|
|
| Auteur | Message |
|---|
thierry68
Bibou
  
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
 |  Sujet: probleme avec IE  Dim 6 Juil - 15:32 | |
| bonjour ,
j'ai un proleme avec IE, je n'arrive plus a ouvrir IE et tout autre connexion vers une adresse depuis dans un mail!!! un message " application introuvable " s'affiche a chaque fois. que ce passe t'il et comment y remedier
merci d'avance......... |
|
  | |
K1ks
Moderateurs (trices)
 
Age : 21
Inscrit le : 11 Déc 2007
Messages : 2421
Localisation : ...
| | Sujet: Re: probleme avec IE Dim 6 Juil - 15:38 | |
| | thierry68 a écrit: | voici mon rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:32, on 06/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - C:\WINDOWS\system32\nsd28.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {BCA95E31-1FBF-4F84-8F23-1BA653007A1E} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ItsTV] "E:\Programmes files 02\eoRezo\EoDesk3d\ItsTV.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SaitekInstall] "F:\WinXP\Setup.exe" -S0 -R
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MediaDICO36] E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [RegistryCleanFixMFC] C:\Program Files\RegistryCleanFix2008\RegistryCleaner2008.exe
O4 - HKCU\..\Run: [Windows] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\SRVSPOOL.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Raconfig.lnk = C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Thierry
O17 - HKLM\Software\..\Telephony: DomainName = Thierry
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Thierry
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Thierry
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Thierry
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 13371 bytes |
_________________
*******************************************************************
 |
|
| | |
K1ks
Moderateurs (trices)
Age : 21
Inscrit le : 11 Déc 2007
Messages : 2421
Localisation : ...
| | Sujet: Re: probleme avec IE Dim 6 Juil - 15:46 | |
| Salut thierry68 , d'apres ton rapport hijackthis , tu es belle et bien infecté !!
On va en savoir plus avec ceci :
Télécharge Deckard System Scanner
>>> Lien et Tuto ici <<<
# Suis les indications et poste le rapport obtenu dans ton prochain message.
_________________
*******************************************************************
|
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport deckard page01 Dim 6 Juil - 16:08 | |
| Deckard's System Scanner v20071014.68
Run by User on 2008-07-06 16:52:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
26: 2008-07-06 14:52:30 UTC - RP137 - Deckard's System Scanner Restore Point
25: 2008-07-06 14:49:38 UTC - RP136 - Spyware Doctor: Cleaning Threats
24: 2008-07-02 17:30:29 UTC - RP135 - Windows Internet Explorer 7 installé.
23: 2008-07-02 17:30:20 UTC - RP134 - Installed Windows IDNMitigationAPIs.
22: 2008-07-02 17:29:54 UTC - RP133 - Installed Windows NLSDownlevelMapping.
-- First Restore Point --
1: 2008-04-03 13:21:01 UTC - RP112 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as User.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:33, on 06/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
E:\Programme non executer\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - C:\WINDOWS\system32\nsd28.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {BCA95E31-1FBF-4F84-8F23-1BA653007A1E} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ItsTV] "E:\Programmes files 02\eoRezo\EoDesk3d\ItsTV.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SaitekInstall] "F:\WinXP\Setup.exe" -S0 -R
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MediaDICO36] E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe Lancement
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [RegistryCleanFixMFC] C:\Program Files\RegistryCleanFix2008\RegistryCleaner2008.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Raconfig.lnk = C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Thierry
O17 - HKLM\Software\..\Telephony: DomainName = Thierry
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Thierry
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Thierry
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Thierry
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 13088 bytes |
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport deckard page02 Dim 6 Juil - 16:09 | |
| -- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys
R2 atksgt - c:\windows\system32\drivers\atksgt.sys
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys
R3 ASAPIW2K - c:\windows\system32\drivers\asapiw2k.sys
R3 btwhid - c:\windows\system32\drivers\btwhid.sys
R3 cmpci (C-Media PCI Audio Driver (WDM)) - c:\windows\system32\drivers\cmaudio.sys
R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys
S3 CamAv (SAMSUNG Video Capture) - c:\windows\system32\drivers\camav.sys
S3 CAMFLT (%CAMFLT.SvcDesc%) - c:\windows\system32\drivers\camflt.sys
S3 RT2400 (RT2400 Wireless Driver) - c:\windows\system32\drivers\rt2400.sys
S3 SE2Bbus (Sony Ericsson Device 043 Driver driver (WDM)) - c:\windows\system32\drivers\se2bbus.sys
S3 SE2Bmdfl (Sony Ericsson Device 043 USB WMC Modem Filter) - c:\windows\system32\drivers\se2bmdfl.sys
S3 SE2Bmdm (Sony Ericsson Device 043 USB WMC Modem Driver) - c:\windows\system32\drivers\se2bmdm.sys
S3 SE2Bmgmt (Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se2bmgmt.sys
S3 se2Bnd5 (Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS)) - c:\windows\system32\drivers\se2bnd5.sys
S3 SE2Bobex (Sony Ericsson Device 043 USB WMC OBEX Interface) - c:\windows\system32\drivers\se2bobex.sys
S3 se2Bunic (Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM)) - c:\windows\system32\drivers\se2bunic.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe"
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: Prise en charge d'impression USB
Device ID: USB\VID_043D&PID_0057\5&13E31E82&0&2
Manufacturer: Microsoft
Name: Prise en charge d'impression USB
PNP Device ID: USB\VID_043D&PID_0057\5&13E31E82&0&2
Service: usbprint
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_811A1043&REV_13\4&3B1D9AB8&0&2040
Manufacturer: Marvell
Name: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_811A1043&REV_13\4&3B1D9AB8&0&2040
Service: yukonwxp
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: ASUS 802.11b Wireless LAN Card
Device ID: PCI\VEN_1814&DEV_0101&SUBSYS_01271043&REV_00\4&3B1D9AB8&0&2840
Manufacturer: Ralink Technology Corp.
Name: ASUS 802.11b Wireless LAN Card
PNP Device ID: PCI\VEN_1814&DEV_0101&SUBSYS_01271043&REV_00\4&3B1D9AB8&0&2840
Service: RT2400
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Port jeu standard
Device ID: CMI\CHILD0000\5&68C6C5B&0&0000
Manufacturer: (Périphériques système standard)
Name: Port jeu standard
PNP Device ID: CMI\CHILD0000\5&68C6C5B&0&0000
Service: gameenum
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Périphérique MIDI compatible MPU-401
Device ID: CMI\CHILD0001\5&68C6C5B&0&0000
Manufacturer: Microsoft
Name: Périphérique MIDI compatible MPU-401
PNP Device ID: CMI\CHILD0001\5&68C6C5B&0&0000
Service: ms_mpu401
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\PRINTER\0000
Manufacturer:
Name:
PNP Device ID: ROOT\PRINTER\0000
Service:
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ROOT\PRINTER\0001
Manufacturer:
Name:
PNP Device ID: ROOT\PRINTER\0001
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-07-06 16:25:45 420 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4373B4B7-073B-468C-9221-711895C76A5C}.job
2008-07-06 16:24:18 252 --a------ C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
2008-07-01 10:15:58 406 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
2008-04-24 20:27:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-06-06 and 2008-07-06 -----------------------------
2008-07-01 10:16:29 0 d-------- C:\Program Files\Spyware Doctor
2008-07-01 10:16:29 0 d-------- C:\Documents and Settings\User\Application Data\PC Tools
2008-07-01 10:16:09 0 d-------- C:\Program Files\Picasa2
2008-07-01 10:15:55 0 d-------- C:\Program Files\Norton Security Scan
2008-06-30 18:58:15 0 d-------- C:\Documents and Settings\User\Application Data\.wyzo
2008-06-11 02:07:20 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-06-11 02:03:26 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-06-11 02:03:26 81920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-06-11 02:03:20 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2008-06-11 02:03:20 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2008-06-11 02:03:20 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll
2008-06-11 02:03:20 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2008-06-11 02:03:18 683520 --a------ C:\WINDOWS\system32\DivX.dll |
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport deckard page03 Dim 6 Juil - 16:10 | |
| -- Find3M Report ---------------------------------------------------------------
2008-07-06 16:27:54 504218 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-07-06 16:27:54 82068 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-07-06 16:24:30 0 d-------- C:\Documents and Settings\User\Application Data\StarOffice8
2008-07-02 18:23:12 0 d-------- C:\Program Files\eMule
2008-07-01 22:12:41 0 d-------- C:\Program Files\DivX
2008-07-01 22:10:52 0 d-------- C:\Documents and Settings\User\Application Data\LimeWire
2008-07-01 18:37:15 0 d-------- C:\Program Files\Google
2008-06-30 18:31:27 0 d-------- C:\Program Files\LimeWire
2008-06-03 18:20:50 0 d-------- C:\Program Files\mp3DirectCut
2008-05-31 10:17:06 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-31 02:42:57 0 d-------- C:\Documents and Settings\User\Application Data\Azureus
2008-05-31 02:40:09 0 d-------- C:\Program Files\Messenger
2008-05-31 02:40:03 0 d-------- C:\Program Files\Movie Maker
2008-05-31 02:39:03 0 d-------- C:\Program Files\Windows NT
2008-05-25 15:38:49 0 d-------- C:\Program Files\Azureus
2008-05-23 00:18:54 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-10 18:42:27 53873 --a------ C:\WINDOWS\system32\adzgalore-remove.exe
2008-05-06 08:49:58 0 d-------- C:\Program Files\Yahoo!
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
03/04/2008 10:52 265360 --a------ C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{994B5FB4-0103-44A6-B6B3-C73572B362BC}]
C:\WINDOWS\system32\nsd28.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BCA95E31-1FBF-4F84-8F23-1BA653007A1E}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll [03/04/2008 10:52 265360]
[-HKEY_CLASSES_ROOT\CLSID\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EoNrj"="" []
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [12/01/2006 16:40]
"EoDesk3d"="" []
"ItsTV"="E:\Programmes files 02\eoRezo\EoDesk3d\ItsTV.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 01:19]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/02/2008 00:13]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 11:25]
"@"="" []
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [26/10/2005 18:17]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [09/03/2008 17:46]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [11/03/2004 02:26]
"KiweeHook"="C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe" [03/04/2008 10:51]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [01/02/2008 12:55]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [01/07/2008 18:04]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 17:46]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 04:33]
"SaitekInstall"="F:\WinXP\Setup.exe" []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" []
"MediaDICO36"="E:\Programmes files 02\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe" [27/05/2004 15:25]
"unilex05"="" []
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [02/09/2007 14:58]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [26/01/2008 04:19]
"PopUpStopperFreeEdition"="C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" [17/03/2005 12:10]
"RegistryCleanFixMFC"="C:\Program Files\RegistryCleanFix2008\RegistryCleaner2008.exe" []
C:\Documents and Settings\User\Menu D‚marrer\Programmes\D‚marrage\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [19/03/2007 00:05:02]
StarOffice 8.lnk - C:\Program Files\Sun\StarOffice 8\program\quickstart.exe [17/08/2007 23:58:18]
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [01/06/2005 21:41:18]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [21/05/2006 09:43:08]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe [07/06/2006 18:05:38]
Digimax Viewer 2.1.lnk - C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [07/01/2008 22:46:55]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 10:01:04]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [26/01/2008 04:19:52]
Raconfig.lnk - C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig.exe [05/01/2008 15:59:21]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
-- Hosts -----------------------------------------------------------------------
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
7835 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-07-06 16:56:09 ------------ |
|
| | |
K1ks
Moderateurs (trices)
Age : 21
Inscrit le : 11 Déc 2007
Messages : 2421
Localisation : ...
| | Sujet: Re: probleme avec IE Dim 6 Juil - 16:32 | |
| Note : ces étapes sont à faire dans l'ordre :
1°) Rouvre Hijackthis clique sur scan seulement ensuite tu recherches et coches le(s) ligne(s) suivante(s)
(si toujours présentes):
| Citation: |
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iesearch.com/
R3 - URLSearchHook: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - C:\WINDOWS\system32\nsd28.dll (file missing)
O2 - BHO: (no name) - {BCA95E31-1FBF-4F84-8F23-1BA653007A1E} - (no file)
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar2\1.5.131\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [ItsTV] "E:\Programmes files 02\eoRezo\EoDesk3d\ItsTV.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar2\1.5.131\kwtbaim.exe"
O4 - HKCU\..\Run: [RegistryCleanFixMFC] C:\Program Files\RegistryCleanFix2008\RegistryCleaner2008.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab |
Ensuite clique sur "Fix Checked" puis confirme le message qui suit
Tuto : http://www.bibou0007.com/outils-specifiques-f78/hijackthis-corriger-fixer-les-lignes-t1579.htm
2°) Supprime ce(s) dossier(s) avec OtMoveIt :
| Citation: |
EmptyTemp
C:\Program Files\Kiwee Toolbar2\
E:\Programmes files 02\eoRezo\
C:\Program Files\RegistryCleanFix2008\
C:\WINDOWS\system32\adzgalore-remove.exe |
>>> Lien et Tuto ici <<<
Suis les indications et poste le rapport obtenu dans ton prochain message.
3°) Créé un fichier Bloc Notes avec le texte qui se trouve dans l'espace ci-dessous (copie/colle) :
| Citation: | REGEDIT4
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{994B5FB4-0103-44A6-B6B3-C73572B362BC}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"=-
[-HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[-HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ItsTV"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"KiweeHook"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RegistryCleanFixMFC"=- |
-Enregistrer ce fichier dans : Bureau
-Nom du fichier : fix.reg
-Type : tous les fichiers !!!
-cliquer sur Enregistrer
-quitter le Bloc Notes
-Utilisation du fichier: fix.reg
- double cliquer sur le fichier (Bureau) / Accepter l'avertissement concernant la fusion / ne pas s'étonner de ne rien voir / valider le message disant que la fusion est terminée.
4°) Télécharge le programme R-Hosts de S!RI. Il va remettre ton fichier Hosts par défaut.
>>> http://siri.urz.free.fr/Softs/RHosts.exe
Double clique sur le programme pour le lancer puis clique sur Restaurer.
Valide la modification en appuyant sur OK.
_________________
*******************************************************************
|
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport Dim 6 Juil - 17:11 | |
| Folder move failed. C:\Program Files\Kiwee Toolbar2\1.5.131 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Kiwee Toolbar2 scheduled to be moved on reboot.
E:\Programmes files 02\eoRezo\EoDesk3d moved successfully.
E:\Programmes files 02\eoRezo\EoAdv\tmp moved successfully.
E:\Programmes files 02\eoRezo\EoAdv moved successfully.
E:\Programmes files 02\eoRezo moved successfully.
Folder C:\Program Files\RegistryCleanFix2008\ not found.
C:\WINDOWS\system32\adzgalore-remove.exe moved successfully.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07062008_175620
Files moved on Reboot...
C:\Program Files\Kiwee Toolbar2\1.5.131 moved successfully.
C:\Program Files\Kiwee Toolbar2 moved successfully. |
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport Dim 6 Juil - 17:15 | |
| r-host ne veut pas s'eteindre quand je click sur ok le message " certains programmes malveillants modifient le fichier hosts.............
cet utilitaires restaure le fichier hosts a son etat d'origine"
que dois je faire maintenant |
|
| | |
K1ks
Moderateurs (trices)
Age : 21
Inscrit le : 11 Déc 2007
Messages : 2421
Localisation : ...
| | Sujet: Re: probleme avec IE Dim 6 Juil - 17:47 | |
| Execute alors un scan avec Malwarebyte's Anti-Malware (anti malware recommandé )
==>Lien et Tuto ici<==
# Suis les indications et poste le rapport obtenu
_________________
*******************************************************************
|
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport malwarebytes Dim 6 Juil - 19:00 | |
| Malwarebytes' Anti-Malware 1.19
Version de la base de données: 927
Windows 5.1.2600 Service Pack 3
19:58:22 06/07/2008
mbam-log-7-6-2008 (19-58-22).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 176858
Temps écoulé: 1 hour(s), 5 minute(s), 5 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{bd219b90-626b-40f4-bfdd-420240dfca2c} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{49bcc77a-79eb-4d50-a6db-04e8202921c4} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adzgalore.optimizer (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adzgalore.optimizer.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SD (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\nsBrowserGal.dll (Adware.Agent) -> Quarantined and deleted successfully. |
|
| | |
K1ks
Moderateurs (trices)
Age : 21
Inscrit le : 11 Déc 2007
Messages : 2421
Localisation : ...
| | Sujet: Re: probleme avec IE Dim 6 Juil - 19:23 | |
| Ok refais moi un nouveau rapport Deckard's System Scanner(DSS)
_________________
*******************************************************************
|
|
| | |
thierry68
Bibou
Age : 31
Inscrit le : 01 Mar 2008
Messages : 21
Localisation : 68100
Humeur : tjrs en progres!
| | Sujet: rapport dss page 01 Dim 6 Juil - 19:43 | |
| rapport dss page01
par thierry68 Aujourd’hui à 20:33
Deckard's System Scanner v20071014.68
Run by User on 2008-07-06 20:28:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as User.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:29:12, on 06/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Belkin\Bluetooth |
|
