Aller au contenu

footdada07

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    5

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par footdada07

  1. footdada07
    Re, Non je n'ai pas eu d'alerte Bagle.Je te rassure pour mon bureau il est revenu lorsque tu m'as fait installer et executer malwarebytes et c'est à la suite de ceci que je n'avais plus non plus l'écran bleu et le programme antivirusxp2008.Je joint donc le rapport suite à la ré-execution de Tooblar. -----------\\ ToolBar S&D 1.0.9 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : BRUNO ] [ "C:\Toolbar SD" ] [ Selection : 2 ] [ 14/08/2008 | 21:27:02,17 ] [ PC : CHOUCHOU ] [ MAJ : 13-08-2008 | 14:08 ] -----------\\ SUPPRESSION Supprime! - C:\Program Files\Crawler\Download Echec ! - C:\Program Files\Crawler\Toolbar Supprime! - C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Barre d'outils Crawler Supprime! - C:\Program Files\KaZaA\BGP2P Supprime! - C:\Program Files\KaZaA\Db Supprime! - C:\Program Files\KaZaA\My Shared Folder Supprime! - C:\DOCUME~1\BRUNO\Cookies\bruno@myway[2].txt Supprime! - C:\WINDOWS\smdat32m.sys Supprime! - C:\WINDOWS\Fonts\acrsec.fon Supprime! - C:\Program Files\Crawler Supprime! - C:\Program Files\KaZaA -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.neufportail.fr/" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update" --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\fOYJQqru.ini C:\WINDOWS\system32\fOYJQqru.ini2 ==> VUNDO <== C:\WINDOWS\M ==> BAGLE <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\BRUNO\Bureau\Intervideo.DVD.Copy.2.x.keygen.exe C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\- TomTom Navigator 6 - PDA_Phone_Palm - Keygen (TT6_kg_4_C4Pda) - Kit by TT6.rar C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\Nav 6_Fix_keygen-put your map midi file in this folder C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\Nav 6_Fix_keygen-put your map midi file in this folder\readme.txt C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\Nav 6_Fix_keygen-put your map midi file in this folder\TT6_kg_4_C4Pda.exe -----------\\ Fin du rapport a 21:33:01,92
  2. footdada07
    Me revoilà, J'ai installé doncTooblar et voici don le rapport que je te joint, Merci encore de ton aide.Mon pac commence déjà à aller mieux, j'ai de nouveau accés à mon bureau. Voici le rapport généré. -----------\\ ToolBar S&D 1.0.9 XP/Vista [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ] [ USER : BRUNO ] [ "C:\Toolbar SD" ] [ Selection : 1 ] [ 14/08/2008 | 20:49:39,70 ] [ PC : CHOUCHOU ] [ MAJ : 13-08-2008 | 14:08 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\Crawler C:\Program Files\Crawler\Download C:\Program Files\Crawler\Toolbar C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Barre d'outils Crawler C:\Program Files\KaZaA C:\Program Files\KaZaA\BGP2P C:\Program Files\KaZaA\Db C:\Program Files\KaZaA\My Shared Folder C:\DOCUME~1\BRUNO\Cookies\bruno@myway[2].txt C:\WINDOWS\smdat32m.sys C:\WINDOWS\Fonts\acrsec.fon -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.neufportail.fr/" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Search Page"="http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"'>http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Update_Check_Page"="http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update" --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\fOYJQqru.ini C:\WINDOWS\system32\fOYJQqru.ini2 ==> VUNDO <== C:\WINDOWS\M ==> BAGLE <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\BRUNO\Bureau\Intervideo.DVD.Copy.2.x.keygen.exe C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\- TomTom Navigator 6 - PDA_Phone_Palm - Keygen (TT6_kg_4_C4Pda) - Kit by TT6.rar C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\Nav 6_Fix_keygen-put your map midi file in this folder C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\Nav 6_Fix_keygen-put your map midi file in this folder\readme.txt C:\DOCUME~1\BRUNO\Mes documents\Ma musique\Divers\Bruno\Nav 6_Fix_keygen-put your map midi file in this folder\TT6_kg_4_C4Pda.exe -----------\\ Fin du rapport a 20:55:24,01
  3. footdada07
    Rebonjour, Voici le nouveau rapport de hijaskthis.Mon Pc semble refonctionner de nouveau.Un grand merci a toi et si tu passes dans la région de Saint Montan en Ardeche, y'aura pas de souci pour que je ta paie un gros apéro. Merci encore.Quel conseilles me donnerais tu pour nettoyer complet mon PC des fichiers qui ne servent à rien et quel programme dois je laisser pour ne plus être planté. Ci-joint le rapport. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:47:10, on 14/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ahead\NEROTO~1\DRIVES~1.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe C:\Program Files\Extrafilm FotoFacil\Agent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\OFFICE ONE6.0\OFFICE One PDF Manager v6\OoPDFSettingsv6.exe C:\Program Files\OFFICE ONE6.0\OFFICE One Notes v6\OFFICEOneNotesv6.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe C:\WINDOWS\DvzCommon\DvzMsgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Philips ToUcam Camera\GameCam SE\Program\RFTray.exe C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe C:\Program Files\palmOne\HOTSYNC.EXE C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe C:\Program Files\OFFICE One6.0\program\soffice.exe C:\Documents and Settings\BRUNO\program\soffice.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\Documents and Settings\BRUNO\Bureau\HiJackThis(2).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {EAD6FD77-B350-415B-BE02-14E91769CD2A} - C:\WINDOWS\system32\urqQJYOf.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\ahead\NEROTO~1\DRIVES~1.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Extrafilm FotoFacil\Agent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [oov6multiuser.exe] C:\Program Files\OFFICE One6.0\program\oov6multiuser.exe O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE ONE6.0\OFFICE One PDF Manager v6\OoPDFSettingsv6.exe O4 - HKLM\..\Run: [OFFICEOneNotesv6.exe] C:\Program Files\OFFICE ONE6.0\OFFICE One Notes v6\OFFICEOneNotesv6.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Startup: OFFICE One 6.0.lnk = C:\Program Files\OFFICE One6.0\program\quickstart.exe O4 - Startup: OpenOffice.org 1.0.lnk = C:\Documents and Settings\BRUNO\program\quickstart.exe O4 - Global Startup: Logiciel de la Souris Labtec 2.0.lnk = C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Reality Fusion GameCam SE.lnk = ? O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://11731.kit.carpediem.fr/VideosStarsX.exe O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://3suisses.eurographics.fr/Components...geUploader3.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/import/ImageUploader3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.colorclub.fr/Components/Persits...are/XUpload.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{7A68BE8D-93AF-4951-B571-33414CA4CEF2}: NameServer = 84.103.237.140 O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 12971 bytes
  4. footdada07
    bONJOUR J'ai installé comme tu me l'as dis le programme et je t'envoie le rapport.J'espère que ça va marcher.Merci de ton aide. Malwarebytes' Anti-Malware 1.24 Version de la base de données: 1052 Windows 5.1.2600 Service Pack 2 16:53:27 14/08/2008 mbam-log-8-14-2008 (16-53-27).txt Type de recherche: Examen complet (A:\|C:\|D:\|E:\|) Eléments examinés: 144291 Temps écoulé: 2 hour(s), 18 minute(s), 5 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 2 Clé(s) du Registre infectée(s): 11 Valeur(s) du Registre infectée(s): 5 Elément(s) de données du Registre infecté(s): 4 Dossier(s) infecté(s): 12 Fichier(s) infecté(s): 28 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\khfDtSih.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\winexz32.dll (Trojan.Agent) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf65e31e-ce79-48a0-ba8a-56f016fc0c7a} (Trojan.Vundo) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{bf65e31e-ce79-48a0-ba8a-56f016fc0c7a} (Trojan.Vundo) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winexz32 (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{fffb03ad-a461-4b99-9a23-d3b127d7c995} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{486e48b5-abf2-42bb-a327-2679df3fb822} (Adware.EGDAccess) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{f72bc3f0-6c20-4793-9dda-258589d8a907} (Adware.EGDAccess) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc106j0e5br (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\rhc106j0e5br (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lphc506j0e5br (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\khfdtsih -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\khfdtsih -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\rhc106j0e5br (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\rhc106j0e5br\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\khfDtSih.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\hiStDfhk.ini (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hiStDfhk.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\winexz32.dll (Trojan.Agent) -> Delete on reboot. C:\Documents and Settings\BRUNO\Local Settings\Temporary Internet Files\Content.IE5\TQ8RC5BQ\ico[1] (Trojan.Vundo) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{7624FFE7-80BC-4AC9-B4C3-BFD9AD1BEDC4}\RP1428\A0342985.dll (Trojan.Vundo) -> Delete on reboot. C:\System Volume Information\_restore{7624FFE7-80BC-4AC9-B4C3-BFD9AD1BEDC4}\RP1428\A0344097.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\awtutsqO.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\mlJCUKbb.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\tuvWpQIY.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\trz115.tmp (Trojan.Vundo) -> Delete on reboot. C:\Program Files\rhc106j0e5br\MFC71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc106j0e5br\msvcp71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc106j0e5br\msvcr71.dll (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc106j0e5br\trz123.tmp (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Program Files\rhc106j0e5br\Uninstall.exe (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Bureau\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\CmdLineExt02.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\BRUNO\Local Settings\Temp\bnb7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lphc506j0e5br.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\phc506j0e5br.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pphc506j0e5br.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\Downloaded Program Files\EGCOMSERVICE_pack.inf (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\Downloaded Program Files\netslv32.inf (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\system32\mseggrpid.dll (Adware.EGDAccess) -> Quarantined and deleted successfully.
  5. footdada07
    Bonjour, çà fait deux jour que par malencontreusement j(ai installé Antivirusxp2008, j'ai installé comme dis dans le forum Hijackthis mais que faire après sachant que j'ai un écran bleu, qu'aucune de mes icones du bureau n'apparaissent.Je suis obligé de passer par le gestionnaire de taches pour lancer un programme. SVP aidez moi merci. Ci joint le rapport issu de de Hijackthis.Encore Merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:42:47, on 14/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\taskmgr.exe C:\PROGRA~1\Mozilla Firefox\firefox.exe C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Documents and Settings\BRUNO\Bureau\HiJackThis(2).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {D4C7808B-5627-4DDA-B5A3-42D3C70108D5} - C:\WINDOWS\system32\khfDtSih.dll O2 - BHO: (no name) - {EAD6FD77-B350-415B-BE02-14E91769CD2A} - C:\WINDOWS\system32\urqQJYOf.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\ahead\NEROTO~1\DRIVES~1.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ADS TVR Agent] C:\Program Files\ADS Tech\INSTANT TV PVR\Scheduled.exe O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\Extrafilm FotoFacil\Agent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [lphc506j0e5br] C:\WINDOWS\system32\lphc506j0e5br.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [oov6multiuser.exe] C:\Program Files\OFFICE One6.0\program\oov6multiuser.exe O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE ONE6.0\OFFICE One PDF Manager v6\OoPDFSettingsv6.exe O4 - HKLM\..\Run: [OFFICEOneNotesv6.exe] C:\Program Files\OFFICE ONE6.0\OFFICE One Notes v6\OFFICEOneNotesv6.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE O4 - Startup: Nikon Monitor.lnk = C:\Program Files\Fichiers communs\Nikon\Monitor\NkMonitor.exe O4 - Startup: OFFICE One 6.0.lnk = C:\Program Files\OFFICE One6.0\program\quickstart.exe O4 - Startup: OpenOffice.org 1.0.lnk = C:\Documents and Settings\BRUNO\program\quickstart.exe O4 - Global Startup: Logiciel de la Souris Labtec 2.0.lnk = C:\Program Files\Labtec\Wireless Mouse\MulMouse.exe O4 - Global Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Reality Fusion GameCam SE.lnk = ? O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\ADS Tech\Instant TV Remote\ADSRMT.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} - http://akamai.downloadv3.com/binaries/IA/ia_XP.cab O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploader.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader4.cab O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://express.foto.com/activeX/newUploadFotoCom.CAB O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://11731.kit.carpediem.fr/VideosStarsX.exe O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://3suisses.eurographics.fr/Components...geUploader3.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/import/ImageUploader3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.colorclub.fr/Components/Persits...are/XUpload.ocx O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_FR_XP.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7A68BE8D-93AF-4951-B571-33414CA4CEF2}: NameServer = 84.103.237.140 O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - Winlogon Notify: winexz32 - C:\WINDOWS\SYSTEM32\winexz32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 11811 bytes
×
×
  • Créer...