Aller au contenu

mldp

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    18

  • Inscription

  • Dernière visite

Tout ce qui a été posté par mldp

  1. mldp

    explorer. exe

    mldp a répondu à un(e) sujet de mldp dans Software

    bonsoir, j ai desintalle mon pack code, et reinstalle un nouveau pack (k-lite codec pack full)je ne sais pas si il est valable , mais je n ai plus mon probleme. merci a pear et a falkra pour vos reponce.
  2. mldp

    explorer. exe

    mldp a répondu à un(e) sujet de mldp dans Software

    merci pear pour ta reponce ,mais je n est pas que des ficher avi , j ai aussi des ficher vlc et dvd
  3. mldp

    explorer. exe

    mldp a posté un sujet dans Software

    bonjours a tous, voila mon probleme ,quand je vais dans un de mais ficher ou je sauvegarde des dessin anime , j ai un message qui apparre explorer. exe a rencontre un probleme et doit ferme et quand je clique sur plus de detail j ai appname;explorer.exe appver:6.0.2900.2180 modname:xvid.dll modver:0.0.0.0 offset:0004fd96 error killer merci d avance pour vos reponce
  4. mldp
    oui ,je n ai plus le message defensenetsurfage qui se mais a la place de mon bureau, encore un grand merci a toi angelique pour ce cout de main et le temps que tu a passer pour m aidee , encore merci .
  5. mldp
    boujours, voici rapport avg as et hijac VG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 20:55:22 1/11/2007 + Résultat de l'analyse: C:\System Volume Information\_restore{A8A602C8-2DE2-4009-8D73-BFF839CE0340}\RP173\A0031081.dll -> Adware.Balloon : Ignoré. C:\System Volume Information\_restore{A8A602C8-2DE2-4009-8D73-BFF839CE0340}\RP173\A0031082.dll -> Adware.Balloon : Ignoré. E:\System Volume Information\_restore{A8A602C8-2DE2-4009-8D73-BFF839CE0340}\RP173\A0031083.EXE -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignoré. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 10:31:55, on 3/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\S3trayp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\WINDOWS\vVX1000.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Microsoft LifeCam\MSCamSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {60DF4425-F36F-42D7-AECF-A409EBE4558C} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SimonTools - {CC48EB38-F950-48C0-9F22-D64F829AE3DF} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [CyberGhost2006] "f:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe" min O4 - HKCU\..\Run: [uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  6. mldp
    encore une question, peux ton mettre ensemble antivir et avg anti-spyware sans qu il n y est un conflit entre les 2, merci d avance pour la reponce.
  7. mldp
    bonjours, voici les 2 rapports , j ai oublie de supprimer vundofix avant de faire le scan escuse AntiVir PersonalEdition Classic Report file date: jeudi 1 novembre 2007 08:09 Scanning for 911601 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: ceran Computer name: CERAN-4U5280N43 Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55 ANTIVIR2.VDF : 7.0.0.140 940544 Bytes 26/10/2007 18:11:07 ANTIVIR3.VDF : 7.0.0.160 106496 Bytes 31/10/2007 18:11:14 AVEWIN32.DLL : 7.6.0.30 3056128 Bytes 30/10/2007 18:11:07 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.3.0.15 360488 Bytes 3/08/2007 08:46:00 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 8/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 7/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Manual Selection Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: F:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: jeudi 1 novembre 2007 08:09 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'hpgs2wnf.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'guard.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 13 processes with 13 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'E:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '29' files ). Starting the file scan: Begin scan in 'C:\' C:\Documents and Settings\All Users\Application Data\yjadaxoh.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] The file was moved to '478a7c3d.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT185.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d1c.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT199.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d24.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT1AC.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d2a.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT1B8.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d31.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT1C5.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d35.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT1F7.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d3a.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT203.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d3c.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT20F.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d3f.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT21B.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d41.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT232.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d43.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT253.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d45.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT25F.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d47.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT26C.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d4b.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT279.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d4f.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT285.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d51.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT29C.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d53.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT2A8.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d55.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT2B5.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d57.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT2C1.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d59.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT2D3.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d5b.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT2E1.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d5e.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT2F2.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d61.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT314.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d63.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT323.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d65.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT336.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d67.qua'! C:\Documents and Settings\ceran\Local Settings\Temp\BIT347.tmp [0] Archive type: ZIP --> install-privacy-danger.bat [DETECTION] Contains detection pattern of the batch virus BAT/Fake.Privdanger [iNFO] The file was moved to '477d7d6a.qua'! C:\Program Files\Hijackthis Version Française\backups\backup-20071028-163129-375.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] The file was moved to '478c8412.qua'! C:\_OTMoveIt\MovedFiles\Program Files\xwzstpqi\vpxqqstz.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] The file was moved to '47a18b52.qua'! Begin scan in 'D:\' <HDD> D:\My Shared Folder\download10960307438032640.dat [0] Archive type: ACE SFX (self extracting) --> Game\Avi\intro.avi [WARNING] Error creating the file --> Game\Avi\logo1.avi [WARNING] No further files can be extracted from this archive. The archive will be closed [WARNING] No further files can be extracted from this archive. The archive will be closed Begin scan in 'E:\' <anime > E:\orkas\I386\WININD\Audio.exe [DETECTION] Is the Trojan horse TR/Spy.Agent.GJ.10 [iNFO] The file was moved to '478da3d7.qua'! Begin scan in 'F:\' <F> F:\pagefile.sys [WARNING] The file could not be opened! F:\eMule\Incoming\Integral Tino Rossi 223 Mp3 Avec Chanson De Noel Exclusiviter De Cityhunter Lyon.ace [0] Archive type: ACE --> tino rossi - Besame Mucho (franais).mp3 [WARNING] Error creating the file --> tino rossi - O Signore cosa che.mp3 [WARNING] No further files can be extracted from this archive. The archive will be closed [WARNING] No further files can be extracted from this archive. The archive will be closed F:\Program Files\Smart PC Solutions\Smart PC Professional\SmartPCBoost.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was moved to '478aa953.qua'! F:\programme\zip\CopyToDVD[1].3.0.66.127_CRK-FFF.zip [0] Archive type: ZIP --> Crack.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] The file was moved to '4799aa29.qua'! End of the scan: jeudi 1 novembre 2007 11:29 Used time: 3:19:45 min The scan has been done completely. 9453 Scanning directories 608017 Files were scanned 30 viruses and/or unwanted programs were found 2 Files were classified as suspicious: 0 files were deleted 0 files were repaired 32 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 607987 Files not concerned 5998 Archives were scanned 7 Warnings 473 Notes Logfile of HijackThis v1.99.1 Scan saved at 11:33:28, on 1/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {60DF4425-F36F-42D7-AECF-A409EBE4558C} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing) O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (file missing) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SimonTools - {CC48EB38-F950-48C0-9F22-D64F829AE3DF} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [CyberGhost2006] "f:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe" min O4 - HKCU\..\Run: [uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe voila et bonne journee
  8. mldp
    je fais l analyse anti virus , avec antivir en ce moment postere les rapport des que fini
  9. mldp
    voici le rapport otmoveit C:\Program Files\AskTBar\SrchAstt moved successfully. C:\Program Files\AskTBar\bar moved successfully. C:\Program Files\AskTBar moved successfully. C:\Program Files\xwzstpqi moved successfully. File/Folder C:\WINDOWS\ntspkfxt.dll not found. File/Folder C:\WINDOWS\htunistock.dll not found. Created on 10/30/2007 18:53:03
  10. mldp
    bonjours , voila le rapport vundofix VundoFix V6.5.11 Checking Java version... Java version is 1.5.0.11 Scan started at 16:26:40 28/10/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.11 Checking Java version... Java version is 1.5.0.11 Scan started at 16:31:56 28/10/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.11 Checking Java version... Java version is 1.5.0.11 Scan started at 18:40:47 30/10/2007 Listing files found while scanning.... No infected files were found. Beginning removal... VundoFix V6.5.11 Checking Java version... Java version is 1.5.0.11 Scan started at 18:42:58 30/10/2007 Listing files found while scanning.... No infected files were found. desintalle smitfraudix et sdfix , plus rapport
  11. mldp
    merci a toi angelique , j ai retrouver mon bureau et le message de defensenetsurfage a disparu encore un grand merci
  12. mldp
    et voici le report txt desmitfraudfix en mode sans echec SmitFraudFix v2.242 Rapport fait à 17:33:52,20, dim. 28/10/2007 Executé à partir de C:\Documents and Settings\ceran\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{CBED38BD-9A28-4FCE-BE70-92FAB41167EF}: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CBED38BD-9A28-4FCE-BE70-92FAB41167EF}: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{CBED38BD-9A28-4FCE-BE70-92FAB41167EF}: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=172.19.3.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
  13. mldp
    escuse jai oublier de mettre le reporttxt SDFix: Version 1.112 Run by ceran on dim. 28/10/2007 at 17:17 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\Program Files\VideoAccessCodec\install.ico - Deleted C:\Program Files\VideoAccessCodec\Uninstall.exe - Deleted C:\Program Files\VideoAccessCodec\VideoAccessCodec.ocx - Deleted C:\WINDOWS\dat.txt - Deleted C:\WINDOWS\hostctrl.dll - Deleted C:\WINDOWS\htunistock.dll - Deleted C:\WINDOWS\msmhost.dll - Deleted C:\WINDOWS\nmcuninstall.exe - Deleted C:\WINDOWS\rs.txt - Deleted C:\WINDOWS\search_res.txt - Deleted Folder C:\Program Files\VideoAccessCodec - Removed Removing Temp Files... ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe" "C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe" "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe:*:Enabled:LifeExp.exe" "F:\\Program Files\\Azureus\\Azureus.exe"="F:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "F:\\Program Files\\U.S. Robotics\\iBand\\menu.jpg"="F:\\Program Files\\U.S. Robotics\\iBand\\menu.jpg:*:Enabled:menu" "D:\\Program Files\\Shareaza\\Shareaza.exe"="D:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing" "C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Disabled:Nero ShowTime" "F:\\eMule\\emule.exe"="F:\\eMule\\emule.exe:*:Enabled:eMule" "F:\\eMule\\LinkCreator.exe"="F:\\eMule\\LinkCreator.exe:*:Enabled:LinkCreator" "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player" "F:\\Program Files\\Micro Application\\Internet Anonyme 2\\CGhost.exe"="F:\\Program Files\\Micro Application\\Internet Anonyme 2\\CGhost.exe:*:Enabled:CGhost" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files: --------------- File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes: Wed 15 Aug 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Sat 10 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Sun 28 Oct 2007 0 A..H. --- "C:\Documents and Settings\ceran\Local Settings\Temp\BIT151.tmp" Sat 20 Oct 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5c703fe0947475848e966b61999878d1\BIT1.tmp" Finished! eport txt
  14. mldp
    voici le report.txt de sdfix en mode sans echec
  15. mldp
    voila angeligue ,fait un scan avec Vundofix ,il ne ma pas donner de raport et ne ma pas demander de redemarrer le pc ,fait un scan avec smitfraudfix voici le raport. SmitFraudFix v2.242 Rapport fait à 16:37:50,35, dim. 28/10/2007 Executé à partir de C:\Documents and Settings\ceran\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\S3trayp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\vVX1000.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Microsoft LifeCam\MSCamSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\hostctrl.dll PRESENT ! C:\WINDOWS\msmhost.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ceran »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ceran\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ceran\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\VideoAccessCodec\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="file:///C:\\WINDOWS\\privacy_danger\\index.htm" "SubscribedURL"="" "FriendlyName"="Privacy Protection" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Carte Fast Ethernet compatible VIA - Miniport d'ordonnancement de paquets DNS Server Search Order: 172.19.3.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{CBED38BD-9A28-4FCE-BE70-92FAB41167EF}: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CBED38BD-9A28-4FCE-BE70-92FAB41167EF}: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{CBED38BD-9A28-4FCE-BE70-92FAB41167EF}: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=172.19.3.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=172.19.3.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin maintenant je vais faire sdfix
  16. mldp
    bvoila j ai fait un scan avec avg anti spyware estune logfile voici le resultat Logfile of HijackThis v1.99.1 Scan saved at 16:40:55, on 26/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\S3trayp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\vVX1000.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Microsoft LifeCam\MSCamSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\explorer.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {1FE2178B-B7FA-065E-C1F8-006493B42485} - C:\Program Files\xwzstpqi\vpxqqstz.dll O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkfxt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {60DF4425-F36F-42D7-AECF-A409EBE4558C} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SimonTools - {CC48EB38-F950-48C0-9F22-D64F829AE3DF} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O3 - Toolbar: The htunistock - {C58A4487-4C2E-45E4-9E3A-52B3A23CC396} - C:\WINDOWS\htunistock.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [CyberGhost2006] "f:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe" min O4 - HKCU\..\Run: [uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: hostctrl - {BCF402B7-8596-4C46-B37E-D2E2756BE620} - C:\WINDOWS\hostctrl.dll O21 - SSODL: hstsys - {032A1CBA-2FAA-4184-9164-5ED4216F7768} - C:\WINDOWS\hstsys.dll (file missing) O21 - SSODL: msmhost - {29739291-FB13-4C1C-A7B0-DF2F5A50951E} - C:\WINDOWS\msmhost.dll O21 - SSODL: msmdev - {895E2E27-E1AE-4385-9344-F75FC88215B0} - C:\WINDOWS\msmdev.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  17. mldp
    merci pour vos reponce aussi rapide, je vais essai cela est je vous tient au courant
  18. mldp
    bonjours a tous, j ai un virus est ne ses pas comment faire pour l eliminer , je mais le logfile, en vous remerciant d avance pour votre reponce . dLogfile of HijackThis v1.99.1 Scan saved at 19:30:17, on 23/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\S3trayp.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\vVX1000.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\MSI\Live Update 3\LMonitor.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Microsoft LifeCam\MSCamSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE C:\WINDOWS\explorer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {1FE2178B-B7FA-065E-C1F8-006493B42485} - C:\Program Files\xwzstpqi\vpxqqstz.dll O2 - BHO: MSVPS System - {480598DD-AE28-48B7-82F7-6ADDA1AA6B66} - C:\WINDOWS\ntspkfxt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {60DF4425-F36F-42D7-AECF-A409EBE4558C} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SimonTools - {CC48EB38-F950-48C0-9F22-D64F829AE3DF} - f:\PROGRA~1\MICROA~1\INTERN~1\tbcghost.dll O3 - Toolbar: The htunistock - {C58A4487-4C2E-45E4-9E3A-52B3A23CC396} - C:\WINDOWS\htunistock.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [s3Trayp] S3trayp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart O4 - HKCU\..\Run: [CyberGhost2006] "f:\Program Files\Micro Application\Internet Anonyme 2\CGhost.exe" min O4 - HKCU\..\Run: [uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: hostctrl - {BCF402B7-8596-4C46-B37E-D2E2756BE620} - C:\WINDOWS\hostctrl.dll O21 - SSODL: hstsys - {032A1CBA-2FAA-4184-9164-5ED4216F7768} - C:\WINDOWS\hstsys.dll (file missing) O21 - SSODL: msmhost - {9CEA5901-78F1-4C7F-9AE5-7CA19277986B} - C:\WINDOWS\msmhost.dll O21 - SSODL: msmdev - {937FE93D-FF8F-4741-AFCB-E03D35C78596} - C:\WINDOWS\msmdev.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
×
×
  • Créer...