! Une grosse infection ou un plantage de la machine peuvent rendre les données irrécupérables... Aussi, afin d'éviter ce gros désagrément, il faut prendre l'habitude de faire des sauvegardes régulières. Pour celà je te conseille le logiciel gratuit >>Cobian Backup 8<<

Ce tutoriel montre comment l'utiliser >> http://www.astucesinternet.com/modules/new...php?storyid=207

 

Des conseils pour sécuriser ton pc au mieux et comprendre les dangers liés à l'utilisation de l'internet dans les deux lien ci-dessous. Je t'invite à prendre le temps de bien lire tout cela, de t'informer, d'essayer... Pour trouver quels sont les softs qui te conviennent le mieux.

 

Malekal_Morte : http://www.malekal.com/

Ipl_001 : http://IPL001.free.fr/IT/IT-AM0.html

 

Windows Update parfaitement à jour (catégorie critique, Services Pack et Services Release )

- pare-feu bien paramétré- antivirus bien paramétré et mis à jour régulièrement(quotidiennement s'il le faut) avec un scan complet régulier.

- IMPORTANT :une attitude prudente vis à vis de la navigation (pas de sites douteux:cracks, warez, etc) et vis à vis de la messagerie (fichiers joints aux messages doivent être scanné avant d'être ouvert ainsi que les fichiers téléchargés dont la provenance n'est pas sûre!!)

- une attitude vigilante (être l'affût de fonctionnements inhabituels de ton système)

- nettoyage hebdomadaire du système (suppression des fichiers inutiles avec ATF cleaner, defragmentation du disque dur régulière)

- scan hebdomadaire antispyware

***

 

Pense à changer le titre et y rajouter " Résolu" stp.

Sous ton premier message, clique sur le bouton "Editer" puis "Edition complête".

Là, tu aura la possibilité d'éditer ton titre et d'y ajouter [résolu]

 

bon surf @ toi :P

A bientot sur les forums de 27yq3wj.gif sans malwares! :P

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...