dadoux
-
Compteur de contenus
69 -
Inscription
-
Dernière visite
-
Jours gagnés
1
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par dadoux
-
-----------\\ ToolBar S&D 1.0.8 XP/Vista [ Windows VISTA (NT 6.0) Workstation Build 6000 ] [ USER : mariano ] [ "C:\Toolbar SD" ] [ Selection : 2 ] [ 11/08/2008 | 21:43:12,90 ] [ PC : PC-DE-MARIANO ] [ MAJ : 04-08-2008 | 23:15 ] [ UAC => 0 ] -----------\\ SUPPRESSION Echec ! - C:\Program Files\MSN Messenger\msimg32.dll -----------\\ DEUXIEME PASSAGE Echec ! - C:\Program Files\MSN Messenger\msimg32.dll -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\MSN Messenger\msimg32.dll -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\Windows\\system32\\blank.htm" "Search Page"="http://www.google.com" "Start Page"="http://fr.yahoo.com"'>http://fr.yahoo.com"'>http://fr.yahoo.com" "Search Bar"="http://www.google.com/ie" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.yahoo.com" "Default_Page_URL"="http://fr.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [ UAC => 1 ] -----------\\ Fin du rapport a 21:44:12,79 et l'autre: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:45:04, on 11/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hotkey Utility\tray.exe C:\Program Files\Power Manager\PM.exe C:\Program Files\Light Sensor Utility\Sensor.exe C:\Windows\System32\rundll32.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\mobsync.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\ehome\ehtray.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Windows\explorer.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe O4 - HKLM\..\Run: [silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [recinfo420] c:\RecInfo\RecInfo.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\tb_eula\EULALauncher.NET.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20080801 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user') O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU) O13 - Gopher Prefix: O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8936CB3B-FE82-4FA4-B420-4C2B11F092C2}: NameServer = 217.175.160.168 217.175.160.12 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13219 bytes
-
-----------\\ ToolBar S&D 1.0.8 XP/Vista [ Windows VISTA (NT 6.0) Workstation Build 6000 ] [ USER : mariano ] [ "C:\Toolbar SD" ] [ Selection : 1 ] [ 11/08/2008 | 21:07:05,49 ] [ PC : PC-DE-MARIANO ] [ MAJ : 04-08-2008 | 23:15 ] [ UAC => 0 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\MSN Messenger\msimg32.dll -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\Windows\\system32\\blank.htm" "Search Page"="http://www.google.com" "Start Page"="http://fr.yahoo.com"'>http://fr.yahoo.com"'>http://fr.yahoo.com" "Search Bar"="http://www.google.com/ie" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fr.yahoo.com" "Default_Page_URL"="http://fr.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [ UAC => 1 ] -----------\\ Fin du rapport a 21:07:11,60 voila dsl avec beaucoup de retard (je m'excuse) ....
-
bonjour dsl du retard pour la reponse , oui le programme etait bien lancer .. merci ....
-
je trouve pas le resultat ... j'ai pas de fichier txt y a rien dans c:/ ni sur le bureau
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:14:58, on 05/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hotkey Utility\tray.exe C:\Program Files\Power Manager\PM.exe C:\Program Files\Light Sensor Utility\Sensor.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Windows\system32\svchost.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Users\mariano\Desktop\dss.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\system32\SearchFilterHost.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\mariano.exe C:\Windows\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Megaupload Toolbar - {EEE17712-987E-4424-A00C-9DA0BC4E2078} - C:\Windows\system32\MEGAUP~1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe O4 - HKLM\..\Run: [silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [recinfo420] c:\RecInfo\RecInfo.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\tb_eula\EULALauncher.NET.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20080801 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8936CB3B-FE82-4FA4-B420-4C2B11F092C2}: NameServer = 217.175.160.168 217.175.160.12 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12410 bytes
-
Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1025 Windows 6.0.6000 01:46:34 05/08/2008 mbam-log-8-5-2008 (01-46-34).txt Type de recherche: Examen rapide Eléments examinés: 36362 Temps écoulé: 3 minute(s), 28 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 7 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\Windows\System32\MEGAUP~1.dll (Trojan.FakeAlert) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\TypeLib\{15c7d7ad-a87a-4c0d-9d8b-637fcd3488ef} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{eee17712-987e-4424-a00c-9da0bc4e2078} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eee17712-987e-4424-a00c-9da0bc4e2078} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bhonew.bho (Trojan.Fakealert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.Fakealert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Windows\System32\MEGAUP~1.dll (Trojan.FakeAlert) -> Delete on reboot. ok dsl ..
-
bon j'ai fait mais j'ai pas eu le reflexe de copier le rapport dans un bloc note avant d'accepte le redemarrage de mon ordi mais la j'ai plus le message donc je pense que c bon .... si y a un pb je reviendrai merci beaucoup sa ma bien depanner ... ps : merci merci et merci
-
heu j'ai fait le truc mais sa a rien changer j'ai toujours le message ... du debut
-
heu j'ai que mon modem en usb et ma souris ... c vrai que j'ai connecter un disque dur externe mais c pas le mien je l'ai plus... comment je fais alors svp heu j'ai que mon modem en usb et ma souris ... c vrai que j'ai connecter un disque dur externe mais c pas le mien je l'ai plus... comment je fais alors svp
-
heu j'ai que mon modem en usb et ma souris ... c vrai que j'ai connecter un disque dur externe mais c pas le mien je l'ai plus... comment je fais alors svp
-
heu j'ai que mon modem en usb et ma souris ... c vrai que j'ai connecter un disque dur externe mais c pas le mien je l'ai plus... comment je fais alors svp
-
Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Édition Familiale Premium (build 6000) Architecture: X86; Language: French CPU 0: AMD Turion 64 X2 Mobile Technology TL-52 Percentage of Memory in Use: 61% Physical Memory (total/avail): 2814.13 MiB / 1072.58 MiB Pagefile Memory (total/avail): 5836.53 MiB / 3993.85 MiB Virtual Memory (total/avail): 2047.88 MiB / 1914.27 MiB C: is Fixed (NTFS) - 92.21 GiB total, 22.91 GiB free. D: is Fixed (NTFS) - 45.12 GiB total, 29.96 GiB free. E: is CDROM (No Media) F: is Removable (No Media) \\.\PHYSICALDRIVE0 - WDC WD16 00BEVS-07RST SCSI Disk Device - 149.05 GiB - 3 partitions \PARTITION0 - Unknown - 11.72 GiB \PARTITION1 (bootable) - Système de fichiers installable - 92.21 GiB - C: \PARTITION2 - Système de fichiers installable - 45.12 GiB - D: \\.\PHYSICALDRIVE1 - Generic-Multi-Card USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FW: Norton Internet Security v2007 (Symantec Corporation) Disabled AV: avast! antivirus 4.8.1229 [VPS 080804-0] v4.8.1229 (ALWIL Software) Disabled AV: Norton Internet Security v2007 (Symantec Corporation) Outdated AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) AS: Norton Internet Security v2007 (Symantec Corporation) Outdated AS: avast! antivirus 4.8.1229 [VPS 080804-0] v4.8.1229 (ALWIL Software) Disabled [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\mariano\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC-DE-MARIANO ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\mariano LOCALAPPDATA=C:\Users\mariano\AppData\Local LOGONSERVER=\\PC-DE-MARIANO NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=4802 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\mariano\AppData\Local\Temp TMP=C:\Users\mariano\AppData\Local\Temp USERDOMAIN=PC-de-mariano USERNAME=mariano USERPROFILE=C:\Users\mariano windir=C:\Windows -- User Profiles --------------------------------------------------------------- mariano -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL --> C:\Windows\UNNeroShowTime.exe /UNINSTALL --> C:\Windows\UNNeroVision.exe /UNINSTALL --> C:\Windows\UNRecode.exe /UNINSTALL 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 50 FREE MP3s +1 Free Audiobook! --> "C:\Program Files\Winamp\eMusic\Uninst-eMusic-promotion.exe" ACID Music Studio 7.0 de Sony --> MsiExec.exe /X{A6CE9D67-88BF-4AC1-A391-D3F79651DDD3} Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} ALPS Touch Pad Driver --> C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA} avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup BeWAN ADSL modem --> rundll32.exe stmcfg32.dll,Uninstall Bison WebCam --> Rundll32.exe BisonRem.dll,WinMainRmv ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3} Counter-Strike: Source --> C:\Program Files\Counter-Strike Source\Uninst.exe DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE} eMule --> "C:\Program Files\eMule\Uninstall.exe" Extension de Windows Live Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8} FirstSteps Diagnostics --> MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7} Fujitsu Siemens Computers WLAN 802.11b/g (SiS163u) --> C:\Windows\system32\unwlsdrv.exe SiS163u Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly Google Toolbar for Firefox --> MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F} Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" Google Video Uploader --> "C:\Program Files\Google Video\Uninstall.exe" HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F10001\UIU32m.exe -U -IPDAZLCMzK.inf Hotkey Utility --> "C:\Program Files\Hotkey Utility\unins000.exe" InterVideo WinDVD 8 --> C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x040c Java 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040} Light Sensor Utility 1.4 --> "C:\Program Files\Light Sensor Utility\unins000.exe" LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe" Menus intelligents (Windows Live Toolbar) --> MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B} Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office OneNote MUI (French) 2007 --> MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French) --> MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works --> MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673} mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC Module de compatibilité pour Microsoft Office System 2007 --> MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox (1.5) --> C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5 (fr)" MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} Nero 7 Essentials --> MsiExec.exe /X{81CD6232-10F5-4832-B3DA-1B88B1571036} Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0} Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164} Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A} Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34} Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B} Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B} Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43} Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8} NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" Power Manager 2.1.10 --> "C:\Program Files\Power Manager\unins000.exe" PowerDV --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver --> RtlUpd.exe -r -m Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E} Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E} SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} SuperCopier2 --> "C:\Program Files\SuperCopier2\SC2Uninst.exe" Symantec Real Time Storage Protection Component --> MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A} SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2} Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} VideoLAN VLC media player 0.8.6i --> C:\Program Files\VideoLAN\VLC\uninstall.exe Virtual DJ Home Edition - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG Winamp --> "C:\Program Files\Winamp\UninstWA.exe" Winamp Remote --> "C:\Program Files\Winamp Remote\uninstall.exe" Winamp Toolbar for Firefox --> "\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe" Winamp Toolbar for Internet Explorer --> "C:\Program Files\Winamp Toolbar\uninstall.exe" Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7} Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {05AE605F-3146-46ED-BC52-0A14EBF57962} Windows Live Toolbar --> MsiExec.exe /X{05AE605F-3146-46ED-BC52-0A14EBF57962} WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type1234 / Error Event Submitted/Written: 08/04/2008 10:35:48 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 7.0.6000.16681, horodatage 0x48113d17, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000005, décalage d’erreur 0x000620e3, ID du processus 0x12e8, heure de début de l’application 0xiexplore.exe0. Event Record #/Type1233 / Error Event Submitted/Written: 08/04/2008 10:30:09 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 7.0.6000.16681, horodatage 0x48113d17, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000374, décalage d’erreur 0x000af1c9, ID du processus 0xa8c, heure de début de l’application 0xiexplore.exe0. Event Record #/Type1232 / Error Event Submitted/Written: 08/04/2008 10:30:05 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 7.0.6000.16681, horodatage 0x48113d17, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000005, décalage d’erreur 0x000620e3, ID du processus 0xa8c, heure de début de l’application 0xiexplore.exe0. Event Record #/Type1231 / Error Event Submitted/Written: 08/04/2008 10:09:56 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 7.0.6000.16681, horodatage 0x48113d17, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000005, décalage d’erreur 0x000620e3, ID du processus 0xc10, heure de début de l’application 0xiexplore.exe0. Event Record #/Type1229 / Error Event Submitted/Written: 08/04/2008 09:59:14 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante iexplore.exe, version 7.0.6000.16681, horodatage 0x48113d17, module défaillant ntdll.dll, version 6.0.6000.16386, horodatage 0x4549bdc9, code d’exception 0xc0000005, décalage d’erreur 0x000620e3, ID du processus 0xb5c, heure de début de l’application 0xiexplore.exe0. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type6831 / Warning Event Submitted/Written: 08/05/2008 00:15:22 AM Event ID/Source: 3004 / WinDefend Event Description: L’agent de protection en temps réel %PC-de-mariano27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-mariano27 ne peut pas annuler les modifications que vous autorisez. Pour plus d’informations, consultez les données suivantes : %PC-de-mariano275 ID d’analyse : {DCDF8EC2-1956-4226-AB97-2B4BAA1DFB74} Utilisateur : PC-de-mariano\mariano Nom : %PC-de-mariano271 ID : %PC-de-mariano272 ID de gravité : %PC-de-mariano273 ID de catégorie : %PC-de-mariano274 Chemin d’accès trouvé : %PC-de-mariano276 Type d’alerte : %PC-de-mariano278 Type de détection : 1.1.1505.02 Event Record #/Type6830 / Warning Event Submitted/Written: 08/05/2008 00:15:21 AM Event ID/Source: 3004 / WinDefend Event Description: L’agent de protection en temps réel %PC-de-mariano27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-mariano27 ne peut pas annuler les modifications que vous autorisez. Pour plus d’informations, consultez les données suivantes : %PC-de-mariano275 ID d’analyse : {68C167CF-ED67-477C-8ACD-63EAF56EF1BF} Utilisateur : PC-de-mariano\mariano Nom : %PC-de-mariano271 ID : %PC-de-mariano272 ID de gravité : %PC-de-mariano273 ID de catégorie : %PC-de-mariano274 Chemin d’accès trouvé : %PC-de-mariano276 Type d’alerte : %PC-de-mariano278 Type de détection : 1.1.1505.02 Event Record #/Type6829 / Warning Event Submitted/Written: 08/05/2008 00:15:18 AM Event ID/Source: 3004 / WinDefend Event Description: L’agent de protection en temps réel %PC-de-mariano27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-mariano27 ne peut pas annuler les modifications que vous autorisez. Pour plus d’informations, consultez les données suivantes : %PC-de-mariano275 ID d’analyse : {CAC0FBDF-BE60-4346-A70E-393C1EF3B5CB} Utilisateur : PC-de-mariano\mariano Nom : %PC-de-mariano271 ID : %PC-de-mariano272 ID de gravité : %PC-de-mariano273 ID de catégorie : %PC-de-mariano274 Chemin d’accès trouvé : %PC-de-mariano276 Type d’alerte : %PC-de-mariano278 Type de détection : 1.1.1505.02 Event Record #/Type6828 / Warning Event Submitted/Written: 08/05/2008 00:15:18 AM Event ID/Source: 3004 / WinDefend Event Description: L’agent de protection en temps réel %PC-de-mariano27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-mariano27 ne peut pas annuler les modifications que vous autorisez. Pour plus d’informations, consultez les données suivantes : %PC-de-mariano275 ID d’analyse : {5685C93B-FC5F-480F-8EB4-634F1B7768B1} Utilisateur : PC-de-mariano\mariano Nom : %PC-de-mariano271 ID : %PC-de-mariano272 ID de gravité : %PC-de-mariano273 ID de catégorie : %PC-de-mariano274 Chemin d’accès trouvé : %PC-de-mariano276 Type d’alerte : %PC-de-mariano278 Type de détection : 1.1.1505.02 Event Record #/Type6827 / Warning Event Submitted/Written: 08/05/2008 00:15:18 AM Event ID/Source: 3004 / WinDefend Event Description: L’agent de protection en temps réel %PC-de-mariano27 a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. %PC-de-mariano27 ne peut pas annuler les modifications que vous autorisez. Pour plus d’informations, consultez les données suivantes : %PC-de-mariano275 ID d’analyse : {31A2488F-983F-42F7-B429-070C42EF5D29} Utilisateur : PC-de-mariano\mariano Nom : %PC-de-mariano271 ID : %PC-de-mariano272 ID de gravité : %PC-de-mariano273 ID de catégorie : %PC-de-mariano274 Chemin d’accès trouvé : %PC-de-mariano276 Type d’alerte : %PC-de-mariano278 Type de détection : 1.1.1505.02 -- End of Deckard's System Scanner: finished at 2008-08-05 00:16:23 ------------ Deckard's System Scanner v20071014.68 Run by mariano on 2008-08-05 00:05:03 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 6: 2008-08-04 12:41:53 UTC - RP130 - Installé ACID Music Studio 7.0 de Sony 5: 2008-08-04 12:39:31 UTC - RP129 - Installé Microsoft Visual C++ 2005 Redistributable 4: 2008-08-03 23:01:04 UTC - RP128 - Windows Update 3: 2008-08-03 19:33:46 UTC - RP127 - Windows Update 2: 2008-08-03 15:00:03 UTC - RP126 - Sauvegarde Windows -- First Restore Point -- 1: 2008-08-03 02:41:13 UTC - RP125 - Windows Update Backed up registry hives. Performed disk cleanup. -- HijackThis (run as mariano.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:14:58, on 05/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hotkey Utility\tray.exe C:\Program Files\Power Manager\PM.exe C:\Program Files\Light Sensor Utility\Sensor.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\system32\svchost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Windows\system32\svchost.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\LimeWire\LimeWire.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Users\mariano\Desktop\dss.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\system32\SearchFilterHost.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\mariano.exe C:\Windows\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Megaupload Toolbar - {EEE17712-987E-4424-A00C-9DA0BC4E2078} - C:\Windows\system32\MEGAUP~1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe O4 - HKLM\..\Run: [silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [recinfo420] c:\RecInfo\RecInfo.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\tb_eula\EULALauncher.NET.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20080801 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8936CB3B-FE82-4FA4-B420-4C2B11F092C2}: NameServer = 217.175.160.168 217.175.160.12 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12410 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- S3 TaurusUsb (ADSL Modem USB Service) - c:\windows\system32\drivers\torususb.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> R2 TestHandler (Fujitsu Siemens Computers Diagnostic Testhandler) - c:\firststeps\onlinediagnostic\testmanager\testhandler.exe <Not Verified; Fujitsu Siemens Computers; ServerView Online Diagnostic> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-08-05 00:07:01 258 --a------ C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job -- Files created between 2008-07-05 and 2008-08-05 ----------------------------- 2008-08-05 00:14:43 0 d-------- C:\Program Files\Trend Micro 2008-08-04 16:53:12 18944 --a------ C:\Windows\system32\MEGAUP~1.dll 2008-08-04 16:42:22 0 d-------- C:\Program Files\Vstplugins 2008-08-04 16:42:09 0 d-------- C:\Program Files\Sony 2008-08-04 16:39:07 0 d-------- C:\Program Files\Sony Setup 2008-08-04 10:55:18 0 --a------ C:\Windows\nsreg.dat 2008-08-04 10:54:50 0 d-------- C:\Program Files\Common Files\xing shared 2008-08-04 10:54:30 0 d-------- C:\Program Files\Real 2008-08-04 10:54:25 0 d-------- C:\Program Files\Common Files\Real 2008-08-04 10:53:03 3431 --a------ C:\Windows\mozver.dat 2008-08-04 10:22:18 0 d-------- C:\Program Files\Java 2008-08-04 10:12:52 0 d-------- C:\Users\All Users\eMule 2008-08-04 10:11:01 0 d-------- C:\Program Files\Common Files\Java 2008-08-04 10:09:46 0 d-------- C:\Program Files\LimeWire 2008-08-04 10:08:37 0 d-------- C:\Program Files\eMule 2008-08-03 12:43:18 0 d-------- C:\Program Files\VideoLAN 2008-08-03 02:18:14 0 d-------- C:\Program Files\Google Video 2008-08-02 23:59:08 0 d-------- C:\Program Files\uTorrent 2008-08-02 23:30:53 0 d-------- C:\Users\All Users\Yahoo! Companion 2008-08-02 23:30:13 0 d-------- C:\Program Files\DivX 2008-08-02 23:30:07 0 d-------- C:\Program Files\Yahoo! 2008-08-02 16:23:36 0 d-a------ C:\Users\All Users\TEMP 2008-08-02 16:07:59 0 d-------- C:\Users\All Users\Winamp Toolbar 2008-08-02 16:07:59 0 d-------- C:\Program Files\Winamp Toolbar 2008-08-02 16:07:42 0 d-------- C:\Users\All Users\OrbNetworks 2008-08-02 16:07:38 0 d-------- C:\Program Files\Winamp Remote 2008-08-02 15:52:54 0 d-------- C:\Program Files\Winamp 2008-08-02 03:11:42 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-08-01 15:42:54 0 d-------- C:\Program Files\Alwil Software 2008-08-01 12:58:47 0 d-------- C:\Windows\system32\Macromed 2008-08-01 12:56:02 0 d-------- C:\Users\All Users\Messenger Plus! 2008-08-01 12:51:03 0 d-------- C:\Program Files\Windows Live 2008-08-01 12:51:02 0 d-------- C:\Program Files\Messenger Plus! Live 2008-08-01 12:45:34 0 d-------- C:\Program Files\Windows Live Toolbar 2008-08-01 12:44:26 0 d-------- C:\Program Files\MSN Messenger 2008-08-01 11:50:00 0 d-------- C:\Program Files\mIRC 2008-07-31 05:58:05 0 d-------- C:\Program Files\SuperCopier2 -- Find3M Report --------------------------------------------------------------- 2008-08-05 00:15:28 0 d-------- C:\Users\mariano\AppData\Roaming\uTorrent 2008-08-04 21:52:24 0 d-------- C:\Users\mariano\AppData\Roaming\LimeWire 2008-08-04 21:42:27 9651 --a------ C:\Windows\KernelMessage 2008-08-04 16:51:19 0 d-------- C:\Users\mariano\AppData\Roaming\Sony 2008-08-04 16:50:35 0 d-------- C:\Users\mariano\AppData\Roaming\Publish Providers 2008-08-04 16:50:35 0 d-------- C:\Users\mariano\AppData\Roaming\NetMedia Providers 2008-08-04 10:55:15 0 d-------- C:\Users\mariano\AppData\Roaming\Mozilla 2008-08-04 10:55:08 0 d-------- C:\Users\mariano\AppData\Roaming\Real 2008-08-04 10:54:50 0 d-------- C:\Program Files\Common Files 2008-08-04 10:53:19 0 d-------- C:\Program Files\Google 2008-08-04 00:39:43 690832 --a------ C:\Windows\system32\perfh00C.dat 2008-08-04 00:39:43 117572 --a------ C:\Windows\system32\perfc00C.dat 2008-08-04 00:34:09 27525 --a------ C:\Users\mariano\AppData\Roaming\nvModes.001 2008-08-03 14:11:38 0 d-------- C:\Users\mariano\AppData\Roaming\vlc 2008-08-03 11:31:36 27525 --a------ C:\Users\mariano\AppData\Roaming\nvModes.dat 2008-08-02 23:30:08 0 d-------- C:\Users\mariano\AppData\Roaming\Yahoo! 2008-08-02 16:16:20 0 d-------- C:\Users\mariano\AppData\Roaming\Winamp 2008-08-02 12:47:23 0 d-------- C:\Users\mariano\AppData\Roaming\mIRC 2008-08-02 03:25:00 174 --ahs---- C:\Program Files\desktop.ini 2008-08-01 15:42:07 0 d-------- C:\Program Files\Symantec 2008-08-01 13:00:18 0 d-------- C:\Users\mariano\AppData\Roaming\Macromedia 2008-08-01 13:00:16 0 d-------- C:\Users\mariano\AppData\Roaming\Adobe 2008-08-01 11:24:04 0 d-------- C:\Users\mariano\AppData\Roaming\Google 2008-07-01 03:55:42 0 d-------- C:\Users\mariano\AppData\Roaming\InterVideo 2008-06-20 23:53:33 0 d-------- C:\Program Files\VirtualDJ 2008-06-20 23:02:04 0 d-------- C:\Program Files\Counter-Strike Source 2008-06-20 22:57:50 0 d-------- C:\Users\mariano\AppData\Roaming\WinRAR 2008-06-20 20:49:13 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-20 19:54:00 0 d-------- C:\Program Files\InterVideo 2008-06-20 19:54:00 0 d-------- C:\Program Files\Common Files\InterVideo 2008-06-20 19:50:29 0 d-------- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites 2008-06-20 19:48:00 0 d-------- C:\Users\mariano\AppData\Roaming\Identities 2008-06-20 19:42:51 0 d-------- C:\Program Files\Windows NT 2008-06-20 19:42:51 0 d--hs---- C:\Program Files\Fichiers communs 2008-06-20 03:30:05 0 d-------- C:\Program Files\BeWAN ADSL V1.9.0.10 -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 17/07/2008 00:51 1266992 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE17712-987E-4424-A00C-9DA0BC4E2078}] 04/08/2008 16:53 18944 --a------ C:\Windows\system32\MEGAUP~1.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [17/07/2008 00:51 1266992] [-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [15/01/2007 13:19] "NvSvc"="C:\Windows\system32\nvsvc.dll" [19/07/2007 03:31] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [19/07/2007 03:31] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [19/07/2007 03:31] "RtHDVCpl"="RtHDVCpl.exe" [10/04/2007 18:01 C:\Windows\RtHDVCpl.exe] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [25/05/2007 14:17] "FIC HotKey"="C:\Program Files\Hotkey Utility\tray.exe" [13/07/2007 17:38] "PowerManager"="C:\Program Files\Power Manager\PM.exe" [16/05/2007 14:42] "Silent Mode"="C:\Program Files\Light Sensor Utility\Sensor.exe" [27/06/2007 12:56] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 06:06] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [15/01/2007 14:40] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [02/05/2007 10:08] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [26/02/2007 23:46] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [25/10/2006 02:08] "IS CfgWiz"="c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [24/10/2006 12:19] "osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [27/10/2006 04:18] "recinfo420"="c:\RecInfo\RecInfo.exe" [23/10/2007 16:52] "toolbar_eula_launcher"="C:\tb_eula\EULALauncher.NET.exe" [] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [19/07/2008 18:38] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [10/07/2008 01:33] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/08/2008 10:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [15/01/2007 14:10] "WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" [] "fsc-reg"="C:\ProgramData\fsc-reg\fscreg.exe" [08/11/2007 17:38] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 16:35] "SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [14/03/2005 03:37] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 13:55] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a5e6354-3eed-11dd-957c-003005db8da5}] AutoRun\command- ntde1ect.com explore\Command- ntde1ect.com open\Command- ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a5e635b-3eed-11dd-957c-003005db8da5}] AutoRun\command- H:\ntde1ect.com explore\Command- H:\ntde1ect.com open\Command- H:\ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a5e657c-3eed-11dd-957c-003005db8da5}] AutoRun\command- I:\ntde1ect.com explore\Command- I:\ntde1ect.com open\Command- I:\ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7cf6fd7-561c-11dd-a9f6-003005db8da5}] AutoRun\command- EXPLORER.EXE explore\Command- EXPLORER.EXE open\Command- EXPLORER.EXE *Newly Created Service* - COMHOST [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-08-05 00:16:23 ------------
-
Fichier EULALauncher.exe reçu le 2008.08.04 21:27:26 (CET) Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.8.5.0 2008.08.04 - AntiVir 7.8.1.15 2008.08.04 - Authentium 5.1.0.4 2008.08.04 - Avast 4.8.1195.0 2008.08.04 - AVG 8.0.0.156 2008.08.04 - BitDefender 7.2 2008.08.04 - CAT-QuickHeal 9.50 2008.08.04 - ClamAV 0.93.1 2008.08.04 - DrWeb 4.44.0.09170 2008.08.04 - eSafe 7.0.17.0 2008.08.03 - eTrust-Vet 31.6.6007 2008.08.04 - Ewido 4.0 2008.08.04 - F-Prot 4.4.4.56 2008.08.03 - F-Secure 7.60.13501.0 2008.08.04 - Fortinet 3.14.0.0 2008.08.04 - GData 2.0.7306.1023 2008.08.04 - Ikarus T3.1.1.34.0 2008.08.04 - K7AntiVirus 7.10.403 2008.08.04 - Kaspersky 7.0.0.125 2008.08.04 - McAfee 5353 2008.08.04 - Microsoft 1.3807 2008.08.04 - NOD32v2 3325 2008.08.04 - Norman 5.80.02 2008.08.04 - Panda 9.0.0.4 2008.08.04 - PCTools 4.4.2.0 2008.08.04 - Prevx1 V2 2008.08.04 - Rising 20.56.02.00 2008.08.04 - Sophos 4.31.0 2008.08.04 - Sunbelt 3.1.1537.1 2008.08.01 - Symantec 10 2008.08.04 - TheHacker 6.2.96.393 2008.08.04 - TrendMicro 8.700.0.1004 2008.08.04 - VBA32 3.12.8.2 2008.08.04 - ViRobot 2008.8.4.1322 2008.08.04 - VirusBuster 4.5.11.0 2008.08.04 - Webwasher-Gateway 6.6.2 2008.08.04 - Information additionnelle File size: 32768 bytes MD5...: 06354c329e79e556cdedaf9e7340f50a SHA1..: 0eeded2df72afc6020d994389962c17b53c916c5 SHA256: 45bc7dfe48616607a321bd2a910f81ed24ef2de944a1d4a3b7c604df295a86e0 SHA512: db835729d16bf53f37508da754dd3af9afca0b104f0817be8d64acafbfcf26ee<br>fe974c71a31cc19ceb6a3a37ad3bb36078e3a1c647d44d16f99a75d42685f3f0 PEiD..: - PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x11005f8e<br>timedatestamp.....: 0x466f3fd2 (Wed Jun 13 00:52:34 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x2000 0x3f94 0x4000 5.68 4491ad75d0a110b9e21a0d06c9b2131a<br>.sdata 0x6000 0x89 0x1000 0.34 bcaa57434a39a6f9b17532c30f3ca6d7<br>.rsrc 0x8000 0x880 0x1000 2.09 80db8cd33bf563f9f8fdcb080b2812e1<br>.reloc 0xa000 0xc 0x1000 0.01 ca9b32430672ec73df452f16b79cb91e<br><br>( 1 imports ) <br>> mscoree.dll: _CorExeMain<br><br>( 0 exports ) <br> Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.8.5.0 2008.08.04 - AntiVir 7.8.1.15 2008.08.04 - Authentium 5.1.0.4 2008.08.04 - Avast 4.8.1195.0 2008.08.04 - AVG 8.0.0.156 2008.08.04 - BitDefender 7.2 2008.08.04 - CAT-QuickHeal 9.50 2008.08.04 - ClamAV 0.93.1 2008.08.04 - DrWeb 4.44.0.09170 2008.08.04 - eSafe 7.0.17.0 2008.08.03 - eTrust-Vet 31.6.6007 2008.08.04 - Ewido 4.0 2008.08.04 - F-Prot 4.4.4.56 2008.08.03 - F-Secure 7.60.13501.0 2008.08.04 - Fortinet 3.14.0.0 2008.08.04 - GData 2.0.7306.1023 2008.08.04 - Ikarus T3.1.1.34.0 2008.08.04 - K7AntiVirus 7.10.403 2008.08.04 - Kaspersky 7.0.0.125 2008.08.04 - McAfee 5353 2008.08.04 - Microsoft 1.3807 2008.08.04 - NOD32v2 3325 2008.08.04 - Norman 5.80.02 2008.08.04 - Panda 9.0.0.4 2008.08.04 - PCTools 4.4.2.0 2008.08.04 - Prevx1 V2 2008.08.04 - Rising 20.56.02.00 2008.08.04 - Sophos 4.31.0 2008.08.04 - Sunbelt 3.1.1537.1 2008.08.01 - Symantec 10 2008.08.04 - TheHacker 6.2.96.393 2008.08.04 - TrendMicro 8.700.0.1004 2008.08.04 - VBA32 3.12.8.2 2008.08.04 - ViRobot 2008.8.4.1322 2008.08.04 - VirusBuster 4.5.11.0 2008.08.04 - Webwasher-Gateway 6.6.2 2008.08.04 - Information additionnelle File size: 32768 bytes MD5...: 06354c329e79e556cdedaf9e7340f50a SHA1..: 0eeded2df72afc6020d994389962c17b53c916c5 SHA256: 45bc7dfe48616607a321bd2a910f81ed24ef2de944a1d4a3b7c604df295a86e0 SHA512: db835729d16bf53f37508da754dd3af9afca0b104f0817be8d64acafbfcf26ee<br>fe974c71a31cc19ceb6a3a37ad3bb36078e3a1c647d44d16f99a75d42685f3f0 PEiD..: - PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x11005f8e<br>timedatestamp.....: 0x466f3fd2 (Wed Jun 13 00:52:34 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x2000 0x3f94 0x4000 5.68 4491ad75d0a110b9e21a0d06c9b2131a<br>.sdata 0x6000 0x89 0x1000 0.34 bcaa57434a39a6f9b17532c30f3ca6d7<br>.rsrc 0x8000 0x880 0x1000 2.09 80db8cd33bf563f9f8fdcb080b2812e1<br>.reloc 0xa000 0xc 0x1000 0.01 ca9b32430672ec73df452f16b79cb91e<br><br>( 1 imports ) <br>> mscoree.dll: _CorExeMain<br><br>( 0 exports ) <br> je sais pas si c le bon j'ai pas le truc NET dsl j'ai que sa
-
voila le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:06:40, on 04/08/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hotkey Utility\tray.exe C:\Program Files\Power Manager\PM.exe C:\Program Files\Light Sensor Utility\Sensor.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Apoint2K\Apntex.exe C:\Users\mariano\Desktop\mIRC\mirc.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Users\mariano\Desktop\Copy of djbot\mirc.exe C:\Windows\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\mariano\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Megaupload Toolbar - {EEE17712-987E-4424-A00C-9DA0BC4E2078} - C:\Windows\system32\MEGAUP~1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe O4 - HKLM\..\Run: [silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [recinfo420] c:\RecInfo\RecInfo.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\tb_eula\EULALauncher.NET.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [fsc-reg] C:\ProgramData\fsc-reg\fscreg.exe 20080801 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://www.triforce.fr/plugin/DivXBrowserPlugin.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8936CB3B-FE82-4FA4-B420-4C2B11F092C2}: NameServer = 217.175.160.168 217.175.160.12 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10345 bytes
-
bonjour voila j'ai telecharger un truc et j'ai eu un virus (avast ne le detect pas) le pb c des que j'ouvre un dossier sur mon ordinateur j'ai ce message et sa me ouvre internet explorer et quand j'ai de telecharge le sois disant anti virus sa n'arrive jamais au bout du telechargement .. voila le message : attention, mariano! some dangerous viruses detected in your system. windows vistahome premium files corrupted. this may lead to the destruction of important fils in c:\windows. download protection software now! click OK to download the antispaware.(recommended) peu t on m'aidez svp merci d'avance ...
-
bon voila , BTFix 1.046 (par bibi26) - 27/09/2007 00:59:42 - Analyse ---> Fichiers/Dossiers trouvés - [Heuristique] C:\Documents and Settings\mariano\Application Data\Microsoft\Windows\gstfbue.exe - C:\Program Files\YourSiteBar - C:\Program Files\AskPBar - C:\Documents and Settings\mariano\Application Data\SurfAccuracy ---> Analyse terminée ensuite, Rapport lopxpMH2 version 2.0 fait à 0:31:52,39 le 27/09/2007 C:\Documents and Settings\mariano\Mes documents\enregistrement ****************************************** ## Répertoires Application Data Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\Administrateur\Application Data 09/08/2007 09:14 <REP> . 09/08/2007 09:14 <REP> .. 09/08/2007 09:14 <REP> Microsoft 09/08/2007 09:17 <REP> WinAntiVirus Pro 2007 09/08/2007 09:14 62 desktop.ini 1 fichier(s) 62 octets 4 Rép(s) 11 336 773 632 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\Administrateur\Local Settings\Application Data 09/08/2007 09:14 <REP> . 09/08/2007 09:14 <REP> .. 09/08/2007 09:14 <REP> Microsoft 09/08/2007 09:18 2 656 656 IconCache.db 1 fichier(s) 2 656 656 octets 3 Rép(s) 11 336 769 536 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\All Users\Application Data 08/07/2007 13:57 <REP> . 08/07/2007 13:57 <REP> .. 20/07/2007 17:18 <REP> Base Loud Dart Move 12/07/2007 15:25 <REP> Google 08/07/2007 13:57 <REP> Microsoft 20/07/2007 17:17 <REP> Move Bore Curb Tool 01/08/2007 20:23 <REP> Mozilla 09/08/2007 08:50 <REP> SalesMonitor 21/07/2007 16:34 <REP> Sony 23/07/2007 23:01 <REP> SystemDoctor Free 09/08/2007 08:50 <REP> WinAntiVirus Pro 2007 09/07/2007 21:11 <REP> Windows Genuine Advantage 20/07/2007 16:19 <REP> Windows Live Toolbar 08/07/2007 13:58 62 desktop.ini 1 fichier(s) 62 octets 13 Rép(s) 11 336 769 536 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\Default User\Application Data 08/07/2007 13:57 <REP> . 08/07/2007 13:57 <REP> .. 08/07/2007 13:57 <REP> Microsoft 08/07/2007 13:58 62 desktop.ini 1 fichier(s) 62 octets 3 Rép(s) 11 336 769 536 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\Default User\Local Settings\Application Data 08/07/2007 13:58 <REP> . 08/07/2007 13:58 <REP> .. 09/07/2007 17:09 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 11 336 769 536 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\LocalService\Application Data 09/07/2007 17:27 <REP> . 09/07/2007 17:27 <REP> .. 09/07/2007 17:27 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 11 336 769 536 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data 09/07/2007 17:27 <REP> . 09/07/2007 17:27 <REP> .. 09/07/2007 17:27 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 11 336 769 536 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\mariano\Application Data 09/07/2007 17:29 <REP> . 09/07/2007 17:29 <REP> .. 12/07/2007 15:25 <REP> Google 07/08/2007 11:23 <REP> Help 09/07/2007 17:29 <REP> Identities 09/07/2007 18:25 <REP> Macromedia 13/08/2007 12:32 <REP> MessengerSkinner 09/07/2007 17:29 <REP> Microsoft 01/08/2007 20:24 <REP> Mozilla 15/09/2007 20:12 <REP> MSNInstaller 20/07/2007 00:04 <REP> NetMedia Providers 20/07/2007 00:04 <REP> Publish Providers 24/07/2007 10:04 <REP> Real 20/07/2007 00:04 <REP> Sonic Foundry 21/07/2007 16:34 <REP> Sony 21/07/2007 16:13 <REP> Sony Setup 13/08/2007 19:44 <REP> Sun 09/08/2007 08:32 <REP> SurfAccuracy 01/08/2007 20:24 <REP> Talkback 10/08/2007 19:37 <REP> VirusGarde 25/07/2007 18:27 <REP> vlc 23/08/2007 19:53 <REP> WinRAR 09/07/2007 17:29 62 desktop.ini 09/08/2007 10:10 124 499 tmp18.tmp.exe 09/08/2007 10:10 79 536 tmp19.tmp.exe 09/08/2007 10:10 79 536 tmp1A.tmp.exe 10/08/2007 10:11 124 649 tmp1D.tmp.exe 10/08/2007 18:16 79 576 tmp1E.tmp.exe 10/08/2007 18:16 79 576 tmp1F.tmp.exe 10/08/2007 19:11 124 649 tmp26.tmp.exe 10/08/2007 19:11 79 576 tmp27.tmp.exe 9 fichier(s) 771 659 octets 22 Rép(s) 11 336 765 440 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\mariano\Local Settings\Application Data 09/07/2007 17:29 <REP> . 09/07/2007 17:29 <REP> .. 12/07/2007 15:25 <REP> Google 07/08/2007 11:23 <REP> Help 11/07/2007 11:55 <REP> Identities 09/07/2007 17:29 <REP> Microsoft 13/08/2007 14:37 <REP> Multi_Media 21/07/2007 16:38 <REP> Sony 09/07/2007 17:49 12 712 GDIPFONTCACHEV1.DAT 28/07/2007 18:36 3 766 726 IconCache.db 2 fichier(s) 3 779 438 octets 8 Rép(s) 11 336 765 440 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\NetworkService\Application Data 09/07/2007 17:27 <REP> . 09/07/2007 17:27 <REP> .. 09/07/2007 17:27 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 11 336 765 440 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data 09/07/2007 17:27 <REP> . 09/07/2007 17:27 <REP> .. 09/07/2007 17:27 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 11 336 765 440 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\WINDOWS\system32\config\systemprofile\Application Data 09/07/2007 17:25 <REP> . 09/07/2007 17:25 <REP> .. 09/07/2007 17:25 <REP> Microsoft 09/07/2007 17:25 62 desktop.ini 1 fichier(s) 62 octets 3 Rép(s) 11 336 765 440 octets libres Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data 09/07/2007 17:25 <REP> . 09/07/2007 17:25 <REP> .. 09/07/2007 17:25 <REP> Microsoft 0 fichier(s) 0 octets 3 Rép(s) 11 336 765 440 octets libres ****************************************** Recherche des taches planifiées dans C:\WINDOWS\tasks C:\WINDOWS\Tasks\Vérifier Vérifier inexploitable ****************************************** ## Répertoires de C:\Program Files Le volume dans le lecteur C s'appelle Disque local Le numéro de série du volume est 5836-B93D Répertoire de C:\Program Files 25/09/2007 12:15 <REP> . 25/09/2007 12:15 <REP> .. 10/08/2007 21:18 <REP> Alwil Software 10/08/2007 21:00 <REP> AskPBar 28/07/2007 12:00 <REP> AVSMedia 09/07/2007 17:44 <REP> BeWAN ADSL V1.9.0.10 10/08/2007 20:56 <REP> BitDownload 09/07/2007 17:06 <REP> ComPlus Applications 01/08/2007 20:21 <REP> DivX 25/09/2007 20:14 <REP> eMule 13/08/2007 19:38 <REP> Fichiers communs 09/08/2007 08:29 <REP> freebird 26/07/2007 10:05 <REP> GameSpy Arcade 31/07/2007 10:13 <REP> Google 15/08/2007 15:47 <REP> InetGet2 12/07/2007 08:52 <REP> Intel 10/09/2007 03:01 <REP> Internet Explorer 13/08/2007 19:43 <REP> Java 09/08/2007 08:35 <REP> LimeWire Turbo Accelerator 11/07/2007 03:17 <REP> Messenger 23/09/2007 08:25 <REP> Messenger Plus! Live 28/08/2007 20:12 <REP> MessengerSkinner 09/07/2007 17:09 <REP> microsoft frontpage 21/07/2007 16:35 <REP> Microsoft SQL Server 26/09/2007 20:30 <REP> mIRC 09/07/2007 17:06 <REP> Movie Maker 01/08/2007 23:43 <REP> Mozilla Firefox 23/09/2007 08:26 <REP> MSN 09/07/2007 17:05 <REP> MSN Gaming Zone 25/09/2007 12:15 <REP> MSN Messenger 23/09/2007 15:52 <REP> MSXML 4.0 13/08/2007 14:37 <REP> Multi_Media 09/07/2007 17:07 <REP> NetMeeting 09/07/2007 17:05 <REP> Online Services 09/07/2007 23:22 <REP> OOL 25/08/2007 03:19 <REP> Outlook Express 25/09/2007 03:44 <REP> PDG 4 25/07/2007 18:27 <REP> PhotoFiltre 24/07/2007 10:04 <REP> Real 09/07/2007 17:08 <REP> Services en ligne 20/07/2007 00:02 <REP> Sonic Foundry 20/07/2007 00:01 <REP> Sonic Foundry Setup 21/07/2007 16:33 <REP> Sony 21/07/2007 16:13 <REP> Sony Setup 15/07/2007 11:38 <REP> SuperCopier 15/07/2007 11:38 <REP> SuperCopier2 07/08/2007 19:28 <REP> Synaptics 09/07/2007 17:49 <REP> Trend Micro 12/07/2007 08:45 <REP> VIAudioi 25/07/2007 18:26 <REP> VideoLAN 15/09/2007 15:12 <REP> VirtualDJ 21/07/2007 16:33 <REP> Vstplugins 30/08/2007 13:27 <REP> WIDCOMM 20/07/2007 16:21 <REP> Windows Live Favorites 20/07/2007 16:21 <REP> Windows Live Toolbar 14/09/2007 04:25 <REP> Windows Media Player 09/07/2007 17:05 <REP> Windows NT 15/07/2007 20:19 <REP> WinRAR 09/07/2007 17:09 <REP> xerox 10/08/2007 21:03 <REP> YourSiteBar 0 fichier(s) 0 octets 60 Rép(s) 11 336 761 344 octets libres ****************************************** ## Popups autorisées * Internet Explorer ! REG.EXE VERSION 3.0 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow mysearchnow.com REG_SZ www.mysearchnow.com REG_SZ zonenxt.msn-int.com REG_BINARY zonenxt.msn-ppe.com REG_BINARY zone.msn.com REG_BINARY *.starsdoor.com REG_BINARY * Mozilla Firefox (1 autorisé 2 interdit) ---------- C:\DOCUMENTS AND SETTINGS\MARIANO\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KV4AVSAZ.DEFAULT\HOSTPERM.1 ****************************************** ## Registre * [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main] Search Bar REG_SZ http://www.google.com/ie ****************************************** ## Zones de sécurité * HKCU Domains (4) * P3P History (5) ****************************************** ## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif" *************** Fin du rapport **************** ensuit, VundoFix V6.5.9 Checking Java version... Scan started at 01:09:07 27/09/2007 Listing files found while scanning.... C:\WINDOWS\system32\tmp27.tmp.dll Beginning removal... Performing Repairs to the registry. Done!SmitFraudFix v2.230 Rapport fait à 1:02:29,37, 27/09/2007 Executé à partir de C:\Documents and Settings\mariano\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\service32.exe C:\WINDOWS\snet32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\windows\system32\nexjiz.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\WinRAR\WinRAR.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mariano »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mariano\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\mariano\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: WAN (PPP/SLIP) Interface DNS Server Search Order: 217.175.160.11 DNS Server Search Order: 217.175.160.12 HKLM\SYSTEM\CCS\Services\Tcpip\..\{F38EB86C-2C0A-4041-A474-C62D5A175F22}: NameServer=217.175.160.11 217.175.160.12 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F38EB86C-2C0A-4041-A474-C62D5A175F22}: NameServer=217.175.160.11 217.175.160.12 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin ensuite, [09/27/2007, 1:07:48] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\mariano\Mes documents\enregistrement\VirtumundoBeGone.exe" ) [09/27/2007, 1:07:52] - Detected System Information: [09/27/2007, 1:07:53] - Windows Version: 5.1.2600, Service Pack 2 [09/27/2007, 1:07:53] - Current Username: mariano (Admin) [09/27/2007, 1:07:53] - Windows is in NORMAL mode. [09/27/2007, 1:07:53] - Searching for Browser Helper Objects: [09/27/2007, 1:07:53] - BHO 1: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [09/27/2007, 1:07:53] - BHO 2: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper) [09/27/2007, 1:07:53] - BHO 3: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [09/27/2007, 1:07:53] - BHO 4: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [09/27/2007, 1:07:53] - BHO 5: {b5146c40-189a-4311-bda9-fbae3e023187} (Multi_Media toolbar) [09/27/2007, 1:07:53] - BHO 6: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Windows Live Toolbar Helper) [09/27/2007, 1:07:53] - Finished Searching Browser Helper Objects [09/27/2007, 1:07:53] - Finishing up... [09/27/2007, 1:07:53] - Nothing found! Exiting... ensuite, 27/09/2007 a 1:05:12,15 *** Recherche des fichiers dans C: *** Recherche des fichiers dans C:\WINDOWS\ C:\WINDOWS\sys???????????.exe FOUND *** Recherche des fichiers dans C:\WINDOWS\system32 "C:\Documents and Settings\mariano\Application Data\MessengerSkinner\" FOUND *** Recherche des fichiers dans C:\Program Files "C:\Program Files\Fichiers communs\WinAntivirus Pro 2007\" FOUND "C:\Program Files\BitDownload" FOUND "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe" FOUND "C:\Program Files\InetGet2\" FOUND "C:\Program Files\Multi_Media\" FOUND "C:\Program Files\YourSiteBar\" FOUND "C:\Program Files\MessengerSkinner\" FOUND *** Fin du rapport ! et enfin Logfile of HijackThis v1.99.1 Scan saved at 01:23:59, on 27/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\service32.exe C:\WINDOWS\snet32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\mariano\LOCALS~1\Temp\Rar$EX00.719\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F38EB86C-2C0A-4041-A474-C62D5A175F22}: NameServer = 217.175.160.11 217.175.160.12 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: c_9FRA - c_9FRA.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe @+ merci d'vance
-
voila le rapport Logfile of HijackThis v1.99.1 Scan saved at 13:23:25, on 25/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\service32.exe C:\WINDOWS\snet32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Documents and Settings\mariano\Application Data\Microsoft\Windows\gstfbue.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\mIRC\mirc.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Documents and Settings\mariano\Bureau\djbot\mirc.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\mariano\LOCALS~1\Temp\Rar$EX00.343\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {a6ec7b6a-5bdf-4e82-8ae9-732eb3e030bb} - C:\WINDOWS\system32\c_9FRA.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\tmp27.tmp.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar O4 - HKLM\..\Run: [DNSE] "C:\Program Files\Fichiers communs\SystemDoctor\DNSE.exe" -c O4 - HKLM\..\Run: [DC6V_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrdc.exe" O4 - HKLM\..\Run: [MDRV_Check] "C:\Program Files\Fichiers communs\SystemDoctor\usdrmdr.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu2000373.exe 61A847B5BBF72810329B385575FA01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310 O4 - HKLM\..\Run: [salestart] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\mav_startupmon.exe" O4 - HKLM\..\Run: [systemOptimizer] rundll32.exe "C:\WINDOWS\vtrqpn.dll",forkonce O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ReJf5vH] C:\Documents and Settings\mariano\Application Data\Microsoft\Windows\gstfbue.exe O4 - HKCU\..\Run: [uwa7pcw] "C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007\uwa7pcw.exe" -c O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [surfAccuracy] C:\Documents and Settings\mariano\Application Data\SurfAccuracy\SAcc.exe O4 - HKCU\..\Run: [supervisor.exe] C:\WINDOWS\supervisor.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/323/webolr/OCX/FlashAX.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F38EB86C-2C0A-4041-A474-C62D5A175F22}: NameServer = 217.175.160.11 217.175.160.12 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: c:\windows\system32\awvvsqn.dll O20 - Winlogon Notify: c_9FRA - c_9FRA.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: Version3 - {856F2F0A-265C-4E5E-B33C-6D04C51492ED} - direct3dx.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe merci de m'aider,
-
bonjour,voila j'ai un virus qui a infecter mon msn ,je n'arriver pas a le supprimer (anti-virus avast) quelqu'un pourrait-il m'aider .... merci,
-
bonjour , voila mon probleme c est quand j'essaie d'ouvrire certaines fenetre de mon panneau de configuration j'ai ce messae d'erreur : Une erreur s'est produite lorsque Windows travaillait sur le fichier C:\WINDOWS\system32\wuaucpl.cpl du panneau de configuration merci,a plus