frenchy371
-
Compteur de contenus
6 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par frenchy371
-
analyse rapport hyjackthis
frenchy371 a répondu à un(e) sujet de frenchy371 dans Analyses et éradication malwares
ok chef je m'en occupes A+ -
analyse rapport hyjackthis
frenchy371 a répondu à un(e) sujet de frenchy371 dans Analyses et éradication malwares
Merci à angélique de me consacrer un peu de temps as tu une idée ? -
analyse rapport hyjackthis
frenchy371 a répondu à un(e) sujet de frenchy371 dans Analyses et éradication malwares
J'en déduis que AntiVir a détecté qq chose que Avast n'a pas détecté. Mais est ce que antivir aurait bloqué ce virus avant qu'il s'installe? Je vais donc songer à changer d'antivirus En attendant, comment supprimer ce virus ? Merci -
analyse rapport hyjackthis
frenchy371 a répondu à un(e) sujet de frenchy371 dans Analyses et éradication malwares
Merci de votre réponse voici le rapport de http://www.virustotal.com/flash/index_en.html Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.2.18.0 2008.02.18 - AntiVir 7.6.0.67 2008.02.18 TR/Vundo.Gen Authentium 4.93.8 2008.02.17 - Avast 4.7.1098.0 2008.02.18 - AVG 7.5.0.516 2008.02.18 Lop BitDefender 7.2 2008.02.18 - CAT-QuickHeal 9.50 2008.02.16 - ClamAV 0.92.1 2008.02.18 - DrWeb 4.44.0.09170 2008.02.18 - eSafe 7.0.15.0 2008.02.17 - eTrust-Vet 31.3.5546 2008.02.18 - Ewido 4.0 2008.02.18 - FileAdvisor 1 2008.02.18 - Fortinet 3.14.0.0 2008.02.18 - F-Prot 4.4.2.54 2008.02.17 W32/Virtumonde.G.gen!Eldorado F-Secure 6.70.13260.0 2008.02.18 - Ikarus T3.1.1.20 2008.02.18 - Kaspersky 7.0.0.125 2008.02.18 - McAfee 5231 2008.02.15 - Microsoft 1.3204 2008.02.18 Trojan:Win32/Vundo.gen!A NOD32v2 2882 2008.02.18 - Norman 5.80.02 2008.02.15 - Panda 9.0.0.4 2008.02.17 - Prevx1 V2 2008.02.18 Trojan.Vundo Rising 20.32.02.00 2008.02.18 - Sophos 4.26.0 2008.02.18 - Sunbelt 3.0.884.0 2008.02.18 - Symantec 10 2008.02.18 - TheHacker 6.2.9.222 2008.02.16 - VBA32 3.12.6.1 2008.02.17 - VirusBuster 4.3.26:9 2008.02.17 - Webwasher-Gateway 6.6.2 2008.02.18 Trojan.Vundo.Gen Information additionnelle File size: 87616 bytes MD5: 59c3980d39c694eff19663e015a1b943 SHA1: 3cdd298a110ea0ebb83bd5e983aca984053e2e2a PEiD: - Prevx info: http://info.prevx.com/aboutprogramtext.asp...8DB0100F39878A0 et voici celui de http://virusscan.jotti.org/ Scan taken on 18 Feb 2008 13:47:23 (GMT) A-Squared Found nothing AntiVir Found TR/Vundo.Gen ArcaVir Found nothing Avast Found nothing AVG Antivirus Found Lop BitDefender Found nothing ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Fortinet Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Rising Antivirus Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing -
analyse rapport hyjackthis
frenchy371 a répondu à un(e) sujet de frenchy371 dans Analyses et éradication malwares
Bonjour J'ai lu votre procédure de nettoyage mais je n'ai pas désinstallé avast car j'en suis satisfait Pourriez vous regarder mon rapport svp sans changement d'anti virus ? Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:57:15, on 18/02/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\EasyPHP\Apache\apache.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\DWRCS.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft SQL Server\MSSQL$LAMSQL\Binn\sqlservr.exe C:\PROGRA~1\EasyPHP\Apache\apache.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\EasyPHP\mysql\bin\mysqld-nt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Timbuktu Pro\tb2launch.exe C:\Program Files\Timbuktu Pro\tb2pro.exe C:\WINDOWS\NetopiaRC\Tb2RCAssist.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Timbuktu Pro\TNOTIFY.EXE C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\apps\ABoard\ABoard.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\rmctrl.exe C:\WINDOWS\System32\taskswitch.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe C:\Program Files\ATI Multimedia\MAIN\ATISched.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\WgaTray.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\msdtc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HiJackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LoginPath] C:\Program Files\Timbuktu Pro\login.exe O4 - HKLM\..\Run: [Tb2initPath] C:\Program Files\Timbuktu Pro\tb2init.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [reg_nuvision_ax] C:\WINDOWS\System32\Regsvr32 /s NUVision.ax O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [8077f38d] rundll32.exe "C:\WINDOWS\System32\wfulpdcu.dll",b O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\MAIN\ATISched.EXE O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\Arnaud\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab O16 - DPF: {6E49B4EF-9FE5-44DF-8D04-445AA94F83DB} (Sony Network Camera Viewer Control) - http://193.251.20.163/program/SonyNetworkCameraViewer.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://wanadoofr.oberon-media.com/online2/...mjolauncher.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file://C:\Documents and Settings\Arnaud\Local Settings\Application Data\Oberon Media\Oberon Games Host\ddfotg.1.0.0.37.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - http://jeuxenligne.orange.fr/orange2.0/Onl...rium/Popcap.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://jeuxenligne.orange.fr/GameShell/onl...aploader_v6.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.photoreflex.com/tools/xupload/XUpload.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{A8CB88EF-AA5B-4A6E-AA9A-06C6D1A110CF}: NameServer = 213.36.80.1 O23 - Service: Apache - Unknown owner - C:\PROGRA~1\EasyPHP\Apache\apache.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development - C:\WINDOWS\system32\DWRCS.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MySql - Unknown owner - C:\Program.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Timbuktu Launch (Tb2Launch) - Netopia, Inc. - C:\Program Files\Timbuktu Pro\tb2launch.exe O23 - Service: Timbuktu Remote Control Assistant (Tb2RCAssist) - Netopia, Inc. - C:\WINDOWS\NetopiaRC\Tb2RCAssist.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) -- End of file - 11757 bytes -
Bonjour J'ai été infecté par un virus qui ouvre des fenêtres lorsque j'essai de me connecter sur une page internet. Ces fenêtres me propose d'installer des anti virus ou des anti spywares en disant que mon pc est infecté. Est ce que quelqu'un peut analyser mon rapport hyjackthis s'il vous plait Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:33, on 18/02/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\EasyPHP\Apache\apache.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\DWRCS.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Microsoft SQL Server\MSSQL$LAMSQL\Binn\sqlservr.exe C:\PROGRA~1\EasyPHP\Apache\apache.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\EasyPHP\mysql\bin\mysqld-nt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Timbuktu Pro\tb2launch.exe C:\Program Files\Timbuktu Pro\tb2pro.exe C:\WINDOWS\NetopiaRC\Tb2RCAssist.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Timbuktu Pro\TNOTIFY.EXE C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\apps\ABoard\ABoard.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\apps\ABoard\AOSD.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\rmctrl.exe C:\WINDOWS\System32\taskswitch.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe C:\Program Files\ATI Multimedia\MAIN\ATISched.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\WgaTray.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Omnis Software Inc\OS31\OS31\omnis.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\System32\HPZipm12.exe C:\HiJackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [LoginPath] C:\Program Files\Timbuktu Pro\login.exe O4 - HKLM\..\Run: [Tb2initPath] C:\Program Files\Timbuktu Pro\tb2init.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [reg_nuvision_ax] C:\WINDOWS\System32\Regsvr32 /s NUVision.ax O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [8077f38d] rundll32.exe "C:\WINDOWS\System32\wfulpdcu.dll",b O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\MAIN\ATISched.EXE O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file://C:\Documents and Settings\Arnaud\Local Settings\Application Data\Oberon Media\Oberon Games Host\DinerDash2_fr.1.0.0.70.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab O16 - DPF: {6E49B4EF-9FE5-44DF-8D04-445AA94F83DB} (Sony Network Camera Viewer Control) - http://193.251.20.163/program/SonyNetworkCameraViewer.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://wanadoofr.oberon-media.com/online2/...mjolauncher.cab O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - file://C:\Documents and Settings\Arnaud\Local Settings\Application Data\Oberon Media\Oberon Games Host\ddfotg.1.0.0.37.cab O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} - http://jeuxenligne.orange.fr/orange2.0/Onl...rium/Popcap.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://jeuxenligne.orange.fr/GameShell/onl...aploader_v6.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.photoreflex.com/tools/xupload/XUpload.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{A8CB88EF-AA5B-4A6E-AA9A-06C6D1A110CF}: NameServer = 213.36.80.1 O23 - Service: Apache - Unknown owner - C:\PROGRA~1\EasyPHP\Apache\apache.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development - C:\WINDOWS\system32\DWRCS.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MySql - Unknown owner - C:\Program.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Timbuktu Launch (Tb2Launch) - Netopia, Inc. - C:\Program Files\Timbuktu Pro\tb2launch.exe O23 - Service: Timbuktu Remote Control Assistant (Tb2RCAssist) - Netopia, Inc. - C:\WINDOWS\NetopiaRC\Tb2RCAssist.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing) -- End of file - 11753 bytes