franda

Logfile of HijackThis v1.99.1 Scan saved at 20:15:38, on 20/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\Fichiers communs\Talkway\vmtalk.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\Dit.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\WINDOWS\system32\RunDll32.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe C:\Program Files\Club-Internet\Lanceur\lanceur.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\PowerArchiver\POWERARC.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp\_PA744\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe O4 - HKLM\..\Run: [usdr6cw] C:\Program Files\SystemDoctor 2006 Free\usdr6cw.exe -c O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe" -c O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [systemDoctor 2006 Free] C:\Program Files\SystemDoctor 2006 Free\sd2006.exe -scan O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003 O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (HKCU) O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (HKCU) O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124469140515 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124471908906 O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.netprint.com/view/uploader/ImageUploader3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E3B515CB-9294-419F-9C09-BFFE9D2AEC51}: NameServer = 194.117.200.10,194.117.200.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 19:58:33 20/12/2006 + Résultat de l'analyse: C:\System Volume Information\_restore{07AD3D7A-3822-4B84-9AC4-4B06CF406753}\RP268\A0040688.exe -> Adware.DriveCleaner : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{07AD3D7A-3822-4B84-9AC4-4B06CF406753}\RP268\A0040692.dll -> Adware.DriveCleaner : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{07AD3D7A-3822-4B84-9AC4-4B06CF406753}\RP268\A0040693.dll -> Adware.DriveCleaner : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\WinAntiSpyware 2006 Scanner -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\WinAntiSpyware 2006 Scanner\database -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\WinAntiSpyware 2006 Scanner\database\RTMonitor.dat -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). C:\Program Files\WinAntiSpyware 2006 Scanner\database\quaratine.dat -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{07AD3D7A-3822-4B84-9AC4-4B06CF406753}\RP268\A0042559.dll -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\CLSID\{ABCD4567-76B5-4bc7-AAC5-396D70925B11} -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\Interface\{ABCD4567-4D73-43E9-85E5-53A2DBD95411} -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\Interface\{ABCD4567-D8E8-4DF1-A3EA-D0AA72F42611} -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SOFTWARE\Classes\TypeLib\{ABCD4567-7437-43EF-AB74-4AB1D3A37411} -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SYSTEM\ControlSet001\Services\uwasfsd -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SYSTEM\ControlSet001\Services\uwasfsd\Enum -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SYSTEM\ControlSet001\Services\uwasfsd\Security -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SYSTEM\CurrentControlSet\Services\uwasfsd -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SYSTEM\CurrentControlSet\Services\uwasfsd\Enum -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). HKLM\SYSTEM\CurrentControlSet\Services\uwasfsd\Security -> Adware.WinAntiSpyware : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\francis daems\Local Settings\Temp\USDR6V_0001_D18M3107\installer.exe -> Adware.WinFixer : Nettoyé et sauvegardé (mise en quarantaine). C:\RECYCLER\S-1-5-21-263895611-3181349003-2385670009-1006\Dc8\SDRmon.exe -> Adware.WinFixer : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\francis daems\Shared\le gros navion.exe -> Hijacker.Delf.dm : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\francis daems\Mes documents\installdrivecleanerstart_fr.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine). C:\Documents and Settings\francis daems\Application Data\winantispyware2006freeinstall_fr[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine). C:\System Volume Information\_restore{07AD3D7A-3822-4B84-9AC4-4B06CF406753}\RP268\A0042557.exe -> Not-A-Virus.Downloader.Win32.WinFixer.t : Nettoyé et sauvegardé (mise en quarantaine). :mozilla.453:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.454:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.315:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.6:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.94:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][1].txt -> TrackingCookie.Addynamix : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][2].txt -> TrackingCookie.Adition : Nettoyé. :mozilla.450:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé. :mozilla.451:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé. :mozilla.471:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.472:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.486:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.487:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.497:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.498:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.517:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.452:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.463:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.343:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.344:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.345:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.435:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.355:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@estat[1].txt -> TrackingCookie.Estat : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.330:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.331:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.505:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.506:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.507:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.508:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. :mozilla.509:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@komtrack[1].txt -> TrackingCookie.Komtrack : Nettoyé. :mozilla.333:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.334:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\francis daems\Cookies\francis_daems@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.386:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.192:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.198:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.199:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.200:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.227:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.228:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.246:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.252:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.253:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.29:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.58:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][1].txt -> TrackingCookie.Reliablestats : Nettoyé. :mozilla.240:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.241:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.242:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.243:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.244:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.146:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.147:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.148:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.149:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\mathilde\Cookies\[email protected][2].txt -> TrackingCookie.Smartadserver : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.86:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.87:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.88:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.89:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.204:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé. :mozilla.103:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.66:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.72:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.73:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.175:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé. :mozilla.455:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.456:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.457:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.123:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. :mozilla.150:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. :mozilla.99:C:\Documents and Settings\francis daems\Application Data\Mozilla\Firefox\Profiles\9cx713yf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. C:\Documents and Settings\mathilde\Cookies\mathilde@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport merci pour tout mais je crois que ca déconne encore es ce que je dois supprimer les fichiers exclusivement en mode sans echec

Jottis Malwarescan 2.99-TRANSITION_TO_3.00-R1 Datei, die hochgeladen und gescannt werden soll: Dienst Datei: pcd-as.exe Auslastung: 0% 100% Status: OK (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.) Entdeckte Packprogramme: - AntiVir Keine Viren gefunden ArcaVir Keine Viren gefunden Avast Keine Viren gefunden AVG Antivirus Keine Viren gefunden BitDefender Keine Viren gefunden ClamAV Keine Viren gefunden Dr.Web Keine Viren gefunden F-Prot Antivirus Keine Viren gefunden F-Secure Anti-Virus Keine Viren gefunden Fortinet Keine Viren gefunden Kaspersky Anti-Virus Keine Viren gefunden NOD32 Keine Viren gefunden Norman Virus Control Keine Viren gefunden VirusBuster Keine Viren gefunden VBA32 Keine Viren gefunden Powered by Disclaimer Durch das Hochladen von Dateien auf diesen Server stimmen Sie zu, dass ihre Dateien lokal gespeichert werden. Ferner: Dieser Dienst ist keineswegs hundertprozentig sicher. Falls der Scanner ein 'OK' gibt, bedeutet das nicht notwendigerweise, dass die Datei sauber ist. Es könnte ein völlig neuer Virus auf freiem Fuß sein! Verlassen Sie sich niemals auf ein einzelnes Produkt alleine, selbst auf diesen Dienst nicht, obwohl er mehrere Produkte einsetzt. Für Schäden, die durch diesen nichtkommerziellen Online-Dienst verursacht wurden, bin ich daher nicht verantwortlich, noch kann ich dafür verantwortlich gemacht werden. Ich bin mir auch über die Folgen einer Einrichtung wie dieser im klaren. Ich bin mir sicher, dass diese ganze Geschichte keinesfalls wissenschaftlich korrekt ist, da dies ein vollautomatischer Dienst ist (obwohl eine manuelle Korrektur möglich ist). Ich bin mir zum Beispiel bewußt, dass "False Positives" (ein Fehlalarm, bei dem eine saubere Datei irrtümlich als Virus detektiert wird) auftreten könnten, trotz der Anstrengungen, diesen proaktiv zu begegnen. Ich halte das nicht für eine große Sache, also schicken Sie mir bitte keine Emails über solche Vorkommnisse. Dies ist ein einfacher Onlinescanner, und nicht die Universität von Magdeburg. Die Virensignaturen werden jede Stunde aktualisiert. Das Dateigrößenlimit beträgt 15 MB pro Datei. DIE MISSBRÄUCHLICHE NUTZUNG DIESES DIENSTES (EINSCHLIESSLICH DES HOCHLADENS ABSICHTLICH MODIFIZIERTER -GEPACKTER/VERSCHLÜSSELTER/BYTESWAPPED- VERSIONEN DER GLEICHEN DATEI) HAT ZUR FOLGE, DASS IHRE IP GESPERRT WIRD. Bitte fordern Sie keine dieser Viren an, wenn Sie nicht für Hersteller von Anti-Viren-Software arbeiten. Viren sind nicht zum Tauschen da. Das Scannen kann eine Weile dauern, da mehrere Scanner benutzt werden. Zudem nutzen einige Scanner eine sehr hohe Heuristikstufe (was zeitaufwendig ist). Die benutzten Scanner sind Linuxversionen, und es können sich (oder auch nicht) Unterschiede zu Windowsscannern ergeben. Noch eine Anmerkung: manche Scanner detektieren nur einen Virus, wenn Archive mit mehreren Malwaredateien gescannt werden. Gefördert durch Spenden (in willkürlicher Reihenfolge) von: Stormbyte Technologies LLC, The ClamAV project, James Love, Gideon Pertzov, Malcolm Murray, Nigel Thomas, Wendy Dickerson, Anthony Midmore, "ethereal", Mark Rubins, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, und einigen Leuten, die es vorziehen, anonym zu bleiben... Vielen Dank an alle! Statistik Zuletzt gefundene Malware war W32_SDBot.ET_tr-5, gefunden von: Scanner Name der Malware AntiVir HEUR/Crypted ArcaVir X Avast X AVG Antivirus IRC/BackDoor.SdBot2.MZY BitDefender X ClamAV X Dr.Web BackDoor.Pigeon.516 F-Prot Antivirus Possibly a new variant of W32/Threat-SysVenFakN-based!Maximus F-Secure Anti-Virus X Fortinet W32/SDBot.ET!tr Kaspersky Anti-Virus Trojan-Downloader.Win32.VB.aqe NOD32 X Norman Virus Control X VirusBuster novirus:Packed/NSPack VBA32 X Es steht Ihnen frei, diese automatisch generierten, ungültigen Statistiken (falsch) zu interpretieren. Für Vergleichstests von Anti-Viren Software, besuchen Sie AV comparatives. Häufig gestellte Fragen (FAQ) - Feedback/Kommentare/Fragen/Fehlalarme (bitte ausschließlich auf Englisch) Copyright © Jordi Bosveld 2004-2005 Deutsche Übersetzung von

Logfile of HijackThis v1.99.1 Scan saved at 17:43:59, on 20/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\eTrust Antivirus\InoRpc.exe C:\Program Files\CA\eTrust Antivirus\InoRT.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Dit.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Fichiers communs\Talkway\vmtalk.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\TomTom HOME\TomTomHOME.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\icpldrvx.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.exe C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN C:\Program Files\Club-Internet\Dr Club Internet\bin\mpbtn.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe C:\Program Files\Defenza\pcd-as.exe C:\Program Files\SystemDoctor 2006 Free\usdr6cw.exe C:\Program Files\eMule\eMule.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Club-Internet\Lanceur\Lanceur.exe C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\sandra.exe C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\PowerArchiver\POWERARC.EXE C:\DOCUME~1\FRANCI~1\LOCALS~1\Temp\_PA767\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [vmtalk] C:\Program Files\Fichiers communs\Talkway\vmtalk.exe O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Avg Antivirus] C:\WINDOWS\system32\icpldrvx.exe O4 - HKLM\..\Run: [DriveCleaner 2006 Free] "C:\Program Files\DriveCleaner 2006 Free\UDC2006.exe" /min O4 - HKLM\..\Run: [sDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner 2006 Free\SDRmon.exe" O4 - HKLM\..\Run: [udc6cw] "C:\Program Files\DriveCleaner 2006 Free\udc6cw.exe" -c O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003 O4 - HKLM\..\Run: [systemDoctor 2006 Free] C:\Program Files\SystemDoctor 2006 Free\sd2006.exe -scan O4 - HKLM\..\Run: [usdr6cw] C:\Program Files\SystemDoctor 2006 Free\usdr6cw.exe -c O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Docteur Club Internet.lnk = C:\Program Files\Club-Internet\Dr Club Internet\bin\matcli.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (HKCU) O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (HKCU) O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/ O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - http://www.pixaco.fr/static/download/pixacodndupload.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124469140515 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1124471908906 O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.netprint.com/view/uploader/ImageUploader3.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E3B515CB-9294-419F-9C09-BFFE9D2AEC51}: NameServer = 194.117.200.10,194.117.200.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIb\RpcSandraSrv.exe

mon pc est bourré de virus je pense , je ny pige pas grand chose dans ce monde de l'informatique ,je voudrais bien de l'aide d'une personne assez patiente et trés cool merci d'avance